[英]C# HttpClient POST requests from Azure Function with Authorization tag intended for third-party API are stripped of Headers and Body
I was able to get a working request posted.我能够发布工作请求。 The third-party API has us sending the Token (which is basically a Guid) as a bearer token.
第三方 API 让我们发送令牌(基本上是 Guid)作为不记名令牌。 Azure appears to do some sort of pre-validation on this.
Azure 似乎对此进行了某种预验证。 When I swapped out the GUID with a true randomly generated bearer token, it worked.
当我用真正随机生成的不记名令牌换出 GUID 时,它起作用了。
I do still wonder if there's a way to disable this check-in Azure.我仍然想知道是否有办法禁用此签入 Azure。 The "bad" Bearer token works for GET requests but fails for POST/PUT requests.
“坏”承载令牌适用于 GET 请求,但无法用于 POST/PUT 请求。
Summary of the Application We have Azure Functions (ie, Time Trigger, Orchestrator, Activities) that look for items in an on-prem queue table in SQL and then POST it to a third-party API via JSON.应用程序摘要我们有 Azure Functions(即时间触发器、Orchestrator、Activities),它们在 SQL 中查找本地队列表中的项目,然后通过 JSON 将其发布到第三方 API。
The third-party API requires an Authorization header with the POST request.第三方 API 需要带有 POST 请求的 Authorization 标头。
Technical Overview技术概述
Additional Information附加信息
What works All of the GET requests.什么有效所有 GET 请求。 No issues at all.
完全没有问题。
What doesn't work POST requests.什么不起作用POST 请求。 I proxied the requests to a beeceptor to see exactly what was being received.
我将请求代理给了一个 Beeceptor,以准确查看收到的内容。 When the Authorization header is included most of the headers are stripped (Ie, Content-Type, Content-Length) and the Body of the request is blank.
当包含 Authorization 标头时,大部分标头都会被剥离(即 Content-Type、Content-Length)并且请求的正文为空白。
If I removed the Authorization header then all headers and body are received as expected.如果我删除了 Authorization 标头,则按预期接收所有标头和正文。
Question I can only assume at this point that some Azure service, pre-flight check, security policy is intercepting the Authorization header thinking it's intended for "itself", but I have absolutely no idea what it could be.问题此时我只能假设某些 Azure 服务、飞行前检查、安全策略正在拦截 Authorization 标头,认为它是用于“自身”的,但我完全不知道它可能是什么。 I've been on Google now for days.
我已经在谷歌上呆了好几天了。
Simplified Version of Code代码的简化版
using var client = new HttpClient();
client.DefaultRequestHeaders.Clear();
// Request params are dynamic and a helper method builds the full request path
var path = PathBuilder(queueItem.RequestParams, queueItem.Request.UrlPath);
// This can change in code not shown if the request is sending files
var contentType = "application/json";
client.BaseAddress = new Uri(queueItem.Request.Client.BaseApiUrl);
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
client.DefaultRequestHeaders.CacheControl = new CacheControlHeaderValue { NoCache = true };
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", queueItem.Request.Client.AuthToken);
// queueItem.Data is JSON
HttpContent json = new StringContent(queueItem.Data, Encoding.UTF8, contentType);
return await client.PostAsync(path, json);
Also...还...
Given all that you've tried, it might be a long shot, but have you tried to add the token like client.DefaultRequestHeaders.TryAddWithoutValidation(“Authorization”, “bearer token here…”);鉴于您已经尝试过的所有内容,这可能是一个长期的尝试,但是您是否尝试过添加像 client.DefaultRequestHeaders.TryAddWithoutValidation(“Authorization”, “bearer token here...”); 这样的令牌? and then check whether the try succeeded or not?
然后检查尝试是否成功?
The solution to the problem?问题的解决方案? Don't neglect unit tests even at the DB layer.
即使在 DB 层也不要忽视单元测试。 In short, the issue doesn't have to do with Azure, but more so with how the data was (or wasn't) fed to it.
简而言之,该问题与 Azure 无关,而与数据如何(或未)馈入它有关。
Thank you to everyone who provided insight and suggestions.感谢所有提供见解和建议的人。 All of you helped me work towards a solution through the process of elimination.
你们都帮助我通过淘汰的过程寻找解决方案。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.