控制台程序httpclient使用IdentityServer4的授权码模式获取token

控制台程序httpclient使用IdentityServer4的授权码模式获取token获取token代码拿到token后，访问API系统使用IdentityServer4做鉴权，客户端是WPF，打算使用httpclient获取授权码模式的token，现做一个控制台测试例子。获取token代码新建一个AuthorizationCodeLogin类using IdentityModel;using

写码的猿是攻城狮

1323人浏览 · 2022-03-28 11:14:12

写码的猿是攻城狮 · 2022-03-28 11:14:12 发布

控制台程序httpclient使用IdentityServer4的授权码模式获取token

获取token代码
拿到token后，访问API

系统使用IdentityServer4做鉴权，客户端是WPF，打算使用httpclient获取授权码模式的token，现做一个控制台测试例子。

获取token代码

新建一个AuthorizationCodeLogin类

using IdentityModel;
using IdentityModel.Client;
using Microsoft.Net.Http.Headers;
using Newtonsoft.Json.Linq;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Net;
using System.Security.Cryptography;
using System.Text;
using System.Threading.Tasks;

namespace ClientAuthorizationCode
{
    public class AuthorizationCodeLogin
    {
        public async Task<string?> GetTokenAsync()
        {
            var webProxy = new WebProxy(new Uri("http://127.0.0.1:8080"));//代理，用burp suite进行截断调试
            var baseAddress = new Uri("https://localhost:5001");

            var cookieContainer = new CookieContainer();
            var handler = new HttpClientHandler()
            {
                //Proxy = webProxy,
                //UseProxy = true,
                UseCookies = true,
                CookieContainer = cookieContainer,
            };
            var client = new HttpClient(handler);


            var disco = await client.GetDiscoveryDocumentAsync(baseAddress.AbsoluteUri);
            if (disco.IsError)
            {
                Console.WriteLine(disco.Error);
                return null;
            }

            #region 创建验证地址
            var nonce = Convert.ToBase64String(CryptoRandom.CreateRandomKey(64));
            var codeVerifier = GenerateCodeVerifier();
            var codeChallenge = GenerateCodeChallenge(codeVerifier);

            var ru = new RequestUrl(disco.AuthorizeEndpoint);
            var url = ru.CreateAuthorizeUrl(
                clientId: "apiClientCode",
                responseType: "code",
                redirectUri: "http://localhost:5002/signin-oidc",
                nonce: nonce,
                codeChallenge: codeChallenge,
                codeChallengeMethod: "S256",
                scope: "api1");

            Console.WriteLine(url);

            #endregion


            #region 获取真正的登录地址，以及登录参数和Cookie
            var response1 = await client.GetAsync(url);

            if(!response1.IsSuccessStatusCode)
            {
                Console.WriteLine("获取真正的登录地址" + response1.StatusCode);
                return null;
            }
            var result = await response1.Content.ReadAsStringAsync();

            string temp = "<input name=\"__RequestVerificationToken\" type=\"hidden\" value=\"";
            string temp1 = "\" /><input name=\"RememberLogin\"";
            int startIndex = result.IndexOf(temp);
            int endIndex = result.IndexOf(temp1);
            int length = endIndex - startIndex - temp.Length;
            string requestVerificationToken = result.Substring(startIndex + temp.Length, length);
            Console.WriteLine(requestVerificationToken);


            string temp2 = "<input type=\"hidden\" id=\"ReturnUrl\" name=\"ReturnUrl\" value=\"";
            string temp3 = "code_challenge_method=S256";
            int startIndex1 = result.IndexOf(temp2) + temp2.Length;
            int endIndex1 = result.IndexOf(temp3);
            int length1 = endIndex1 - startIndex1 + temp3.Length;
            string returnUrl = result.Substring(startIndex1, length1).Replace("amp;", "");

            Console.WriteLine(returnUrl);
            var cookies = response1.Headers.GetValues(HeaderNames.SetCookie).ToList();

            var cookieTemp = cookies[0].Split(';');
            var cookieTemp1 = cookieTemp[0].Split('=');

            #endregion


            #region 登录，获取code
            handler.CookieContainer.Add(baseAddress, new Cookie(cookieTemp1[0], cookieTemp1[1]));
            //var client1 = new HttpClient(handler);
            var formContent = new FormUrlEncodedContent(new[]
            {
                new KeyValuePair<string, string>("Username", "alice"),
                new KeyValuePair<string, string>("Password", "Pass123$"),
                new KeyValuePair<string, string>("ReturnUrl", returnUrl),
                new KeyValuePair<string, string>("button", "login"),
                new KeyValuePair<string, string>("__RequestVerificationToken", requestVerificationToken),
                new KeyValuePair<string, string>("RememberLogin", "false"),
            });

            var response = await client.PostAsync(response1.RequestMessage.RequestUri, formContent);

            Console.WriteLine(response.Headers.Location.AbsoluteUri);
            Console.WriteLine(response.IsSuccessStatusCode);
            Console.WriteLine(response.StatusCode);
            if (!(response.StatusCode == HttpStatusCode.Found))
            {
                Console.WriteLine("获取Code失败"+response.StatusCode);
                return null;
            }

            //根据自己的跳转地址截取得到Code
            string code = response.Headers.Location.AbsoluteUri.Replace("http://localhost:5002/signin-oidc?code=", "").Replace("&scope=api1", "");

            #endregion

            #region 获取Token

            var tokenResponse = await client.RequestAuthorizationCodeTokenAsync(new AuthorizationCodeTokenRequest
            {
                Address = disco.TokenEndpoint,
                ClientId = "apiClientCode",
                ClientSecret = "secret345",
                Code = code,
                GrantType = "authorization_code",
                RedirectUri = "http://localhost:5002/signin-oidc",
                CodeVerifier = codeVerifier
            });


            if (tokenResponse.IsError)
            {
                Console.WriteLine(tokenResponse.Error);
                return null;
            }

            Console.WriteLine(tokenResponse.Json);
            Console.WriteLine(tokenResponse.AccessToken);
            Console.WriteLine("\n\n");

            return tokenResponse.AccessToken;

            #endregion

    
        }


        private  string GenerateCodeVerifier()
        {
            var rng = RandomNumberGenerator.Create();

            var bytes = new byte[32];
            rng.GetBytes(bytes);

            // It is recommended to use a URL-safe string as code_verifier.
            // See section 4 of RFC 7636 for more details.
            var code_verifier = Convert.ToBase64String(bytes)
                .TrimEnd('=')
                .Replace('+', '-')
                .Replace('/', '_');

            return code_verifier;
        }

        private string GenerateCodeChallenge(string code_verifier)
        {
            var code_challenge = string.Empty;
            using (var sha256 = SHA256.Create())
            {
                var challengeBytes = sha256.ComputeHash(Encoding.UTF8.GetBytes(code_verifier));
                code_challenge = Convert.ToBase64String(challengeBytes)
                    .TrimEnd('=')
                    .Replace('+', '-')
                    .Replace('/', '_');

                return code_challenge;
            }
        }
    }
}

拿到token后，访问API

为了方便测试，直接在Program.cs进行编写访问API的代码了,环境是.net 6，授权中心和API是使用IdentityServer4的官方案例，点击访问

// See https://aka.ms/new-console-template for more information


using ClientAuthorizationCode;
using IdentityModel.Client;
using Newtonsoft.Json.Linq;



AuthorizationCodeLogin authorizationCodeLogin=new AuthorizationCodeLogin();

var token= authorizationCodeLogin.GetTokenAsync().GetAwaiter().GetResult();

var apiClient = new HttpClient();
apiClient.SetBearerToken(token);

var response3 = await apiClient.GetAsync("http://localhost:6011/identity");
if (!response3.IsSuccessStatusCode)
{
    Console.WriteLine(response3.StatusCode);
}
else
{
    var content = await response3.Content.ReadAsStringAsync();
    Console.WriteLine(JArray.Parse(content));
}

Console.ReadLine();

CSDN学习社区

CSDN联合极客时间，共同打造面向开发者的精品内容学习社区，助力成长！

更多推荐

嵌入式作业（七）：基于Ardunio的STM32串口通信

嵌入式作业（七）0作业要求1Ardunio 完成STM32的串口通信（1）安装Ardunio IDE（2）stm32串口通信2关于 stduino IDE0作业要求安装 Ardunio IDE 和相关软件支持库，在Ardunio 完成STM32板子的串口通信程序：（1）持续向串口输出“Hello world！”；（2）当接收到“stop!”时，停止输出。网上有一个国人版的MCU集成开发平台， st

CSDN学习社区

JDBC详解

JDBC文章目录JDBC什么是JDBC?JDBC驱动程序:Java使用JDBC访问数据库的步骤:设置classpath:Oracle连接字符串的书写格式:简单的例子:常用数据库的驱动程序及JDBC URL:Oracle数据库:SQL Server数据库MySQL数据库Access数据库PreparedStatement接口:JNDI-数据源（Data Source）与连接池（Connection

CSDN学习社区

“模式识别与机器学习”学习笔记no2.再谈感知机

接**上篇：上篇主要进行了PLA，Pocket算法的理论过程分析和在给定数据集上利用pocket算法对数据集进行分类学习，得到错分数量最少的分类面。上篇中pocket算法的过程已经进行了编程和测试，框架已经建立了起来，这一篇主要上篇中没有提到或涉及不深的几个问题。1.数据集的构造。上篇是直接使用了题目给的向量，这次来根据正态分布来产生数据集。np.random.normal函数可以根据均值和方差生