Last active
February 25, 2020 04:23
-
-
Save daisukenishino2/4f8d7ba38a3041acaf2d10cf13050bb9 to your computer and use it in GitHub Desktop.
汎用認証サイトのAuthorization Code Flowをキャプチャする。
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ほげほげ |
キャプチャの方法
概要
以下に書いたような形で、
HttpClientの類の使い方 - マイクロソフト系技術情報 Wiki
HttpClientクラス > ポイント > デバッグ・プロシキを通す。
https://techinfoofmicrosofttech.osscons.jp/index.php?HttpClient%E3%81%AE%E9%A1%9E%E3%81%AE%E4%BD%BF%E3%81%84%E6%96%B9#o2f9ed91
バックエンドWebAPIへのHTTPキャプチャができます。
汎用認証サイトの設定
以下のように変更すると、キャプチャを取得可能になります。
Helper.cs
this._oAuthHttpClient = HttpClientBuilder(EnumProxyType.Intranet);
↓ ↓ ↓
this._oAuthHttpClient = HttpClientBuilder(EnumProxyType.Debug);
appsettings.json
"DebugProxyURL": "http://localhost:8888/",
↓ ↓ ↓
"DebugProxyURL": "http://hogehoge:8888/",
※ Fiddlerの問題でhostsファイルでlocalhostを別名に変更する必要がある。
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
キャプチャ結果
少々、古いバージョンのキャプチャなので、
現在のモノとは、エンドポイント名などが違うカモ。
認可
リクエスト
GET http://hogehoge/MultiPurposeAuthSite/Account/OAuthAuthorize?client_id=67d328bfe8604aae83fb15fa44780d8b&response_type=code&scope=profile%20email%20phone%20address&state=7qhho1Uoe3
HTTP/1.1
Host: hogehoge
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3
Referer: http://localhost/MultiPurposeAuthSite/
Accept-Encoding: gzip, deflate
Accept-Language: ja,en-US;q=0.9,en;q=0.8
レスポンス
HTTP/1.1 302 Found
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: -1
Location: http://hogehoge/MultiPurposeAuthSite/Account/OAuthAuthorizationCodeGrantClient?code=10245b1583bf4c6787ce2e9092a5f4843ac3117a4704491e8aeed00eb3dd04e7&state=7qhho1Uoe3
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 02 Dec 2019 08:53:30 GMT
Content-Length: 0
GET http://hogehoge/MultiPurposeAuthSite/Account/OAuthAuthorizationCodeGrantClient?code=10245b1583bf4c6787ce2e9092a5f4843ac3117a4704491e8aeed00eb3dd04e7&state=7qhho1Uoe3 HTTP/1.1
Host: hogehoge
Connection: keep-alive
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3
Referer: http://hogehoge/MultiPurposeAuthSite/Account/OAuthAuthorize?client_id=67d328bfe8604aae83fb15fa44780d8b&response_type=code&scope=profile%20email%20phone%20address&state=7qhho1Uoe3
Accept-Encoding: gzip, deflate
Accept-Language: ja,en-US;q=0.9,en;q=0.8
Cookie: SessionTimeOut=; _RequestVerificationToken_L011bHRpUHVycG9zZUF1dGhTaXRlMA2=vQMlVGXfH3LCEU0djFwqjTkS_HHDbYNVJnfSlQuW1Ym6oWnRiXr-emYd6lIZENQds8tOnCrjIQbG0sGTIOj0bAChX566U1EZ5Z5AdLWW3Y1; .AspNet.ApplicationCookie=4QiEZOoN_uDRsLaRAOSs9K620oEyanGO3fJ672eiyCTOPb5UvWmeMy6ZW6QDP4I_AgfOwUqYEIU1YgYo2-hUg2gTtgHCAJdvUm9xy13rGxaHzh5zncy9p3ueIAjhZuCOGgmMP63pWl4QnhNTMGRLfeQ8JZo1cS4G_yYEA4rEYyAeHt3G2yGInvq2qYMVoFy7s2IRTCMESDcD152aJ9Ha8qvyh7dU_4x5w1gSHD8lo4SJeEGDHEIiKKPu_pzOvn03sV4s4nojm7Ais5fWXVXHcTe6VUqx3lxhrch-Z93MGHtQmxqdl8u_Uyqx_qOK-NbeuY9tMnWf6KpkexWL_6iBdVNJm8q2Qx_K9gIeywSNvtihlkNd67e2pn7DTsqx8gSeNJ_ihk1F7F7n-FMG6J5RElk7TrmmMjfZ3seS6tfkfZA5FLksybiIY_JT4v0QVH1AD-5ApvKJ6_DuOxa0TlFt84-Qxt4IY6GpjfgAcEmsdKAKLxSkHhkTK2FKSGc4n6ZNgtq_bvzy2AMoUQ1gOw9IBoNRTUQXamcZOevFdU0hNda2yXUvKS9DpTLMpflXHrOM; ASP.NET_SessionId=tbb4i4khrve5fpkc1htnepjx
