我需要与GitHub集成API进行交互,但特别是从.NET 4.0进行交互,因此我无法使用Octokit。
基本上我给了PEM格式私有rsa密钥(标准.NET API不支持),并且必须发送RS256 jwt令牌以获取与API交互的身份验证令牌。
提供了以下ruby示例代码:
# Private key contents
private_pem = File.read(path_to_pem)
private_key = OpenSSL::PKey::RSA.new(private_pem)
# Generate the JWT
payload = {
# issued at time
iat: Time.now.to_i,
# JWT expiration time
exp: 1.minute.from_now.to_i,
# Integration's GitHub identifier
iss: 42
}
jwt = JWT.encode(payload, private_key, "RS256")
使用以下curl示例
curl -i -X POST \
-H "Authorization: Bearer $JWT" \
-H "Accept: application/vnd.github.machine-man-preview+json" \
https://api.github.com/installations/:installation_id/access_tokens
以下结果示例:
Status: 201 Created
{
"token": "v1.1f699f1069f60xxx",
"expires_at": "2016-07-11T22:14:10Z",
"on_behalf_of": null
}
答案 0 :(得分:0)
能够使用.net 4.0上的以下single range软件包成功与此身份验证API进行交互
BouncyCastle 1.8.1 jose-jwt 2.1.0 Newtonsoft.Json 9.0.1 FSharp.Data 2.3.2 F#代码:
open System
open System.Security.Cryptography
open Jose
open Org.BouncyCastle.Crypto
open Org.BouncyCastle.Security
open Org.BouncyCastle.OpenSsl
open Org.BouncyCastle.Crypto.Parameters
open Newtonsoft.Json
open FSharp.Data
let integrationID = 42 //sample
let installID = 10 // sample
let appUserAgent = "My-App-Name" //sample
//Result Format
type InstallToken = { token:string; expires_at:DateTime ; on_behalf_of: string}
let apiBase = "https://api.github.com"
let instBase = apiBase + sprintf "/installations/%i" installID
//.Net 4.0 doesn't have a method for seconds from Epoch
let epochSeconds (date:DateTime) =
date.ToUniversalTime().Subtract(new DateTime(1970,1,1,0,0,0,DateTimeKind.Utc)).TotalSeconds |> Convert.ToInt64
let createBotToken (pemPath:string) =
//Parse PEM file with BouncyCastle
use streamRead = new StreamReader(pemPath)
let pemRead = PemReader(streamRead)
let bcRSA:AsymmetricCipherKeyPair = downcast (pemRead.ReadObject())
//Convert to .NET RSA object with Bouncy Castle
let dnRSA = bcRSA.Private :?> RsaPrivateCrtKeyParameters |> DotNetUtilities.ToRSAParameters
use key = new RSACryptoServiceProvider()
key.ImportParameters(dnRSA)
//JWT needs literal Dictionary<string,obj> type
let payload= dict [
"iat", (DateTime.Now |> epochSeconds) :> obj ;
"exp", (DateTime.Now.AddMinutes(1.0) |> epochSeconds) :> obj;
"iss", integrationID :> obj;
]
|> Dictionary<string,obj>
//Create token with JWT
let bearer = JWT.Encode(payload, key, JwsAlgorithm.RS256)
//Send Request with FSharp.Data
let iresult = Http.RequestString( instBase + "/access_tokens", httpMethod=HttpMethod.Post ,
headers=[HttpRequestHeaders.Authorization (sprintf "Bearer %s" bearer);
HttpRequestHeaders.UserAgent appUserAgent;
HttpRequestHeaders.Accept "application/vnd.github.machine-man-preview+json";
])
//Use Newtonsoft.Json to convert to obj
JsonConvert.DeserializeObject<InstallToken>(iresult)