为了测试,我使用发送带有凭据的请求
WebRequest request = WebRequest.Create("url");
request.Credentials = new NetworkCredential("user", "pass");
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
然后使用在其他应用程序上捕捉这些。NET Core的中间件
public async Task Invoke(HttpContext context)
访问context.Request中的请求是成功的,但我仍然在寻找context中的凭据在哪里?
或者还有其他办法?
您应该执行与此处所述类似的操作。凭据编码在Authorization标头中。
bool isAuthenticated;
var base64Header = Request.Headers["Authorization"];
//The header is a string in the form of "Basic [base64 encoded username:password]"
if (base64Header != null)
{
var authHeader = AuthenticationHeaderValue.Parse(base64Header);
if (authHeader != null
&& authHeader.Scheme.Equals("basic", StringComparison.OrdinalIgnoreCase)
&& authHeader.Parameter != null)
{
//Decode the username:password pair
var credentialPair = Encoding.ASCII.GetString(Convert.FromBase64string(authHeader.Parameter));
//Split into pieces
var credentials = credentialPair.Split(new [] {":"}, StringSplitOptions.None);
var userName = credentials[0];
var plainTextPassword = credentials[1];
isAuthenticated = SomeAuthenticator.Authenticate(userName, password);
}
}
if (isAuthenticated)
return Foo();
else
RedirectResult("your login view");