Я использую RestSharp для отправки запросов к API, который использует аутентификацию токенов на предъявителя. Большинство запросов выполняется должным образом, но существует определенная конечная точка, которая всегда перенаправляет запрос в динамическое расположение. Когда происходит это перенаправление, заголовок авторизации теряется (в зависимости от проекта), что приводит к неверному запросу.
Я кое-что изучил и нашел одну похожую проблему здесь , но созданный мной собственный AuthenticationModule никогда не вызывал функцию Authenticate.
Я пропускаю что-то очевидное в настройке, которое не позволяет использовать модуль аутентификации, или что-то еще происходит?
Мой класс аутентификатора:
public class AdpAuthenticator : IAuthenticator
/// <summary>
/// The current access token for making requests to the API.
/// </summary>
private static string AccessToken { get; set; }
/// <summary>
/// When the current access token expires.
/// </summary>
private static DateTime TokenExpiresOn { get; set; }
private static CredentialCache CredentialCache { get; set; }
/// <summary>
/// Singleton instance for making requests for access tokens.
/// </summary>
private static IRestClient AuthenticationClient { get; set; }
/// <summary>
/// Singleton instance of the request for obtaining access tokens.
/// </summary>
private static IRestRequest AuthenticationRequest { get; set; }
/// <summary>
/// Construct a new AdpAuthenticator.
/// </summary>
/// <param name="adpClientId"></param>
/// <param name="adpClientSecret"></param>
/// <param name="adpCertPath"></param>
public AdpAuthenticator(string adpClientId, string adpClientSecret, string adpCertPath)
if (string.IsNullOrWhiteSpace(adpClientId)) throw new ArgumentNullException("Passed adpClientId was empty or null.");
if (string.IsNullOrWhiteSpace(adpClientSecret)) throw new ArgumentNullException("Passed adpClientSecret was empty or null.");
if (CredentialCache == null)
CredentialCache = new CredentialCache
{new Uri("https://api.adp.com"), "Basic", new NetworkCredential(adpClientId, adpClientSecret) }
if (AuthenticationClient == null)
X509Certificate2Collection certificateCollection;
X509Certificate2 certificate = new X509Certificate2(adpCertPath);
certificateCollection = new X509Certificate2Collection
AuthenticationClient = new RestClient("https://api.adp.com")
ClientCertificates = certificateCollection,
Authenticator = new HttpBasicAuthenticator(adpClientId, adpClientSecret)
AuthenticationClient.UseSerializer(new JsonNetSerializer());
if (AuthenticationRequest == null)
AuthenticationRequest = new RestRequest("auth/oauth/v2/token", Method.POST)
Credentials = CredentialCache
AuthenticationRequest.AddOrUpdateParameter("grant_type", "client_credentials", ParameterType.QueryString);
RegisterAuthenticationModule(new Uri("https://api.adp.com/"));
/// <summary>
/// Authenticate a request.
/// </summary>
/// <param name="client"></param>
/// <param name="request"></param>
public void Authenticate(IRestClient client, IRestRequest request)
//If accessToken is null or expired, get a new one.
if (!HasValidToken())
//request.AddOrUpdateParameter("Authorization", AccessToken, ParameterType.HttpHeader);
//var newCache = new CredentialCache
// {new Uri("https://api.adp.com/"), "Bearer", new NetworkCredential(AccessToken, "") }
var newCache = new CredentialCache();
newCache.Add(new Uri("https://api.adp.com/"), AdpAuthenticationModule.TheAuthenticationType, new NetworkCredential(AccessToken, ""));
request.Credentials = newCache;
//request.AddOrUpdateParameter("Authorization", "Bearer " + AccessToken, ParameterType.HttpHeader);
private void RefreshAccessToken()
var response = AuthenticationClient.Execute<AuthorizationResponse>(AuthenticationRequest);
if (response.StatusCode != System.Net.HttpStatusCode.OK)
throw new FailedAuthenticationException($"Authentication failed to refresh access token, returned with code {response.StatusCode}. Content: \"{response.Content}\".", null);
if (string.IsNullOrWhiteSpace(response.Data.access_token))
throw new Exception("Error: response returned during access token refresh gave Status 200 OK, but access_token returned was null or whitespace.");
AccessToken = response.Data.access_token;
if (response.Data.expires_in <= 0)
throw new Exception("Error: response returned during access token refresh gave Status 200 OK, but expires_in value returned was <=0.");
TokenExpiresOn = DateTime.Now.AddSeconds(response.Data.expires_in);
catch (FailedAuthenticationException)
catch (Exception e)
throw new FailedAuthenticationException($"Authentication failed to refresh access token, see inner exception details.", e);
/// <summary>
/// Returns whether the current access token is valid.
/// </summary>
/// <returns>False if token is null or has 10 or less minutes until expiry; else returns true.</returns>
public bool HasValidToken()
return !string.IsNullOrEmpty(AccessToken) && DateTime.Now.CompareTo(TokenExpiresOn.AddMinutes(-10.0)) < 0;
private static AdpAuthenticationModule RegisterAuthenticationModule(Uri loginServerUrl)
var registeredModules = AuthenticationManager.RegisteredModules;
AdpAuthenticationModule authenticationModule;
while (registeredModules.MoveNext())
object current = registeredModules.Current;
if (current is AdpAuthenticationModule)
authenticationModule = (AdpAuthenticationModule)current;
if (authenticationModule.LoginServerUrl.Equals(loginServerUrl))
return authenticationModule;
authenticationModule = new AdpAuthenticationModule(loginServerUrl);
return authenticationModule;
Мой пользовательский модуль аутентификации:
public class AdpAuthenticationModule : IAuthenticationModule
/// <summary>
/// The name of the custom authentication type.
/// </summary>
public string AuthenticationType => TheAuthenticationType;
public static string TheAuthenticationType => "AdpAuthentication";
/// <summary>
/// Returns false, as this IAuthenticationModule cannot pre-authenticate.
/// </summary>
public bool CanPreAuthenticate => false;
private readonly CredentialCache credentialCache = new CredentialCache();
private readonly Uri loginServerUrl;
internal CredentialCache CredentialCache
return credentialCache;
internal Uri LoginServerUrl
return loginServerUrl;
internal AdpAuthenticationModule(Uri loginServerUrl)
this.loginServerUrl = loginServerUrl ?? throw new ArgumentNullException("AdpAuthenticationModule.loginServerUrl");
/// <summary>
/// Builds and returns a <see cref="Authorization"/> object for a request.
/// </summary>
/// <param name="challenge"></param>
/// <param name="request"></param>
/// <param name="credentials"></param>
/// <returns></returns>
public Authorization Authenticate(string challenge, WebRequest request, ICredentials credentials)
Authorization result = null;
if (request != null && credentials != null)
NetworkCredential creds = credentials.GetCredential(LoginServerUrl, AuthenticationType);
if (creds == null)
return null;
ICredentialPolicy policy = AuthenticationManager.CredentialPolicy;
if (policy != null && !policy.ShouldSendCredential(LoginServerUrl, request, creds, this))
return null;
string token = Convert.ToBase64String(Encoding.UTF8.GetBytes(creds.UserName));
result = new Authorization(string.Format("Bearer {0}", token));
return result;
/// <summary>
/// Returns null, since this IAuthenticationModule cannot pre-authenticate.
/// </summary>
/// <param name="request"></param>
/// <param name="credentials"></param>
/// <returns></returns>
public Authorization PreAuthenticate(WebRequest request, ICredentials credentials)
return null;