REST 服务的身份验证问题使用来自“WP8"应用程序的“HttpClient" [英] Problems with the authentication to a REST service use `HttpClient` from an `WP8` App
问题描述
我正在尝试将我的应用与一些需要身份验证的 Rest 服务连接起来,但我遇到了一些问题.我使用 HttpClient
类,它适用于不需要此身份验证(如登录或注册)的服务.我认为问题在于我需要在 AuthenticationHeaderValue
对象中指定一个架构,并且这个架构进入标题.标头的结果是这样的授权:授权a81b4974-f328-44e0-901a-95e29fb672aa:sKJQgOqJswCLHlibsMGRYZb/dlkyPzVnvs9uqqx5ToM="和服务器正在寻找的东西是Authorization: a81b4974-f328-44e0-901a-95e29fb672aa:sKJQgOqJswCLHlibsMGRYZb/dlkyPzVnvs9uqqx5ToM":sKJQgOqJswCLHlibsMGRYZb/dlkyPzVnvs9uqqx5ToM="这是我正在使用的代码:
I am trying to conect my app with some Rest services that requires authentication and I am having some problems. I using the HttpClient
class and it works fine with the services that do not need this authentication like the login or the signup. I think that the problem is that I need to specify a schema in the AuthenticationHeaderValue
object and this schema goes into the header. The result of the header is like this "Authorization: Authorization a81b4974-f328-44e0-901a-95e29fb672aa:sKJQgOqJswCLHlibsMGRYZb/dlkyPzVnvs9uqqx5ToM=" and what the server is looking for is something like "Authorization: a81b4974-f328-44e0-901a-95e29fb672aa:sKJQgOqJswCLHlibsMGRYZb/dlkyPzVnvs9uqqx5ToM="
Here is the code that I am using:
public async void addProject(string name)
{
string service = "/service/project/add";
string serviceURL = "/pwpcloud"+service;
StringBuilder parametersBuilder = new StringBuilder();
parametersBuilder.Append("{\"name\":\"" + name + "\",");
parametersBuilder.Append("\"description\":\"" + "projectDescription" + "\",");
parametersBuilder.Append("\"sparsePath\":\"" + "fasdd" + "\",");
parametersBuilder.Append("\"densePath\":\"" + "asdf" + "\",");
parametersBuilder.Append("\"matchFormat\":\"" + "asdf" + "\",");
parametersBuilder.Append("\"metadata\":\"" + "aaaaa" + "\",");
parametersBuilder.Append("\"user\":\"" + mLoginData.getUserID() + "\"}");
string parameters = parametersBuilder.ToString();
HttpClient restClient = new HttpClient();
restClient.BaseAddress = new Uri(mBaseURL);
restClient.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
//falta la autenticacion
setAuthorization(restClient, service, WEBSERVICE_REQUEST_TYPE_POST);
HttpRequestMessage req = new HttpRequestMessage(HttpMethod.Post, serviceURL);
req.Content = new StringContent(parameters, Encoding.UTF8, "application/json");
HttpResponseMessage response = null;
string responseBodyAsText = "";
try
{
response = await restClient.SendAsync(req);
response.EnsureSuccessStatusCode();
responseBodyAsText = await response.Content.ReadAsStringAsync();
}
catch (HttpRequestException e)
{
string ex = e.Message;
}
}
public void setAuthorization(HttpClient request, string service, int reqType, string token, string userID)
{
//Date OK
string date = DateTime.UtcNow.ToString("yyyy-MM-ddTHH:mm:ssZ");
//nonce OK
Random random = new Random();
String nonce = "";
for (int i = 0; i < 5; i++)
{
string randomValue = (1111 + random.Next() % (9999 - 1111)).ToString();
nonce = nonce + randomValue;
}
//type OK
string type = "";
if (reqType == WEBSERVICE_REQUEST_TYPE_GET)
{
type = "GET";
}
else
{
type = "POST";
}
//Authorization:
string stringToHash = token + ":" + service + "," + type + "," + date + "," + nonce;
string authorizationCrypted = encryptStringSHA256(stringToHash);
//string authorization = userID + ":" + authorizationCrypted;
request.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Authorization", string.Format("{0}:{1}", userID, authorizationCrypted));
request.DefaultRequestHeaders.Add("x-rest-date", date);
request.DefaultRequestHeaders.Add("nonce", nonce);
}
public static string encryptStringSHA256(string stringToEncrypt)
{
var hash = new SHA256Managed();
byte[] stringHash = StringToAscii(stringToEncrypt);
byte[] encryptedString = hash.ComputeHash(stringHash);
return Convert.ToBase64String(encryptedString);
}
//Metodo para convertir string a bytes ascii NO IMPLEMENTADO POR DEFECTO EN EL API DE WINDOWS PHONE
public static byte[] StringToAscii(string s)
{
byte[] retval = new byte[s.Length];
for (int ix = 0; ix < s.Length; ++ix)
{
char ch = s[ix];
if (ch <= 0x7f) retval[ix] = (byte)ch;
else retval[ix] = (byte)'?';
}
return retval;
}
感谢您的帮助.
推荐答案
我使用 HttpClient.DefaultRequestHeaders.TryAddWithoutValidation("Key",value)
方法解决了这个问题.这是代码:
I solved it using the HttpClient.DefaultRequestHeaders.TryAddWithoutValidation("Key",value)
method. this is the code:
public void setAuthorization(HttpClient request, string service, int reqType, string token, string userID)
{
//Date OK
string date = DateTime.UtcNow.ToString("yyyy-MM-ddTHH:mm:ssZ");
//nonce OK
Random random = new Random();
String nonce = "";
for (int i = 0; i < 5; i++)
{
string randomValue = (1111 + random.Next() % (9999 - 1111)).ToString();
nonce = nonce + randomValue;
}
//type OK
string type = "";
if (reqType == WEBSERVICE_REQUEST_TYPE_GET)
{
type = "GET";
}
else
{
type = "POST";
}
//Authorization:
string stringToHash = token + ":" + service + "," + type + "," + date + "," + nonce;
string authorizationCrypted = encryptStringSHA256(stringToHash);
string authorization = userID + ":" + authorizationCrypted;
request.DefaultRequestHeaders.TryAddWithoutValidation("x-rest-date", date);
request.DefaultRequestHeaders.TryAddWithoutValidation("Authorization", authorization);
request.DefaultRequestHeaders.TryAddWithoutValidation("nonce", nonce);
}
这篇关于REST 服务的身份验证问题使用来自“WP8"应用程序的“HttpClient"的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!