在 ASP.NET Core 5 中,我是否可以使用 Windows 身份驗證(允許 IIS 對用戶進行身份驗證)并以某種方式獲取該令牌,然后使用它來呼叫也通過 Windows 身份驗證進行身份驗證的 Web API 應用程式?換句話說,我們希望 API 應用程式中的安全背景關系與我們在 UI 應用程式中的安全背景關系相同。這甚至可能嗎?
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication(IISDefaults.AuthenticationScheme);
var commonApiSettings = Configuration.GetSection("CommonApiSettings").Get<CommonApiSettings>();
services.AddHttpClient("CommonApi",
client =>
{
client.BaseAddress = new Uri(commonApiSettings.BaseAddress);
client.DefaultRequestHeaders.Add("Accept", "application/json");
client.DefaultRequestHeaders.Add("User-Agent", "AspNetCore-Demo");
});
services.AddControllersWithViews();
}
然后在我的控制器中我想呼叫一個 web api。每次我得到 401 Unauthorized。
public class HomeController : Controller
{
private readonly ILogger<HomeController> _logger;
private readonly IHttpClientFactory _clientFactory;
public HomeController(ILogger<HomeController> logger, IHttpClientFactory httpClient)
{
_logger = logger;
_clientFactory = httpClient;
}
public async Task<IActionResult> Index()
{
IEnumerable<Confection> inventory;
try
{
var user = (WindowsIdentity)User.Identity!;
await WindowsIdentity.RunImpersonatedAsync(user.AccessToken, async () =>
{
var impersonatedUser = WindowsIdentity.GetCurrent();
var message =
$"User: {impersonatedUser.Name}\t"
$"State: {impersonatedUser.ImpersonationLevel}";
var bytes = Encoding.UTF8.GetBytes(message);
var httpClient = _clientFactory.CreateClient("CommonApi");
httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic", impersonatedUser.AccessToken.ToString());
var request = new HttpRequestMessage(HttpMethod.Get, "");
var httpResponseMessage = await httpClient.SendAsync(request);
if (httpResponseMessage.IsSuccessStatusCode)
{
using var contentStream = await httpResponseMessage.Content.ReadAsStreamAsync();
inventory = await JsonSerializer.DeserializeAsync<IEnumerable<Confection>>(contentStream);
}
});
}
catch (Exception e)
{
//await context.Response.WriteAsync(e.ToString());
}
return View();
}
uj5u.com熱心網友回復:
要發送 Windows 憑據,您需要設定used by的UseDefaultCredentials屬性。還有就是如何與做這樣的一個例子中的檔案。HttpClientHandlerHttpClientIHttpClientFactory
在您的情況下,它應該如下所示:
services.AddHttpClient("CommonApi",
client =>
{
client.BaseAddress = new Uri(commonApiSettings.BaseAddress);
client.DefaultRequestHeaders.Add("Accept", "application/json");
client.DefaultRequestHeaders.Add("User-Agent", "AspNetCore-Demo");
})
.ConfigurePrimaryHttpMessageHandler(() =>
new HttpClientHandler
{
UseDefaultCredentials = true
});
轉載請註明出處,本文鏈接:https://www.uj5u.com/ruanti/409269.html
標籤: