Question

我们正在使用AutoRest根据API Swagger文件生成客户端代码。

我试图将客户端证书传递给API。但是注意到生成的客户端代码不接受WebRequestHandler。

生成的代码如下所示：

struct tnode* addnode(struct tnode* root, int data) {
    if (root == NULL) return talloc(data);
    else if (data < root->data) root->left = addnode(root->left, data);
    else root->right = addnode(root->right, data);
    return root;
}

我觉得我在这里遗漏了一些东西。有没有人设法使用AutoRest发送客户端证书？

试过这个，但webRequestHandler始终为null：

public MyTestApiV1(Uri baseUri, params DelegatingHandler[] handlers) : this(handlers)
        {
            if (baseUri == null)
            {
                throw new ArgumentNullException("baseUri");
            }
            this.BaseUri = baseUri;
        }

Answer 1

您可以使用另一个重载的构造函数：

/// <summary>
/// Initializes ServiceClient using base HttpClientHandler and list of handlers.
/// </summary>
/// <param name="rootHandler">Base HttpClientHandler.</param>
/// <param name="handlers">List of handlers from top to bottom (outer handler is the first in the list)</param>
protected ServiceClient(HttpClientHandler rootHandler, params DelegatingHandler[] handlers)

ServiceClient是生成的客户端的基类。因此，代码可能如下所示：

var secretRetrieved = keyVault.GetSecretAsync("my-cert");
var pfxBytes = Convert.FromBase64String(secretRetrieved.Result);
// or recreate the certificate directly
var certificate = new X509Certificate2(pfxBytes);
WebRequestHandler webRequestHandler = new WebRequestHandler();
webRequestHandler.ClientCertificates.Add(certificate);
var client = new MyTestApiV1(webRequestHandler);
client.BaseUri = baseUri;

Answer 2

.net核心版本

Ivan R的答案使我走上了正确的道路，但.net核心（此时为2.2）有所不同，因为WebRequestHandler在核心中不可用。

我必须使用pfx文件和密码。 GetNumberPassedIn不在通用的Petstore Swagger模板中，而是我正在测试的模板。

Program.cs：

using System;
using System.Net.Http;

namespace SimpleApi2.Console
{

    class Program
    {
        static void Main(string[] args)
        {
            var certificate = new CertInfo().GetCertFromPfx(Const.PfxPath, Const.PfxPassword);

            var handler = new HttpClientHandler();
            handler.ClientCertificates.Add(certificate);
            var client = new HttpClient(handler);

            var petStore = new SwaggerPetstore(client, true);
            petStore.BaseUri = new Uri(Const.PublicUrl);
            var result = petStore.GetNumberPassedIn(135, Const.ApiKey);
            System.Console.WriteLine(result.ToString());
            System.Console.ReadKey();
        }
    }
}

CertInfo.cs：

using System;
using System.IO;
using System.Security.Cryptography.X509Certificates;
using System.Security;

namespace SimpleApi2.Console
{
    class CertInfo
    {
        internal static byte[] ReadFile(string fileName)
        {
            FileStream f = new FileStream(fileName, FileMode.Open, FileAccess.Read);
            int size = (int)f.Length;
            byte[] data = new byte[size];
            f.Read(data, 0, size);
            f.Close();
            return data;
        }
        public CertInfo() { }

        public X509Certificate2 GetCertFromPfx(string pfxFilePath, string password)
        {
            try
            {

                byte[] rawData = ReadFile(pfxFilePath);
                var passwordAsChars = password.ToCharArray();

                var securePassword = new SecureString();

                foreach (char c in password)
                    securePassword.AppendChar(c);

                securePassword.MakeReadOnly();

                X509Certificate2 x509 = new X509Certificate2(pfxFilePath, password,
                    X509KeyStorageFlags.UserKeySet);

                WriteCertInfo(x509);

                return x509;
            }
            catch (DirectoryNotFoundException)
            {
                System.Console.WriteLine("Error: The directory specified could not be found.");
                throw;
            }
            catch (IOException)
            {
                System.Console.WriteLine("Error: A file in the directory could not be accessed.");
                throw;
            }
            catch (NullReferenceException)
            {
                System.Console.WriteLine("File must be a .cer file. Program does not have access to that type of file.");
                throw;
            }
        }

        private static void WriteCertInfo(X509Certificate2 x509)
        {
            //Print to console information contained in the certificate.
            System.Console.WriteLine("{0}Subject: {1}{0}", Environment.NewLine, x509.Subject);
            System.Console.WriteLine("{0}Issuer: {1}{0}", Environment.NewLine, x509.Issuer);
            System.Console.WriteLine("{0}Version: {1}{0}", Environment.NewLine, x509.Version);
            System.Console.WriteLine("{0}Valid Date: {1}{0}", Environment.NewLine, x509.NotBefore);
            System.Console.WriteLine("{0}Expiry Date: {1}{0}", Environment.NewLine, x509.NotAfter);
            System.Console.WriteLine("{0}Thumbprint: {1}{0}", Environment.NewLine, x509.Thumbprint);
            System.Console.WriteLine("{0}Serial Number: {1}{0}", Environment.NewLine, x509.SerialNumber);
            System.Console.WriteLine("{0}Friendly Name: {1}{0}", Environment.NewLine, x509.PublicKey.Oid.FriendlyName);
            System.Console.WriteLine("{0}Public Key Format: {1}{0}", Environment.NewLine, x509.PublicKey.EncodedKeyValue.Format(true));
            System.Console.WriteLine("{0}Raw Data Length: {1}{0}", Environment.NewLine, x509.RawData.Length);
            System.Console.WriteLine("{0}Certificate to string: {1}{0}", Environment.NewLine, x509.ToString(true));
        }
    }
}

如何使用AutoRest客户端传递客户端证书

2 个答案: