如何在 RestSharp 中使用 OAuth2 [英] How to use OAuth2 in RestSharp
问题描述
在服务器端(Spring java)整理 OAuth2 几天后,我开始研究用 C# 编写的客户端.我正在使用 RestSharp 来调用我的 Web API,但是我在使用 OAuth2 时遇到了真正的困难.几乎没有任何文档,我在网上找到的几个例子也不起作用.有人可以提供我可以使用的最新代码示例吗?
After a couple of days sorting out OAuth2 at the server-end (Spring java) I started working on the client written in C#. I am using RestSharp to call my web API but I am having real difficulty with the OAuth2. There is hardly any documentation and the few examples I found online do not work. Can someone provide me a code sample that is up to date and that I can use?
到目前为止,我有以下几点:
So far I have the following:
var client = new RestClient("http://example.com/myapi/oauth/token");
RestRequest request = new RestRequest() { Method = Method.POST };
request.AddHeader("Content-Type", "application/json");
request.AddParameter("grant_type", "client_credentials");
request.AddParameter("client_id", "client-app");
request.AddParameter("client_secret", "secret");
var response = client.Execute(request);
我只是在调试模式下运行此代码,当我查看响应时,我得到了未经授权的授权.
I am simply running this code in debug mode and when I look into the response I get unauthorized.
当我使用相同的参数在控制台上执行 curl 时,它工作正常,但似乎我无法使其在 C# 中工作.这是 curl 命令:
When I do curl on the console with the same parameters it works fine but it seems I can't make this to work in C#. Here is the curl command:
curl -H "Accept: application/json" client-app:secret@example.com/myapi/oauth/token -d grant_type=client_credentials
顺便说一下,我已经用占位符替换了我的真实 API url 和其他信息.
By the way, I have replaced my true API urls and other information with placeholders.
推荐答案
参见 RFC 6749 - 4.4.2.客户端凭据 - 访问令牌请求
这里是请求的基本格式
POST /token HTTP/1.1
Host: server.example.com
Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW
Content-Type: application/x-www-form-urlencoded
grant_type=client_credentials
您的 cURL 请求
curl -H "Accept: application/json"
-d grant_type=client_credentials
client-app:secret@example.com/myapi/oauth/token
cURL 命令起作用的原因
The reason your cURL command works
默认
Content-Type
(如果未指定)和 POST(使用-d
开关时的默认值)是application/x-www-form-urlencoded
Default
Content-Type
(if not specified) with POST (default when you use-d
switch) isapplication/x-www-form-urlencoded
默认身份验证类型(如果未指定)为基本.用户名和密码通过 -u
选项或在 URL 中传递
Default authentication type, if not specified, is Basic. The username and password are passed either through the -u
option or in the URL
-u username:password (client-app:secret)
-- or put it in the url --
client-app:secret@example.com/myapi/oauth/token
您还可以使用 --basic
或 --digest
您可以在 cURL 命令中使用 -v
开关来查看请求中涉及的所有标头.
You can use the -v
switch in your cURL command to see all the headers involved in the request.
RestSharp 修复:
设置
Content-Type
为application/x-www-form-urlencoded
添加基本身份验证
client.Authenticator = new HttpBasicAuthenticator("client-app", "secret");
摆脱
Get rid of
request.AddParameter("client_id", "client-app");
request.AddParameter("client_secret", "secret");
将 Accept
标头设置为 application/json
这篇关于如何在 RestSharp 中使用 OAuth2的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!