问题
I have a WPF client using RestSharp and WEB API Service. I try to use HttpBasicAuthenticator as follows:
RestRequest login = new RestRequest("/api/users/login", Method.POST);
var authenticator = new HttpBasicAuthenticator("admin","22");
authenticator.Authenticate(Client, login);
IRestResponse response = Client.Execute(login);
The POST request looks like this:
POST http://localhost/api/users/login HTTP/1.1
Authorization: Basic YWRtaW46MjI=
Accept: application/json, application/xml, text/json, text/x-json, text/javascript, text/xml
User-Agent: RestSharp/105.1.0.0
Host: dellnote:810
Content-Length: 0
Accept-Encoding: gzip, deflate
Connection: Keep-Alive
- How do I process this field,
Authorization: Basic YWRtaW46MjI=on the server side? Do I get username and password from this header? - How do I return security token from server to client and save it on the client side?
I need to get simple authentication based on security token but cannot find example that describes all sides of this process. Can someone point me to some full example that includes client and server side (and uses RestSharp).
回答1:
new SimpleAuthenticator("username", username, "password", password) did NOT work with me.
The following however worked:
var client = new RestClient("http://example.com");
client.Authenticator = new HttpBasicAuthenticator(userName, password);
var request = new RestRequest("resource", Method.GET);
client.Execute(request);
回答2:
From RestSharp documentation:
var client = new RestClient("http://example.com");
client.Authenticator = new SimpleAuthenticator("username", "foo", "password", "bar");
var request = new RestRequest("resource", Method.GET);
client.Execute(request);
The URL generated for this request would be http://example.com/resource?username=foo&password=bar
So you get the password just as any other parameter (although, it's recommended to use POST method then GET, for security reasons).
As for the cookies, check this out: https://msdn.microsoft.com/en-us/library/system.windows.application.setcookie.aspx
https://msdn.microsoft.com/en-us/library/system.windows.application.getcookie.aspx
Hope it helps
回答3:
Alternative answer your first question about retrieval of Auth Header values (Server Side) from How can I retrieve Basic Authentication credentials from the header?:
private UserLogin GetUserLoginCredentials()
{
HttpContext httpContext = HttpContext.Current;
UserLogin userLogin;
string authHeader = httpContext.Request.Headers["Authorization"];
if (authHeader != null && authHeader.StartsWith("Basic"))
{
string encodedUsernamePassword = authHeader.Substring("Basic ".Length).Trim();
Encoding encoding = Encoding.GetEncoding("iso-8859-1");
string usernamePassword = encoding.GetString(Convert.FromBase64String(encodedUsernamePassword));
int seperatorIndex = usernamePassword.IndexOf(':');
userLogin = new UserLogin()
{
Username = usernamePassword.Substring(0, seperatorIndex),
Password = usernamePassword.Substring(seperatorIndex + 1)
};
}
else
{
//Handle what happens if that isn't the case
throw new Exception("The authorization header is either empty or isn't Basic.");
}
return userLogin;
}
Usage of this method might be:
UserLogin userLogin = GetUserLoginCredentials();
Also have a look at: A-WebAPI-Basic-Authentication-Authorization-Filter
Alternative answer on second question about returning the token (Server Side):
var httpResponseMessage = Request.CreateResponse();
TokenResponse tokenResponse;
bool wasAbleToGetAccesToken = _identityServerHelper.TryGetAccessToken(userLogin.Username, userLogin.Password,
platform, out tokenResponse);
httpResponseMessage.StatusCode = wasAbleToGetAccesToken ? HttpStatusCode.OK : HttpStatusCode.Unauthorized;
httpResponseMessage.Content = new StringContent(JsonConvert.SerializeObject(tokenResponse),
System.Text.Encoding.UTF8, "application/json");
return httpResponseMessage;
来源:https://stackoverflow.com/questions/31833431/restsharp-httpbasicauthentication-example