如何解决ASP .NET Core 3.1 Windows Auth用户模拟来调用WebAPI
我有一个使用Windows身份验证的.net core 3.1 Web应用程序。该Web应用程序需要以用户身份向.net Core 3.1 API发出请求,并且该API还需要以用户身份调用其他内部网服务。该应用程序和API托管在同一服务器上,并且都使用Windows身份验证。
模拟当前Windows身份验证用户发出API请求的正确方法是什么?(应用程序可以成功进行对API的调用而无需模拟,但是该请求将作为应用程序运行HomeController
中的这两种测试方法是从搜寻MS文档和SO示例的几天中拼凑而成的,但是每种方法为版本FileLoadException
生成了System.Net.Http
,而该版本并未被引用。 csproj文件-仅在使用模拟时才会发生。
// impersonation in the method
public async Task<IActionResult> AskForSomethingWithImpersonationAsync()
{
var apiBase = new Uri(configuration["Api"]);
var response = string.Empty;
var user = (WindowsIdentity)HttpContext.User.Identity;
await WindowsIdentity.RunImpersonated(user.AccessToken,async () =>
{
var credentialsCache = new CredentialCache { { apiBase,"NTLM",CredentialCache.DefaultNetworkCredentials } };
var handler = new HttpClientHandler() { Credentials = credentialsCache };
var httpClient = new HttpClient(handler) { BaseAddress = apiBase,Timeout = new TimeSpan(0,10) };
httpClient.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
response = httpClient.GetStringAsync("/api/v2/log").Result;
});
return Content(response);
}
// impersonation middleware
[ServiceFilter(typeof(ImpersonationFilter))]
public async Task<IActionResult> AskForSomethingFilteredAsync()
{
var apiBase = new Uri(configuration["Api"]);
var response = string.Empty;
var user = (WindowsIdentity)HttpContext.User.Identity;
var credentialsCache = new CredentialCache { { apiBase,CredentialCache.DefaultNetworkCredentials } };
var handler = new HttpClientHandler() { Credentials = credentialsCache };
var httpClient = new HttpClient(handler) { BaseAddress = apiBase,10) };
httpClient.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
response = await httpClient.GetStringAsync("/api/v2/log");
return Content(response);
}
以下是模拟过滤器中间件:
using Microsoft.AspNetCore.Mvc.Filters;
using System.Security.Principal;
using System.Threading.Tasks;
namespace HBACaller.ActionFilter
{
public class ImpersonationFilter : IAsyncActionFilter
{
public async Task OnActionExecutionAsync(
ActionExecutingContext context,ActionExecutionDelegate next)
{
var user = (WindowsIdentity)context.HttpContext.User.Identity;
await WindowsIdentity.RunImpersonated(user.AccessToken,async () =>
{
await next();
});
}
}
}
这是我在网络浏览器的“网络响应”标签中看到的错误:
System.IO.FileLoadException:
File name: 'System.Net.Http,Version=4.2.2.0,Culture=neutral,PublicKeyToken=b03f5f7f11d50a3a
据我所知,该版本未在任何地方引用。 .csproj具有以下功能:
<ItemGroup>
<PackageReference Include="System.Net.Http" Version="4.3.4" />
<PackageReference Include="System.Security.Principal" Version="4.3.0" />
</ItemGroup>
当此代码发布到测试IIS服务器而不是通过Visual Studio在本地运行时,在异常结束时会附加一条消息:
Either a required impersonation level was not provided,or the provided impersonation level is invalid.
如果有帮助,可以帮助您查看完整的(失败的)项目,以下是存储库:https://github.com/cestarte/core_impersonate_winauth_user
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。