10.第三方ClientCredential模式调用
10.第三方ClientCredential模式调用
IdentityModel的官方文档:
https://identitymodel.readthedocs.io/en/latest/index.html
ThirdPartyDemo
创建第三方的应用程序,相当于它来请求我们的API
创建控制台的应用程序
dotnet new console --name ThirdPartyDemo:常见控制台程序ThirdPartyDemo
添加nuget包:IdentityModel
首先我们需要访问以下这个IdentityServer,是否可以来实现
运行测试
运行:IdentityServerSample
D:\MyDemos\jesse\IdentityServerSample\IdentityServerCenter
在运行:ClientCredentialApi
D:\MyDemos\jesse\ClientCredentialApi
在运行我们的控制台应用程序
修正代码
继续代码,运行结果
这样access_token就返回了。还有我们的api/Values里面输出的值
D:\MyDemos\jesse\ThirdPartyDemo>dotnet run
Program.cs(11,24): warning CS0618: '“DiscoveryClient”已过时:“This type will be deprecated or changed in a future version. It is recommended that you switch to the new extension methods for HttpClient. They give you much more control over the HttpClient lifetime and configuration. See the docs here: https://identitymodel.readthedocs.io” [D:\MyDemos\jesse\ThirdPartyDemo\ThirdPartyDemo.csproj]
Program.cs(16,35): warning CS0618: '“TokenClient”已过时:“This type will be deprecated or changed in a future version. It is recommended that you switch to the new extension methods for HttpClient. They give you much more control over the HttpClient lifetime and configuration. See the docs here: https://identitymodel.readthedocs.io” [D:\MyDemos\jesse\ThirdPartyDemo\ThirdPartyDemo.csproj]
{
"access_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6ImE3MGZkOGQyYjVjMmVlNDUzMWU1ZGUyNWJmYTViNmE4IiwidHlwIjoiSldUIn0.eyJuYmYiOjE1NTIyNzk3MzAsImV4cCI6MTU1MjI4MzMzMCwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo1MDAwIiwiYXVkIjpbImh0dHA6Ly9sb2NhbGhvc3Q6NTAwMC9yZXNvdXJjZXMiLCJhcGkiXSwiY2xpZW50X2lkIjoiY2xpZW50Iiwic2NvcGUiOlsiYXBpIl19.hPUdUBWxUd2R3xHb4rfGgLFx4Y5KtfK3NFLf3pICzyYnpI8gcfvyzwzWFkY1ZNCwDwq8KVGZsPe_Yu6hRYvlVk8-vsJTXC4W0UJnfEmlFABDfXkao_LlyVZ7ULksg8gZbPje0AVqLtiyKWl66E4iYvsBRfuTBsTVYzStFO4-g2GNsfsyK6rc0iugQo9Gw9hQG3wpumvnq7LJI2SG42GzoGqhWbHvAj5JLvmOY5Mh0ccNR971Z4Q97pp_DXoFSqaLIPfuLN3gD16iQVMzSGMv6tawtpoGZu3XygpOR6T70rXBNTw0StWSdXGyrvI5j3ROKgWy8m9QflzaWr3ElN9Qzw",
"expires_in": 3600,
"token_type": "Bearer"
}
["value1","value2"]
流程
1.先检测地址是否正常:
2.然后通过tokenClient去拿到我们的token
3.拿到token后用httpClient访问我们的API
这就是通过第三方应用程序代码的形式,实现了API的token的获取和api的请求
using System; using IdentityModel.Client; using System.Net.Http; namespace ThirdPartyDemo { class Program { static void Main(string[] args) { var diso = DiscoveryClient.GetAsync("http://localhost:5000").Result; if (diso.IsError) { Console.WriteLine(diso.Error); } var tokenClient = new TokenClient(diso.TokenEndpoint, "client", "secret"); var tokenResponse = tokenClient.RequestClientCredentialsAsync("api").Result; if (tokenResponse.IsError) { Console.WriteLine(tokenResponse.Error); } else { Console.WriteLine(tokenResponse.Json);//输出返回的json } //获取到token 相当于从认证中心拿到了许可 再去访问 api的程序 var httpClient = new HttpClient(); httpClient.SetBearerToken(tokenResponse.AccessToken); var respone = httpClient.GetAsync("http://localhost:5001/api/values").Result; if (respone.IsSuccessStatusCode) { Console.WriteLine(respone.Content.ReadAsStringAsync().Result); } Console.WriteLine(); } } }
