如何正确配置身份验证以使用ASP.NET Core 2.0中的外部Restful Apis?

时间:2019-01-15 14:25:55

标签: c# asp.net-core-webapi asp.net-core-2.1

我正在使用外部Restful Api。我提供了标题值的授权密钥。当我尝试使用邮递员发送请求时,返回200好的。我在代码上使用相同的API KEY。使用授权密钥消费Restful Api的正确方法是什么?

我已经为Startup.cs配置了ConfigureServices和Configure。然后,我使用HttpClient来使用Restful Api。我以某种方式收到401未经授权的回复。

Startup.cs的代码

public void ConfigureServices(IServiceCollection services)
{
    services.AddCors(options =>
    {
        options.AddPolicy("CorsPolicy", builder =>
        {
            builder
                .AllowAnyOrigin()
                .AllowAnyMethod()
                .AllowAnyHeader()
                .AllowCredentials();
        });
    });

    services.AddAuthentication();
    services.AddMvc();
}

public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{       
    if (env.IsDevelopment())
    {
        app.UseDeveloperExceptionPage();
    }

    app.UseAuthentication();
    app.UseCors("CorsPolicy");
    app.UseMvc();
}

Services.cs代码:

private static HttpClient _httpClient = new HttpClient();

public CRUDService()
{
    _httpClient.BaseAddress = new Uri("https://api.deezer.com");

    _httpClient.DefaultRequestHeaders.Clear();
    _httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("X-API_KEY", "081f0fca-1bca-4e8e-9a24-22ff2c3d462c");

    _httpClient.Timeout = new TimeSpan(0, 0, 30);
    _httpClient.DefaultRequestHeaders.Clear();
    _httpClient.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
}

public async Task Run()
{
    await GetResource();
}

public async Task GetResource()
{
    var response = await _httpClient.GetAsync("/v1/song/latest");
    response.EnsureSuccessStatusCode();

    var content = await response.Content.ReadAsStringAsync();
    var movies = new List<Movie>();

    if (response.Content.Headers.ContentType.MediaType == "application/json")
    {
        movies = JsonConvert.DeserializeObject<List<Movie>>(content);
    }
}

2 个答案:

答案 0 :(得分:0)

我在该api上收到600个无效查询,因此无法确认。但是,我认为您需要像这样添加api密钥:

_httpClient.DefaultRequestHeaders.Add("X-API_KEY", "081f0fca-1bca-4e8e-9a24-22ff2c3d462c");

...而不是将其添加到DefaultRequestHeaders.Authorization。

保罗

答案 1 :(得分:0)

我不确定它是否会工作,但是看起来好像您正在实例化/初始化CRUDService-您可能需要执行以下操作:

public async Task GetResource()
{
    CRUDService(); // <<<<---- this was added <<<<----
    var response = await _httpClient.GetAsync("/v1/song/latest");
    response.EnsureSuccessStatusCode();

    var content = await response.Content.ReadAsStringAsync();
    var movies = new List<Movie>();

    if (response.Content.Headers.ContentType.MediaType == "application/json")
    {
        movies = JsonConvert.DeserializeObject<List<Movie>>(content);
    }
}
相关问题
最新问题