使用Asp.net核心创建到另一个Web API的代理 [英] Creating a proxy to another web api with Asp.net core
问题描述
我正在开发一个ASP.Net Core Web应用程序,在这里我需要为另一种(外部)Web服务创建一种身份验证代理".
I'm developing an ASP.Net Core web application where I need to create a kind of "authentication proxy" to another (external) web service.
身份验证代理的意思是,我将通过Web应用程序的特定路径接收请求,并且必须检查那些请求的标头中是否有我之前发出的身份验证令牌,然后重定向所有具有与外部Web API相同的请求字符串/内容的请求,我的应用将通过HTTP Basic身份验证对外部Web API进行验证.
What I mean by authentication proxy is that I will receive requests through a specific path of my web app and will have to check the headers of those requests for an authentication token that I'll have issued earlier, and then redirect all the requests with the same request string / content to an external web API which my app will authenticate with through HTTP Basic auth.
这是伪代码的整个过程
- 客户通过对我之前发送给他的唯一URL进行POST来请求令牌
- 我的应用程序向他发送了一个唯一令牌以响应此POST
- 客户端向我的应用的特定网址(例如
/extapi)发出GET请求,并将身份验证令牌添加到HTTP标头中 - 我的应用获取请求,检查auth令牌是否存在并有效
- 我的应用向外部Web API发出相同的请求,并使用BASIC身份验证对请求进行身份验证
- 我的应用从请求中接收结果并将其发送回客户端
- Client requests a token by making a POST to a unique URL that I sent him earlier
- My app sends him a unique token in response to this POST
- Client makes a GET request to a specific URL of my app, say
/extapiand adds the auth-token in the HTTP header - My app gets the request, checks that the auth-token is present and valid
- My app does the same request to the external web API and authenticates the request using BASIC authentication
- My app receives the result from the request and sends it back to the client
这就是我现在拥有的.似乎工作正常,但我想知道这是否确实是应该执行的方式,或者是否没有更优雅或更佳的解决方案?从长远来看,该解决方案是否会带来问题,以扩展应用程序?
Here's what I have for now. It seems to be working fine, but I'm wondering if it's really the way this should be done or if there isn't a more elegant or better solution to this? Could that solution create issues in the long run for scaling the application?
[HttpGet]
public async Task GetStatement()
{
//TODO check for token presence and reject if issue
var queryString = Request.QueryString;
var response = await _httpClient.GetAsync(queryString.Value);
var content = await response.Content.ReadAsStringAsync();
Response.StatusCode = (int)response.StatusCode;
Response.ContentType = response.Content.Headers.ContentType.ToString();
Response.ContentLength = response.Content.Headers.ContentLength;
await Response.WriteAsync(content);
}
[HttpPost]
public async Task PostStatement()
{
using (var streamContent = new StreamContent(Request.Body))
{
//TODO check for token presence and reject if issue
var response = await _httpClient.PostAsync(string.Empty, streamContent);
var content = await response.Content.ReadAsStringAsync();
Response.StatusCode = (int)response.StatusCode;
Response.ContentType = response.Content.Headers.ContentType?.ToString();
Response.ContentLength = response.Content.Headers.ContentLength;
await Response.WriteAsync(content);
}
}
_httpClient是在其他地方实例化的HttpClient类,并且是单例并且具有BaseAddress的http://someexternalapp.com/api/
_httpClient being a HttpClient class instantiated somewhere else and being a singleton and with a BaseAddressof http://someexternalapp.com/api/
此外,是否有比手动进行令牌创建/令牌检查更简单的方法?
Also, is there a simpler approach for the token creation / token check than doing it manually?
推荐答案
我最终实现了受 a启发的代理中间件Asp.Net的GitHub中的项目.
它基本上实现了一个中间件,该中间件读取收到的请求,从中创建一个副本,然后将其发送回配置的服务,从服务中读取响应,并将其发送回调用方.
It basically implements a middleware that reads the request received, creates a copy from it and sends it back to a configured service, reads the response from the service and sends it back to the caller.
这篇关于使用Asp.net核心创建到另一个Web API的代理的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
