通过HTTPS消耗CRM 365内部Web Api

时间:2018-11-26 12:31:42

标签: rest api https crm adfs

我有以下代码可以正常工作:

            var credentials = new NetworkCredential(UserName, Password, Domain);
            var httpMessageHandler = new HttpClientHandler { Credentials = credentials };
            HttpClient httpClient = new HttpClient(httpMessageHandler);
            try
            {

                using (httpClient)
                {
                    httpClient.BaseAddress = new Uri(ResourceUrl);
                    httpClient.Timeout = new TimeSpan(0, 2, 0);  //2 minutes
                    var response = httpClient.GetAsync("data/v8.2/contacts?$top=1", HttpCompletionOption.ResponseHeadersRead).Result;
                    var response1Content = response.Content.ReadAsStringAsync().Result;
                }
            }

但是,当我尝试通过HTTPS(其中ADFS 3是授权机构)访问相同的资源时,却无法执行。

Microsoft提供了一些封装在Authorizationhere中的示例帮助程序代码。我已经用过了,所以我的代码现在看起来像这样:

            Configuration configuration = new Configuration();
            configuration.Username = UserName;
            configuration.Password = secure;
            configuration.Domain = Domain;
            configuration.ServiceUrl = ServiceUrl;
            configuration.RedirectUrl = RedirectUrl;
            configuration.ClientId = ClientId;

            var credentials = new NetworkCredential(UserName, Password, Domain);
            var httpMessageHandler = new HttpClientHandler { Credentials = credentials };
            Authentication authentication = new Authentication(configuration, AdfsUrl);
            OAuthMessageHandler oAuthHttpMessageHandler = new OAuthMessageHandler(authentication, httpMessageHandler);
            HttpClient httpClient = new HttpClient(oAuthHttpMessageHandler);

            try
            {
                using (httpClient)
                {
                    httpClient.BaseAddress = new Uri(ServiceUrl);
                    httpClient.Timeout = new TimeSpan(0, 2, 0);  //2 minutes
                    var response = httpClient.GetAsync("data/v8.2/contacts?$top=1", HttpCompletionOption.ResponseHeadersRead).Result;
                    var response1Content = response.Content.ReadAsStringAsync().Result;
                }
            }

但是,这在遇到这一行时给了我以下异常:

var response = httpClient.GetAsync("data/v8.2/contacts?$top=1", HttpCompletionOption.ResponseHeadersRead).Result;

任何建议将不胜感激。

1 个答案:

答案 0 :(得分:0)

最后,我必须实现一个多步骤的自定义解决方案:

步骤1 。发布到

https://myadfs.com/adfs/oauth2/authorize?response_type=code&redirect_uri=https://mywebsiterequiringadfsauthorisation.com&resource=https://mywebsiterequiringadfsauthorisation.com&client_id=12ab34cd-12ab-12ab-12ab-12ab3412abcd&RedirectToIdentityProvider=https://myadfs.com//adfs/services/trust

和以下正文:

Body: 

response_type:code
redirect_uri:https://mywebsiterequiringadfsauthorisation.com
resource:https://mywebsiterequiringadfsauthorisation.com
client_id:12ab34cd-12ab-12ab-12ab-12ab3412abcd
RedirectToIdentityProvider:https://myadfs.com/adfs/services/trust

如果成功,此步骤将返回服务器的 301找到响应。响应的标题包含 Location ,它类似于以下内容:

Location: 

https://mywebsiterequiringadfsauthorisation.com:443/?code=HotI0lPfMEGhcEo7zXqFEQ.yjKLgch71ggSADojHBJkCobAXTU.gomySyiXeFHuXohPstY5MOtH_eRp4Cnr65q3PaIEXZ-Fz3dp-e25hr09QDUDBCqz08ROWEN9tcoZEAwAKG_pepLTnNVHOZwbrhaYlc2XRjZ4IrCJGZPqfapnQphXDR_4cPl7tIIt3q7ORaVF5LbAyv76bTeCGqKSNsCmeP6IrGigZoDBBxAdfGMg-Pg_Ebs_SaPY1P3Q2egKkkpCYfks8-kkHJNAhS5Wv2Qio_XzIdUOO6zWU9YGdGQdC1U-VNeHwJDm8GzVtXxbD9aTdQFwdUlg2DELyQxEOPcDLQG2BKmdxRGF3jRd_OUvaIzsKVz4u0fcNpeIhXNHsYGtvRZHLw

