Skip to content

Commit

Permalink
Fix authenticator docs
Browse files Browse the repository at this point in the history
  • Loading branch information
alexeyzimarev committed May 10, 2023
1 parent 2facbeb commit cc44c36
Show file tree
Hide file tree
Showing 3 changed files with 53 additions and 17 deletions.
65 changes: 52 additions & 13 deletions docs/authenticators.md
Original file line number Diff line number Diff line change
@@ -1,15 +1,36 @@
# Authenticators

RestSharp includes authenticators for basic HTTP (Authorization header),
NTLM and parameter-based systems.
RestSharp includes authenticators for basic HTTP, OAuth1 and token-based (JWT and OAuth2).

There are two ways to set the authenticator: client-wide or per-request.

Set the client-wide authenticator by assigning the `Authenticator` property of `RestClientOptions`:

```csharp
var options = new RestClientOptions("http://example.com") {
Authenticator = new HttpBasicAuthenticator("username", "password")
};
var client = new RestClient(options);
```

To set the authenticator per-request, assign the `Authenticator` property of `RestRequest`:

```csharp
var request = new RestRequest("/api/users/me") {
Authenticator = new HttpBasicAuthenticator("username", "password")
};
var response = await client.ExecuteAsync(request, cancellationToken);
```

## Basic Authentication

The `HttpBasicAuthenticator` allows you pass a username and password as a basic `Authorization` header using a base64 encoded string.

```csharp
var client = new RestClient("http://example.com");
client.Authenticator = new HttpBasicAuthenticator("username", "password");
var options = new RestClientOptions("http://example.com") {
Authenticator = new HttpBasicAuthenticator("username", "password")
};
var client = new RestClient(options);
```

## OAuth1
Expand All @@ -21,23 +42,29 @@ For OAuth1 authentication the `OAuth1Authenticator` class provides static method
This method requires a `consumerKey` and `consumerSecret` to authenticate.

```csharp
var client = new RestClient("http://example.com");
client.Authenticator = OAuth1Authenticator.ForRequestToken(consumerKey, consumerSecret);
var options = new RestClientOptions("http://example.com") {
Authenticator = OAuth1Authenticator.ForRequestToken(consumerKey, consumerSecret)
};
var client = new RestClient(options);
```

### Access token

This method retrieves an access token when provided `consumerKey`, `consumerSecret`, `oauthToken`, and `oauthTokenSecret`.

```csharp
client.Authenticator = OAuth1Authenticator.ForAccessToken(
var authenticator = OAuth1Authenticator.ForAccessToken(
consumerKey, consumerSecret, oauthToken, oauthTokenSecret
);
var options = new RestClientOptions("http://example.com") {
Authenticator = authenticator
};
var client = new RestClient(options);
```

This method also includes an optional parameter to specify the `OAuthSignatureMethod`.
```csharp
client.Authenticator = OAuth1Authenticator.ForAccessToken(
var authenticator = OAuth1Authenticator.ForAccessToken(
consumerKey, consumerSecret, oauthToken, oauthTokenSecret,
OAuthSignatureMethod.PlainText
);
Expand All @@ -48,7 +75,7 @@ client.Authenticator = OAuth1Authenticator.ForAccessToken(
The same access token authenticator can be used in 0-legged OAuth scenarios by providing `null` for the `consumerSecret`.

```csharp
client.Authenticator = OAuth1Authenticator.ForAccessToken(
var authenticator = OAuth1Authenticator.ForAccessToken(
consumerKey, null, oauthToken, oauthTokenSecret
);
```
Expand All @@ -64,9 +91,13 @@ RestSharp has two very simple authenticators to send the access token as part of
For example:

```csharp
client.Authenticator = new OAuth2AuthorizationRequestHeaderAuthenticator(
var authenticator = new OAuth2AuthorizationRequestHeaderAuthenticator(
token, "Bearer"
);
var options = new RestClientOptions("http://example.com") {
Authenticator = authenticator
};
var client = new RestClient(options);
```

The code above will tell RestSharp to send the bearer token with each request as a header. Essentially, the code above does the same as the sample for `JwtAuthenticator` below.
Expand All @@ -79,6 +110,10 @@ The JWT authentication can be supported by using `JwtAuthenticator`. It is a ver

```csharp
var authenticator = new JwtAuthenticator(myToken);
var options = new RestClientOptions("http://example.com") {
Authenticator = authenticator
};
var client = new RestClient(options);
```

For each request, it will add an `Authorization` header with the value `Bearer <your token>`.
Expand All @@ -91,10 +126,14 @@ You can write your own implementation by implementing `IAuthenticator` and
registering it with your RestClient:

```csharp
var client = new RestClient();
client.Authenticator = new SuperAuthenticator(); // implements IAuthenticator
var authenticator = new SuperAuthenticator(); // implements IAuthenticator
var options = new RestClientOptions("http://example.com") {
Authenticator = authenticator
};
var client = new RestClient(options);
```

The `Authenticate` method is the very first thing called upon calling `RestClient.Execute` or `RestClient.Execute<T>`. The `Authenticate` method is passed the `RestRequest` currently being executed giving you access to every part of the request data (headers, parameters, etc.)
The `Authenticate` method is the very first thing called upon calling `RestClient.Execute` or `RestClient.Execute<T>`.
It gets the `RestRequest` currently being executed giving you access to every part of the request data (headers, parameters, etc.)

You can find an example of a custom authenticator that fetches and uses an OAuth2 bearer token [here](usage.md#authenticator).
2 changes: 1 addition & 1 deletion docs/v107/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,7 @@ request.AddHeader("Content-Type", "application/json");
request.AddHeader("Accept", "application/json");
```

This is completely unnecessary, and often harmful. The `Content-Type` header is the content header, not the request header. It might be different per individual part of the body when using multipart-form data, for example. RestSharp sets the correct content-type header automatically, based on your body format, so don't override it.
This is **completely unnecessary**, and often harmful. The `Content-Type` header is the content header, not the request header. It might be different per individual part of the body when using multipart-form data, for example. RestSharp sets the correct content-type header automatically, based on your body format, so don't override it.
The `Accept` header is set by RestSharp automatically based on registered serializers. By default, both XML and JSON are supported. Only change the `Accept` header if you need something else, like binary streams, or plain text.

### Making requests
Expand Down
3 changes: 0 additions & 3 deletions src/RestSharp/RestClient.Extensions.cs
Original file line number Diff line number Diff line change
Expand Up @@ -102,9 +102,6 @@ public static async Task<RestResponse<T>> ExecuteAsync<T>(
RestRequest request,
CancellationToken cancellationToken = default
) {
if (request == null)
throw new ArgumentNullException(nameof(request));

var response = await client.ExecuteAsync(request, cancellationToken).ConfigureAwait(false);
return client.Serializers.Deserialize<T>(request, response, client.Options);
}
Expand Down

0 comments on commit cc44c36

Please sign in to comment.