因此可以使用邮递员手动完成此操作。涉及两个步骤,首先执行Get with UserID / password。从响应中获取csrf令牌,将其附加到另一个发布方法中。第二次调用不需要身份验证,只有带有JSON有效负载的令牌才能返回200响应代码。
现在尝试在C#中执行这些步骤,并出现未授权错误。不确定是否正确附加了令牌。下面是代码。
var awdToken = await getAWDToken();
if (awdToken != null)
{
awdAddUser = await AddAWDUser(awdToken, userDetails);
}
private async Task<string> getAWDToken()
{
using (var client = new HttpClient())
{
string targetUri = string.Empty;
string userId = string.Empty;
string pass = string.Empty;
Dictionary<string, string> _awdConfigs;
_userSecurityWrok.CleintConfiguration.ClientAppConfigs.TryGetValue(string.Concat("AWD", "1"), out _awdConfigs);
if (_awdConfigs != null)
{
_awdConfigs.TryGetValue("AWDShortNameURL", out targetUri);
_awdConfigs.TryGetValue("UserName", out userId);
_awdConfigs.TryGetValue("Password", out pass);
}
client.BaseAddress = new Uri(targetUri);
var byteArray = new UTF8Encoding().GetBytes(userId + ":" + pass);
client.DefaultRequestHeaders.Accept.Clear();
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic", Convert.ToBase64String(byteArray));
client.DefaultRequestHeaders.ExpectContinue = false;
var response = await client.GetAsync(targetUri).ConfigureAwait(false);
IEnumerable<string> _tokens = response.Headers.GetValues("csrf_token");
var token = _tokens.FirstOrDefault();
var responseInfo = await response.Content.ReadAsStringAsync();
return token;
}
}
private async Task<UpdateResult> AddAWDUser(string awdToken, UserDetail userDetails)
{
UpdateResult userAddresult = new UpdateResult() { Success = false, Errors = new List<string>(), Messages = new List<string>() };
ClientDetails clientData = await _clientWork.GetClientDetails(userDetails.ClientId);
var awdPayLoad = await prepareAWDPayload(userDetails);
using (var handler = new HttpClientHandler { UseCookies = false })
using (var client = new HttpClient(handler))
{
string targetUri = string.Empty;
Dictionary<string, string> _awdConfigs;
_userSecurityWrok.CleintConfiguration.ClientAppConfigs.TryGetValue(string.Concat("AWD", "1"), out _awdConfigs);
if (_awdConfigs != null)
{
_awdConfigs.TryGetValue("AWDShortNameURL", out targetUri);
}
client.BaseAddress = new Uri(targetUri);
client.DefaultRequestHeaders.Accept.Clear();
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
client.DefaultRequestHeaders.Add("csrf_token", awdToken);
client.DefaultRequestHeaders.Add("Cookie", "csrf_token=" + awdToken);
client.DefaultRequestHeaders.ExpectContinue = false;
var content = new StringContent(awdPayLoad, Encoding.UTF8, "application/json");
var response = await client.PostAsync(targetUri, content).ConfigureAwait(false);
var responseInfo = await response.Content.ReadAsStringAsync();
if (response.StatusCode == HttpStatusCode.OK)
{
userAddresult.Success = true;
}
else
{
userAddresult.Success = false;
userAddresult.Errors = new List<string> { "AWD returned error as " + response.StatusCode.ToString() };
}
}
return userAddresult;
}
需要使这个工作...有什么主意吗?
附加邮递员转储
POST /devapp/awdServer/awd/services/v1/users/ HTTP/1.1
Host: awdwaldn.nonprod.awdprocess.net:8443
csrf_token: L1HmyGPvEC4GvrOqBioL0Q..
Content-Type: application/json
User-Agent: PostmanRuntime/7.20.1
Accept: */*
Cache-Control: no-cache
Postman-Token: 594c3d97-de46-4fc3-9c2d-1b5f74278e60,8be8e538-267f-4544-b33a-211b2d479b3b
Host: ***** //removed host details
Accept-Encoding: gzip, deflate
Content-Length: 325
Cookie: BIGipServerawdwaldn-nonprod-web-8443-dev-web=454308362.16671.0000; JSESSIONID=8hl6G3gImEf4S71c8CFIzfMd.JVM1
Connection: keep-alive
cache-control: no-cache
{
"userId": "DST1234",
"alias": "DST1234",
"password": "TextAW1@",
"firstName": "chi",
"lastName": "chan",
"workSelect": "1",
"group": "WORK GROUP",
"countryCode": 1,
"earlyTime": "00:00:01",
"lateTime": "23:59:59",
"queue": "N",
"status": "A",
"workSelect": 1
}
我找到了。它的饼干。我们需要从第一个响应中读取Cookie,并将其附加到第二个响应中。问题解决了。感谢您的帮助。