10.第三方ClientCredential模式調用

10.第三方ClientCredential模式調用

 

IdentityModel的官方文檔：

https://identitymodel.readthedocs.io/en/latest/index.html

 

ThirdPartyDemo

建立第三方的應用程序，至關於它來請求咱們的API

建立控制檯的應用程序

dotnet new console --name ThirdPartyDemo：常見控制檯程序ThirdPartyDemo

 

添加nuget包：IdentityModel

 

首先咱們須要訪問如下這個IdentityServer,是否能夠來實現

 

 

 

 

 

 

 

運行測試

運行：IdentityServerSample

D:\MyDemos\jesse\IdentityServerSample\IdentityServerCenter

在運行：ClientCredentialApi

D:\MyDemos\jesse\ClientCredentialApi

在運行咱們的控制檯應用程序

修正代碼

 

 

繼續代碼，運行結果

這樣access_token就返回了。還有咱們的api/Values裏面輸出的值

 

 

 

D:\MyDemos\jesse\ThirdPartyDemo>dotnet run
Program.cs(11,24): warning CS0618: '「DiscoveryClient」已過期:「This type will be deprecated or changed in a future version. It is recommended that you switch to the new extension methods for HttpClient. They give you much more control over the HttpClient lifetime and configuration. See the docs here: https://identitymodel.readthedocs.io」 [D:\MyDemos\jesse\ThirdPartyDemo\ThirdPartyDemo.csproj]
Program.cs(16,35): warning CS0618: '「TokenClient」已過期:「This type will be deprecated or changed in a future version. It is recommended that you switch to the new extension methods for HttpClient. They give you much more control over the HttpClient lifetime and configuration. See the docs here: https://identitymodel.readthedocs.io」 [D:\MyDemos\jesse\ThirdPartyDemo\ThirdPartyDemo.csproj]
{
  "access_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6ImE3MGZkOGQyYjVjMmVlNDUzMWU1ZGUyNWJmYTViNmE4IiwidHlwIjoiSldUIn0.eyJuYmYiOjE1NTIyNzk3MzAsImV4cCI6MTU1MjI4MzMzMCwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo1MDAwIiwiYXVkIjpbImh0dHA6Ly9sb2NhbGhvc3Q6NTAwMC9yZXNvdXJjZXMiLCJhcGkiXSwiY2xpZW50X2lkIjoiY2xpZW50Iiwic2NvcGUiOlsiYXBpIl19.hPUdUBWxUd2R3xHb4rfGgLFx4Y5KtfK3NFLf3pICzyYnpI8gcfvyzwzWFkY1ZNCwDwq8KVGZsPe_Yu6hRYvlVk8-vsJTXC4W0UJnfEmlFABDfXkao_LlyVZ7ULksg8gZbPje0AVqLtiyKWl66E4iYvsBRfuTBsTVYzStFO4-g2GNsfsyK6rc0iugQo9Gw9hQG3wpumvnq7LJI2SG42GzoGqhWbHvAj5JLvmOY5Mh0ccNR971Z4Q97pp_DXoFSqaLIPfuLN3gD16iQVMzSGMv6tawtpoGZu3XygpOR6T70rXBNTw0StWSdXGyrvI5j3ROKgWy8m9QflzaWr3ElN9Qzw",
  "expires_in": 3600,
  "token_type": "Bearer"
}
["value1","value2"]

 

流程

 

1.先檢測地址是否正常：

2.而後經過tokenClient去拿到咱們的token

 

3.拿到token後用httpClient訪問咱們的API

 

 

這就是經過第三方應用程序代碼的形式，實現了API的token的獲取和api的請求

using System;
using IdentityModel.Client;
using System.Net.Http;

namespace ThirdPartyDemo
{
    class Program
    {
        static void Main(string[] args)
        {
            var diso = DiscoveryClient.GetAsync("http://localhost:5000").Result;
            if (diso.IsError)
            {
                Console.WriteLine(diso.Error);
            }
            var tokenClient = new TokenClient(diso.TokenEndpoint, "client", "secret");
            var tokenResponse = tokenClient.RequestClientCredentialsAsync("api").Result;
            if (tokenResponse.IsError)
            {
                Console.WriteLine(tokenResponse.Error);
            }
            else
            {
                Console.WriteLine(tokenResponse.Json);//輸出返回的json
            }
            //獲取到token 至關於從認證中心拿到了許可 再去訪問 api的程序
            var httpClient = new HttpClient();
            httpClient.SetBearerToken(tokenResponse.AccessToken);
            var respone = httpClient.GetAsync("http://localhost:5001/api/values").Result;
            if (respone.IsSuccessStatusCode)
            {
                Console.WriteLine(respone.Content.ReadAsStringAsync().Result);
            }
            Console.WriteLine();
        }
    }
}