STEP 2 从响应的标题/位置提取代码,并构造对ADFS的第二个请求:

POST到https://myadfs.com/adfs/oauth2/token,内容如下:

Body: 

client_id:12ab34cd-12ab-12ab-12ab-12ab3412abcd
redirect_uri:https://mywebsiterequiringadfsauthorisation.com
grant_type:authorization_code 
code:HotI0lPfMEGhcEo7zXqFEQ.yjKLgch71ggSADojHBJkCobAXTU.gomySyiXeFHuXohPstY5MOtH_eRp4Cnr65q3PaIEXZ-Fz3dp-e25hr09QDUDBCqz08ROWEN9tcoZEAwAKG_pepLTnNVHOZwbrhaYlc2XRjZ4IrCJGZPqfapnQphXDR_4cPl7tIIt3q7ORaVF5LbAyv76bTeCGqKSNsCmeP6IrGigZoDBBxAdfGMg-Pg_Ebs_SaPY1P3Q2egKkkpCYfks8-kkHJNAhS5Wv2Qio_XzIdUOO6zWU9YGdGQdC1U-VNeHwJDm8GzVtXxbD9aTdQFwdUlg2DELyQxEOPcDLQG2BKmdxRGF3jRd_OUvaIzsKVz4u0fcNpeIhXNHsYGtvRZHLw

如果一切正常,您应该得到一个 200 OK 响应,其中包含一个包含访问令牌的JSON响应:

{
    "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6IlhscG9zR0pGbjE3OHlrNWFwcjl0R01ERGdwNCJ9.eyJhdWQiOiJodHRwczovL2N3Y3JtLnRoZWZhLmNvbS8iLCJpc3MiOiJodHRwczovL3dnc3N0c3IudGhlZmEuY29tL2FkZnMvc2VydmljZXMvdHJ1c3QiLCJpYXQiOjE1NDcxMTc3ODAsImV4cCI6MTU0NzIwNDE4MCwidXBuIjoicHJkX2N3MjAxNl9pbnRAdGhlZmEubG9jYWwiLCJwcmltYXJ5c2lkIjoiUy0xLTUtMjEtMTc1OTM5NjE5My0yMDMwMjE4Mzg4LTM0NjczNTc3OTMtMzc5NiIsInVuaXF1ZV9uYW1lIjoiVEhFRkFcXFBSRF9DVzIwMTZfSU5UIiwiYXV0aF90aW1lIjoiMjAxOS0wMS0xMFQxMDo1NjoxNC42NDVaIiwiYXV0aG1ldGhvZCI6InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOlBhc3N3b3JkUHJvdGVjdGVkVHJhbnNwb3J0IiwidmVyIjoiMS4wIiwiYXBwaWQiOiIxMmFiMzRjZC0xMmFiLTEyYWItMTJhYi0xMmFiMzQxMmFiY2QifQ.fdvBavODiXOQM-UNBD59sgvqz357P5DzEOGifY0TfMZUjGrHc-IdZU9eqJNsUbtK4_FsrnoV6OKK8Vc4tvDITIw5D8i5uPP0tK_yDWs3Jdw5v3RUDDH2Q5yWrEed6KASO40q-YeowzMaLkf3EDE33Iyrh_J5K29hYnVJJ_4uVxAxdzIAM-Mp9HqfLtpwtEOyWe3PaTjGe8uGRXKstOFy0yNFvURaEohp628EYmA_lieTXA0TVVXG-KCV5QfuG7SWblErPR7nZI27iSs4xPyWkf68JfQOodfQ5iDHR3AWcWtNPd2b2h7VdKO3gMUsux9e__GO43Uzu9hf_l3nOMvNbA",
    "token_type": "bearer",
    "expires_in": 86400
}

第3步

将访问令牌放在任何后续请求的标头中。

相关问题
最新问题