使用API​​密钥授权的WCF. [英] WCF using API Key Authorisation.

问题描述

以下是我在StackOverflow上发布的一个问题的重复，没有结果.

The following is a duplicate of a question that I posted on StackOverflow without result.

尝试向IIS 7上托管的现有WCF服务添加API密钥授权

Trying to add API Key authorization to an existing WCF service hosted on IIS 7

按照Ron Jacob的教程创建从ServiceAuthorizationManager派生的类.

Followed Ron Jacob's tutorial for creating a class derived from ServiceAuthorizationManager.

它没有被调用.

如果我的理解是错误的，我希望我要做的就是正确地创建该类并在Web.Config中引用它.

In case my understanding is wrong, I am expecting that all I have to do is correctly make the class and refer to it in Web.Config.

那时，我的测试Web客户端应停止从服务中获取数据，直到更改客户端以处理API密钥流程为止.

At that point my test web client should cease to get data from the service until the client is altered to handle API Key process flow.

但是，客户端仍然可以正确使用合同，并且不会生成我放置在ServiceAuthorizationManager类中的Eventlog消息.

The client however still consumes the contracts correctly and the Eventlog messages that I have placed in the ServiceAuthorizationManager class are not being generated.

我认为它必须是我在web.config中创建的行为节点，但是我已经手动创建并使用Visual Studio config编辑器工具创建了该行为节点，并且两个条目均不起作用.

I thought it must be the behavior node that I created in the web.config but I have created that both manually and using the Visual Studio config editor tool and both entries don't work.

我认为Web config serviceAuthorization节点是正确的，因为它正确地引用了授权类的Namespace.Class，并且我再次检查了Webservice的bin目录中的程序集是CouponParkingWCF.dll.

I believe the web config serviceAuthorization node is correct in that it correctly refers to the Namespace.Class of the authorization class and I have double checked that the assembly in the bin directory of the Webservice is CouponParkingWCF.dll.

班级代码是:

namespace CouponParkingWCF
{

public class APIKeyAuthorization:ServiceAuthorizationManager
{
    public const string APIKEY = "ApiKey";
    public const string APIKEYLIST = "APIKeyList";


    public string GetAPIKey(OperationContext operationContext)
 {
    // Get the request message
     ClsLogger.WriteInfoLog("InsideGetAPIKey");
     var request = operationContext.RequestContext.RequestMessage;

    // Get the HTTP Request
     var requestProp = (HttpRequestMessageProperty)request.Properties[HttpRequestMessageProperty.Name];

     // Get the query string
    NameValueCollection queryParams = HttpUtility.ParseQueryString(requestProp.QueryString);

    // Return the API key (if present, null if not)
    return queryParams[APIKEY];
}

 public List<Guid> APIKeys
 {
     get
     {
         // Get from the cache
         // Could also use AppFabric cache for scalability
         var keys = HttpContext.Current.Cache[APIKEYLIST] as List<Guid>;

        if (keys == null)
            keys = PopulateAPIKeys();

       return keys;
    }
}

    private List<Guid> PopulateAPIKeys()
    {
        Dt dt = new Dt();
        List<Guid> keyList = dt.GetApiKeys();
        return keyList;
    }
     public bool IsValidAPIKey(OperationContext operationContext)
{
     // if verification is disabled, return true
    //if (Global.APIKeyVerification == false)
    //    return true;
   ClsLogger.WriteInfoLog("InsideIsValidAPIKey");
         //return true;
    string key = GetAPIKey(operationContext);

    Guid apiKey;

    // Convert the string into a Guid and validate it
    if (Guid.TryParse(key, out apiKey) && APIKeys.Contains(apiKey))
    {
        return true;
    }
         // Send back an HTML reply
         CreateErrorReply(operationContext, key);
         return false;
}

    private void CreateErrorReply(OperationContext operationContext, string key)
    {
        ClsLogger.WriteErrorLog("We have an Authorization Error. Oh Dear.");
    }

    protected override bool CheckAccessCore(OperationContext operationContext)
 {
    return IsValidAPIKey(operationContext);
 }
}
}

"Web配置行为"节点为:

The web config behaviors node is:

<behaviors>
  <endpointBehaviors>
    <behavior name="RestJSONEndpointBehavior">
      <webHttp helpEnabled="false" defaultBodyStyle="Bare" defaultOutgoingResponseFormat="Json" />
    </behavior>
    <behavior name="RestXMLEndpointBehavior">
      <webHttp helpEnabled="false" defaultOutgoingResponseFormat="Xml" />
    </behavior>
  </endpointBehaviors>
  <serviceBehaviors>
    <behavior name="">
      <serviceAuthorization serviceAuthorizationManagerType="CouponParkingWCF.APIKeyAuthorization, CouponParkingWCF, Version=1.0.0.1, Culture=neutral, PublicKeyToken=null" />
    </behavior>
    <behavior name="wsdl">
      <serviceMetadata httpGetEnabled="false" httpsGetEnabled="false" />
      <serviceDebug includeExceptionDetailInFaults="true" />
    </behavior>
  </serviceBehaviors>
</behaviors>

希望有人能发现我做错了.

hopefully someone can spot what I have done wrong.

谢谢

鲍勃

推荐答案

希望有人可以发现我做错了

hopefully someone can spot what I have done wrong

https://social.msdn.microsoft.com/Forums/vstudio/zh-CN/home?forum=wcf

https://social.msdn.microsoft.com/Forums/vstudio/en-US/home?forum=wcf

这篇关于使用API​​密钥授权的WCF.的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！