如何将授权令牌从一个webapi传递到另一个webapi? [英] How to pass Authorization token from one webapi to other webapi?
本文介绍了如何将授权令牌从一个webapi传递到另一个webapi?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我在Azure AD中配置了两个applications
.一个是称为app-A
的Web API,另一个是名为app-B
的Web API.
I have configured two applications
in Azure AD. One is a Web API called app-A
and another is a Web API called app-B
.
如何使用客户端凭据令牌在
app-A
处生成令牌 并将令牌传递给app-B
?
how to I generate a token at
app-A
using client credentials token and pass that token toapp-B
?
推荐答案
如果我理解您的问题正确,那么您想将授权令牌从一个Web API服务转发到另一个Web API?
If I understand your question correct you want to forward Authorization token from one Web API service to another Web API?
这是我的方法:
- 创建请求上下文中存在的会话上下文.这是通过使用Unity和
HierarchicalLifetimeManager
完成的. - 从
app-a
的请求中提取所有标头,并将其放入会话上下文中 - 在调用
app-b
之前,使用HttpClient
插入cookie.
- Create a session context that exists within the request context. This is done by using Unity and
HierarchicalLifetimeManager
. - Extract all headers from the request at
app-a
and put it into the session context - Using the
HttpClient
to insert the cookies before callingapp-b
.
如果愿意,您也可以只提取令牌而不是提取所有cookie.
If you want to, you could also just extract the token only instead of all cookies.
SessionContext
public class SessionContext
{
public string Token { get; private set; }
public CookieHeaderValue Cookies { get; private set; }
public void SetToken(string token)
{
if(Token != null)
throw new InvalidOperationException("Token is already set in this session.");
Token = token;
}
public void SetCookies(CookieHeaderValue cookies)
{
if (Cookies != null)
throw new InvalidOperationException("Cookies is already set in this session.");
Cookies = cookies;
}
}
CookieFetcher
/// <summary> ActionFilter to extract all cookie and add it to the <see cref="SessionContext"/>. </summary>
public class CookieFetcherAttribute : ActionFilterAttribute
{
public override void OnActionExecuting(HttpActionContext actionContext)
{
var cookies = actionContext.Request.Headers.GetCookies().SingleOrDefault();
if (cookies == null)
return;
var sessionContext = actionContext.Request.GetDependencyScope().GetService<SessionContext>();
sessionContext.SetCookies(cookies);
}
}
统一配置
// Gets a new TokenProvider per request
container.RegisterType<SessionContext>(new HierarchicalLifetimeManager());
客户
public class Client
{
private CookieHeaderValue Cookies => sessionContext.Cookies;
public Client(SessionContext sessionContext)
{
this.sessionContext = sessionContext;
}
private HttpClient CreateHttpClient()
{
// If cookie/sessionId based authentication is used.
if (Cookies != null)
{
handler.CookieContainer = ConvertToCookieContainer(Cookies, baseUri.GetRootHostName());
handler.UseCookies = true;
}
var client = new HttpClient(handler, true);
client.BaseAddress = baseUri;
return client;
}
private static CookieContainer ConvertToCookieContainer(CookieHeaderValue cookies, string cookiePath)
{
var container = new CookieContainer();
foreach (var cookie in cookies.Cookies)
{
container.Add(new Cookie(cookie.Name, cookie.Value, "/", cookiePath));
}
return container;
}
}
这篇关于如何将授权令牌从一个webapi传递到另一个webapi?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文