Geek Answers Handbook

RestSharp Authenticator Follow Migration 302

I am trying to make API requests using RestSharp. This API is protected by redirecting the request to the login server, authenticating with basic credentials, receiving cookies, and then redirecting back to the API. I am afraid that I have no control over this.

Thus, the sequence of queries:

Request                                            Response
---------------------------------------------------------------------------------
1. GET http api server                             302 Found to login server
2. GET https login server                          401 Unauthorized
3. GET https login server with basic credentials   302 Found to api server with cookies
4. GET http api server with cookies                200 OK

I am trying to do this using RestSharp. Here is my code:

var client = new RestClient("api server")
{
    Authenticator = new HttpBasicAuthenticator("username", "password")
};
var request = new RestRequest("api path", Method.GET);
var result = client.Execute<TResult>(request).Data;

The authorization header is sent only at the first request. It does not follow any of the redirects.

Is there a way to force RestSharp to send credentials only to the login server?

+4
source share
2 answers

. , .

https://github.com/restsharp/RestSharp/issues/414

IAuthenticator RestClient System.Net.IAuthenticationModule. :

RestSharp

public class MyAuthenticator : IAuthenticator
{
    private readonly CredentialCache _credentials = new CredentialCache();

    public MyAuthenticator(Uri loginServerUrl, string username, string password)
    {
        if (loginServerUrl == null)
        {
            throw new ArgumentNullException("loginServerUrl");
        }

        __registerAuthenticationModule(loginServerUrl);
        _credentials.Add(loginServerUrl, MyAuthenticationModule.TheAuthenticationType, new NetworkCredential(username, password, loginServerUrl.Host));
    }

    private static MyAuthenticationModule __registerAuthenticationModule(Uri loginServerUrl)
    {
        IEnumerator registeredModules = AuthenticationManager.RegisteredModules;
        MyAuthenticationModule authenticationModule;

        while (registeredModules.MoveNext())
        {
            object current = registeredModules.Current;
            if (current is MyAuthenticationModule)
            {
                authenticationModule = (MyAuthenticationModule)current;
                if (authenticationModule.LoginServerUrl.Equals(loginServerUrl))
                {
                    return authenticationModule;
                }
            }
        }

        authenticationModule = new MyAuthenticationModule(loginServerUrl);
        AuthenticationManager.Register(authenticationModule);
        return authenticationModule;
    }

    public void Authenticate(IRestClient client, IRestRequest request)
    {
        request.Credentials = _credentials;
    }
}

.NET-

public class MyAuthenticationModule : IAuthenticationModule
{
    internal const string TheAuthenticationType = "MyAuthentication";

    private readonly CredentialCache _credentialCache = new CredentialCache();
    private readonly Uri _loginServerUrl;

    internal CredentialCache CredentialCache
    {
        get
        {
            return _credentialCache;
        }
    }

    internal Uri LoginServerUrl
    {
        get
        {
            return _loginServerUrl;
        }
    }

    internal MyAuthenticationModule(Uri loginServerurl)
    {
        if (loginServerurl == null)
        {
            throw new ArgumentNullException("loginServerUrl");
        }

        _loginServerUrl = loginServerurl;
    }

    public Authorization Authenticate(string challenge, WebRequest request, ICredentials credentials)
    {
        Authorization result = null;

        if (request == null || credentials == null)
        {
            result = null;
        }

        else
        {
            NetworkCredential creds = credentials.GetCredential(LoginServerUrl, TheAuthenticationType);
            if (creds == null)
            {
                return null;
            }

            ICredentialPolicy policy = AuthenticationManager.CredentialPolicy;
            if (policy != null && !policy.ShouldSendCredential(LoginServerUrl, request, creds, this))
            {
                return null;
            }

            string token = Convert.ToBase64String(Encoding.UTF8.GetBytes(string.Format("{0}:{1}", creds.UserName, creds.Password)));

            result = new Authorization(string.Format("Basic {0}", token));
        }

        return result;
    }

    public string AuthenticationType
    {
        get { return TheAuthenticationType; }
    }

    public bool CanPreAuthenticate
    {
        get { return false; }
    }

    public Authorization PreAuthenticate(WebRequest request, ICredentials credentials)
    {
        return null;
    }
}

RestSharp Client Like This

var client = new RestClient(commonApiUrl)
{
    Authenticator = new MyAuthenticator(loginServerUrl, username, password)
};
+3

CredentialsCache Authenticate. , , ().

msdn article:

CredentialCache Credentials , WebRequest , . , .

, RestSharp BasicAuthenticator :

 public class BasicAuthenticator : IAuthenticator
    {
        private readonly string _baseUrl;
        private readonly string _userName;
        private readonly string _password;
        private readonly CredentialCache _credentialCache;

        public BasicAuthenticator(string baseUrl, string userName, string password)
        {
            _baseUrl = baseUrl;
            _userName = userName;
            _password = password;

            _credentialCache = new CredentialCache
            {
                {new Uri(_baseUrl), "Basic", new NetworkCredential(_userName, _password)}
            };
        }

        public void Authenticate(IRestClient client, IRestRequest request)
        {
            request.Credentials = _credentialCache;

            if (request.Parameters.Any(parameter =>
                            parameter.Name.Equals("Authorization", StringComparison.OrdinalIgnoreCase)))
            {
                return;
            }
            request.AddParameter("Authorization", GetBasicAuthHeaderValue(), ParameterType.HttpHeader);
        }


        private string GetBasicAuthHeaderValue()
        {
            return string.Format("Basic {0}",
                            Convert.ToBase64String(Encoding.ASCII.GetBytes(string.Format("{0}:{1}",
                                _userName, _password))));
        }
    }
0

More articles:


All Articles