摘要认证返回未经授权

Question

I am trying to authenticate through Digest authentication and the API is returning Unauthorized and when I check the count on cookies I can see cookies are not being passed to the actual request.我正在尝试通过摘要式身份验证进行身份验证，并且 API 返回未授权，当我检查 cookie 计数时，我可以看到 cookie 没有传递给实际请求。 However, I got it to work via postman by getting the cookies first and add it and make a request.但是，我通过邮递员首先获取 cookie 并添加它并提出请求，使其工作。 But, when I do it via the code I am getting unauthorized.但是，当我通过代码执行此操作时，我得到了未经授权的授权。

Please guide me on how I can authenticate using digest authentication type.请指导我如何使用摘要身份验证类型进行身份验证。

This method get the cookies此方法获取cookie

     private RestClient _Client = new RestClient();
     public API()
     {
        _Client = new RestClient(_BaseUrl);
        _Client.Authenticator = _Creds;
        if (_SessionEnabled)
        {
            var request = new RestRequest("admin/getsession", Method.GET);

            IRestResponse response = _Client.Execute(request);
            var content = response.Content;

            _Cookie = response.Cookies;
            SCHelper.CheckLinOTPResponse(response);
            
        }

Adding a session to the actual request将会话添加到实际请求中

   public static RestRequest AddSessionToRequest(RestRequest Request, IList<RestResponseCookie> Cookie, bool SessionEnabled)
    {
        if(SessionEnabled)
        {
            Request.AddQueryParameter("session", Cookie[0].Value);
            Request.AddParameter(Cookie[0].Name, Cookie[0].Value, ParameterType.Cookie);
        }            
        return Request;
    }

This is the method that generates OTP by first authenticating using the Digest authentication mechanism.这是通过首先使用摘要式身份验证机制进行身份验证来生成 OTP 的方法。 It fails here and shows unauthorized.它在这里失败并显示未经授权。

   public string GenerateOtp(string Serial, string User, string Realm)
    {
        try
        {
            string username = "";
            string password = "";

            var client = _Client;
            var credentials = username + ":" + password;
            var base64Credentials = Convert.ToBase64String(Encoding.UTF8.GetBytes(credentials));
            var request = new RestRequest("gettoken/getotp", Method.GET);
            //client.Authenticator = new HttpBasicAuthenticator(username, password); //tried to add this and it didn't work
            request.AddHeader("Authorization", "Digest " + base64Credentials);

            //check session
            request = SCHelper.AddSessionToRequest(request, _Cookie, _SessionEnabled);
            request.AddParameter("user", User, ParameterType.QueryString);
            request.AddParameter("realm", "myRealm", ParameterType.QueryString);
            request.AddParameter("serial", Serial, ParameterType.QueryString);

            IRestResponse response = client.Execute(request);  //This is were it fails.
            SCHelper.CheckLinOTPResponse(response);
            var content = response.Content;
            return content;
        }
        catch (Exception ex)
        {
            throw ex;
        }
    }

Answer 1

I have finally come up with the solution are some battles.我终于想出了解决办法是一些战斗。 I had to add the headers and get cookies from the actual RestRequest call and it connected successfully.我必须添加标头并从实际的 RestRequest 调用中获取 cookie 并成功连接。

        request.AddHeader("Accept", "application/json");
        request.Parameters.Clear();
        request.AddParameter("application/json", request, ParameterType.RequestBody);
        
        request.AddParameter(_Cookie[0].Name, _Cookie[0].Value, ParameterType.Cookie);

摘要认证返回未经授权

问题描述

1 个解决方案

解决方案1
0 2020-10-06 18:01:57

摘要认证返回未经授权

问题描述

1 个解决方案

解决方案1 0 2020-10-06 18:01:57

解决方案1
0 2020-10-06 18:01:57