View and Data API tips: 缓存Access Token

对于云API服务，常见的方式就是按照API调用次数收费，某些API调用也就有某些限制，比如在特定时间内只允许调用指定的次数以免造成滥用。虽然Autodesk的view and Data API目前还没有应用这样的限制，但我们最好也能实现这样的机制，比如对于或者Access Token

对于云API服务，常见的方式就是按照API调用次数收费，某些API调用也就有某些限制，比如在特定时间内只允许调用指定的次数以免造成滥用。虽然Autodesk的view and Data API目前还没有应用这样的限制，但我们最好也能实现这样的机制，比如对于或者Access Token这样的操作，一个Access Token是有一定的有效期的，在这个token的有效期内，我们就没必要重复发出API调用获取新的Acces Token，只有返回仍然有效的token就可以了。下面是c#实现的简单的逻辑，用一个全局静态变量来缓存Access Token：

<span>public</span> <span>class</span> <span>Util</span><br>{<br>    <span>private</span> <span>static</span> <span>readonly</span> <span>ILog</span> logger = <span>LogManager</span>.GetLogger(<span>typeof</span>(<span>Util</span>));<br> <br>    <span>string</span> baseUrl = <span>""</span>;<br>    <span>RestClient</span> m_client;<br><br> <br>    <span>public</span> <span>static</span> <span>AccessToken</span> token;<br>    <span>public</span> <span>static</span> <span>DateTime</span> issueDateTime;<br>    <span>//refresh token if the token is about to expire in 5 seconds</span><br>    <span>public</span> <span>static</span> <span>int</span> ABOUT_EXPIRED_SECONDS = 5;<br> <br><br>    <span>public</span> Util(<span>string</span> baseUrl)<br>    {<br>        <span>this</span>.baseUrl = baseUrl;<br>        m_client = <span>new</span> <span>RestClient</span>(baseUrl);<br>    }<br> <br>    <span>public</span> <span>AccessToken</span> GetAccessToken(<span>string</span> clientId, <span>string</span> clientSecret)<br>    {<br>        <span>//no token or token is going to be expired </span><br>        <span>// (less than ABOUT_EXPIRED_SECONDS)</span><br> <br>        <span>if</span> (token == <span>null</span><br>            || (<span>DateTime</span>.Now - issueDateTime).TotalSeconds<br>                > (token.expires_in - ABOUT_EXPIRED_SECONDS))<br>        {<br>            <span>RestRequest</span> req = <span>new</span> <span>RestRequest</span>();<br>            req.Resource = <span>"authentication/v1/authenticate"</span>;<br>            req.Method = <span>Method</span>.POST;<br>            req.AddHeader(<span>"Content-Type"</span>, <span>"application/x-www-form-urlencoded"</span>);<br>            req.AddParameter(<span>"client_id"</span>, clientId);<br>            req.AddParameter(<span>"client_secret"</span>, clientSecret);<br>            req.AddParameter(<span>"grant_type"</span>, <span>"client_credentials"</span>);<br>            <span>//avoid CORS issue, do not use this if you just need to get access token from same domain<br></span><br>            req.AddHeader(<span>"Access-Control-Allow-Origin"</span>, <span>"*"</span>);<br> <br>            <span>IRestResponse</span>AccessToken> resp = m_client.ExecuteAccessToken>(req);<br>            logger.Debug(resp.Content);<br> <br>            <span>if</span> (resp.StatusCode == System.Net.<span>HttpStatusCode</span>.OK)<br>            {<br>                <span>AccessToken</span> ar = resp.Data;<br>                <span>if</span> (ar != <span>null</span>)<br>                {<br>                    token = ar;<br> <br>                    <span>//update the token issue time</span><br>                    issueDateTime = <span>DateTime</span>.Now;<br> <br> <br>                }<br>            }<br>            <span>else</span><br>            {<br> <br>                logger.Fatal(<span>"Authentication failed! clientId:"</span> + clientId);<br> <br>            }<br> <br>        }<br>        <span>else</span><br>        {<br>            ;<span>//Do nothing, use the saved access token in static var </span><br>        }<br> <br>        <span>return</span> token;<br>    }<br> <br> <br>    }

 

当然，根据需要你可以选择其他的方式，比如把token保存在数据库中，或者memcache中。