10.第三方ClientCredential模式调用

10.第三方ClientCredential模式调用

 

IdentityModel的官方文档：

https://identitymodel.readthedocs.io/en/latest/index.html

 

ThirdPartyDemo

建立第三方的应用程序，至关于它来请求咱们的API

建立控制台的应用程序

dotnet new console --name ThirdPartyDemo：常见控制台程序ThirdPartyDemo

 

添加nuget包：IdentityModel

 

首先咱们须要访问如下这个IdentityServer,是否能够来实现

 

 

 

 

 

 

 

运行测试

运行：IdentityServerSample

D:\MyDemos\jesse\IdentityServerSample\IdentityServerCenter

在运行：ClientCredentialApi

D:\MyDemos\jesse\ClientCredentialApi

在运行咱们的控制台应用程序

修正代码

 

 

继续代码，运行结果

这样access_token就返回了。还有咱们的api/Values里面输出的值

 

 

 

D:\MyDemos\jesse\ThirdPartyDemo>dotnet run
Program.cs(11,24): warning CS0618: '“DiscoveryClient”已过期:“This type will be deprecated or changed in a future version. It is recommended that you switch to the new extension methods for HttpClient. They give you much more control over the HttpClient lifetime and configuration. See the docs here: https://identitymodel.readthedocs.io” [D:\MyDemos\jesse\ThirdPartyDemo\ThirdPartyDemo.csproj]
Program.cs(16,35): warning CS0618: '“TokenClient”已过期:“This type will be deprecated or changed in a future version. It is recommended that you switch to the new extension methods for HttpClient. They give you much more control over the HttpClient lifetime and configuration. See the docs here: https://identitymodel.readthedocs.io” [D:\MyDemos\jesse\ThirdPartyDemo\ThirdPartyDemo.csproj]
{
  "access_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6ImE3MGZkOGQyYjVjMmVlNDUzMWU1ZGUyNWJmYTViNmE4IiwidHlwIjoiSldUIn0.eyJuYmYiOjE1NTIyNzk3MzAsImV4cCI6MTU1MjI4MzMzMCwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo1MDAwIiwiYXVkIjpbImh0dHA6Ly9sb2NhbGhvc3Q6NTAwMC9yZXNvdXJjZXMiLCJhcGkiXSwiY2xpZW50X2lkIjoiY2xpZW50Iiwic2NvcGUiOlsiYXBpIl19.hPUdUBWxUd2R3xHb4rfGgLFx4Y5KtfK3NFLf3pICzyYnpI8gcfvyzwzWFkY1ZNCwDwq8KVGZsPe_Yu6hRYvlVk8-vsJTXC4W0UJnfEmlFABDfXkao_LlyVZ7ULksg8gZbPje0AVqLtiyKWl66E4iYvsBRfuTBsTVYzStFO4-g2GNsfsyK6rc0iugQo9Gw9hQG3wpumvnq7LJI2SG42GzoGqhWbHvAj5JLvmOY5Mh0ccNR971Z4Q97pp_DXoFSqaLIPfuLN3gD16iQVMzSGMv6tawtpoGZu3XygpOR6T70rXBNTw0StWSdXGyrvI5j3ROKgWy8m9QflzaWr3ElN9Qzw",
  "expires_in": 3600,
  "token_type": "Bearer"
}
["value1","value2"]

 

流程

 

1.先检测地址是否正常：

2.而后经过tokenClient去拿到咱们的token

 

3.拿到token后用httpClient访问咱们的API

 

 

这就是经过第三方应用程序代码的形式，实现了API的token的获取和api的请求

using System;
using IdentityModel.Client;
using System.Net.Http;

namespace ThirdPartyDemo
{
    class Program
    {
        static void Main(string[] args)
        {
            var diso = DiscoveryClient.GetAsync("http://localhost:5000").Result;
            if (diso.IsError)
            {
                Console.WriteLine(diso.Error);
            }
            var tokenClient = new TokenClient(diso.TokenEndpoint, "client", "secret");
            var tokenResponse = tokenClient.RequestClientCredentialsAsync("api").Result;
            if (tokenResponse.IsError)
            {
                Console.WriteLine(tokenResponse.Error);
            }
            else
            {
                Console.WriteLine(tokenResponse.Json);//输出返回的json
            }
            //获取到token 至关于从认证中心拿到了许可 再去访问 api的程序
            var httpClient = new HttpClient();
            httpClient.SetBearerToken(tokenResponse.AccessToken);
            var respone = httpClient.GetAsync("http://localhost:5001/api/values").Result;
            if (respone.IsSuccessStatusCode)
            {
                Console.WriteLine(respone.Content.ReadAsStringAsync().Result);
            }
            Console.WriteLine();
        }
    }
}