Token
リクエスト
POST http://hogehoge/MultiPurposeAuthSite/OAuthBearerToken HTTP/1.1
Authorization: Basic NjdkMzI4YmZlODYwNGFhZTgzZmIxNWZhNDQ3ODBkOGI6c19GaGp1alhHMFU2a0FELWM0UzVpZmlLZEFncUZvaWxfVXhLdU5fVXI1MA==
Content-Type: application/x-www-form-urlencoded
Host: hogehoge
Content-Length: 204
Expect: 100-continue
Connection: Keep-Alive
grant_type=authorization_code&code=10245b1583bf4c6787ce2e9092a5f4843ac3117a4704491e8aeed00eb3dd04e7&redirect_uri=http%3A%2F%2Fhogehoge%2FMultiPurposeAuthSite%2FAccount%2FOAuthAuthorizationCodeGrantClient
レスポンス
HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: application/json;charset=UTF-8
Expires: -1
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Mon, 02 Dec 2019 08:53:31 GMT
Content-Length: 859
{"access_token":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwOi8vand0c3NvYXV0aC5vcGVudG91cnlvLmNvbSIsImF1ZCI6IjY3ZDMyOGJmZTg2MDRhYWU4M2ZiMTVmYTQ0NzgwZDhiIiwibm9uY2UiOiI3cWhobzFVb2UzIiwic3ViIjoiNGRmNjRkNTUtMzk4My00NjMyLWE5ZDMtMzk4MTVlYjJlMzNlIiwidXVpZCI6IjRkZjY0ZDU1LTM5ODMtNDYzMi1hOWQzLTM5ODE1ZWIyZTMzZSIsImlhdCI6IjE1NzUyNzY4MTEiLCJleHAiOiIxNTc1Mjk4NDExIiwiZ2l2ZW5fbmFtZSI6bnVsbCwiZmFtaWx5X25hbWUiOm51bGwsImVtYWlsIjoiZGFpc3VrZS5uaXNoaW5vLnpnQGhpdGFjaGktc29sdXRpb25zLmNvbSIsImVtYWlsX3ZlcmlmaWVkIjoiVHJ1ZSIsInBob25lX251bWJlciI6IiIsInBob25lX251bWJlcl92ZXJpZmllZCI6IkZhbHNlIiwic2NvcGVzIjpbInByb2ZpbGUiLCJlbWFpbCIsInBob25lIiwiYWRkcmVzcyJdfQ.PWxWhNv2BQXETGhhciw-csMtxGm2Hy36Bz3UiM7wRfZtdQsMDK91CTjyTvh5DsoBMOEX7VJSVWGam9uXmCld_qSqeXu_PD60AEVE5Wipe1z4zIqMcOlEe8I9U6MzY35BoCYpxfVHocsbO5e3Ji-GASVdCHysXFqcXIo1E1vlleY","token_type":"bearer","expires_in":21599}
Userinfo
リクエスト
GET http://hogehoge/MultiPurposeAuthSite/userinfo HTTP/1.1
Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwOi8vand0c3NvYXV0aC5vcGVudG91cnlvLmNvbSIsImF1ZCI6IjY3ZDMyOGJmZTg2MDRhYWU4M2ZiMTVmYTQ0NzgwZDhiIiwibm9uY2UiOiI3cWhobzFVb2UzIiwic3ViIjoiNGRmNjRkNTUtMzk4My00NjMyLWE5ZDMtMzk4MTVlYjJlMzNlIiwidXVpZCI6IjRkZjY0ZDU1LTM5ODMtNDYzMi1hOWQzLTM5ODE1ZWIyZTMzZSIsImlhdCI6IjE1NzUyNzY4MTEiLCJleHAiOiIxNTc1Mjk4NDExIiwiZ2l2ZW5fbmFtZSI6bnVsbCwiZmFtaWx5X25hbWUiOm51bGwsImVtYWlsIjoiZGFpc3VrZS5uaXNoaW5vLnpnQGhpdGFjaGktc29sdXRpb25zLmNvbSIsImVtYWlsX3ZlcmlmaWVkIjoiVHJ1ZSIsInBob25lX251bWJlciI6IiIsInBob25lX251bWJlcl92ZXJpZmllZCI6IkZhbHNlIiwic2NvcGVzIjpbInByb2ZpbGUiLCJlbWFpbCIsInBob25lIiwiYWRkcmVzcyJdfQ.PWxWhNv2BQXETGhhciw-csMtxGm2Hy36Bz3UiM7wRfZtdQsMDK91CTjyTvh5DsoBMOEX7VJSVWGam9uXmCld_qSqeXu_PD60AEVE5Wipe1z4zIqMcOlEe8I9U6MzY35BoCYpxfVHocsbO5e3Ji-GASVdCHysXFqcXIo1E1vlleY
Host: hogehoge
Connection: Keep-Alive
レスポンス
HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: application/json; charset=utf-8
Expires: -1
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 02 Dec 2019 08:55:20 GMT
Content-Length: 254
{"sub":"4df64d55-3983-4632-a9d3-39815eb2e33e","uuid":"4df64d55-3983-4632-a9d3-39815eb2e33e","given_name":null,"family_name":null,"email":"nishi_74322014@ksj.biglobe.ne.jp","email_verified":"True","phone_number":"","phone_number_verified":"False"}