【发布时间】:2019-12-18 22:09:25
【问题描述】:
我使用 ASP.NET Core 2.1 创建了一个 API 服务器。其中一个步骤涉及使用 DocuSign API 授予 OAuth 代码。
当我进入登录路由时,服务器对用户的身份验证非常好,身份验证令牌存在于响应中,用户可以做他们需要做的一切。 但是,在用户第一次“登录”(或者如果他们已清除缓存)时,当 DocuSign 已登录用户并将其返回到回调 URL 时,将引发 500 错误。
Startup.cs
.AddOAuth("DocuSign", options =>
{
options.ClientId = Configuration["ApplicationSettings:ConnectionSettings:DocuSign:ClientID"];
options.ClientSecret = Configuration["ApplicationSettings:ConnectionSettings:DocuSign:SecretKey"];
options.CallbackPath = new PathString("/ds/callback");
options.AuthorizationEndpoint = Configuration["ApplicationSettings:ConnectionSettings:DocuSign:AuthorizationEndpoint"];
options.TokenEndpoint = Configuration["ApplicationSettings:ConnectionSettings:DocuSign:TokenEndpoint"];
options.UserInformationEndpoint = Configuration["ApplicationSettings:ConnectionSettings:DocuSign:UserInformationEndpoint"];
options.Scope.Add("signature");
options.SaveTokens = true;
options.ClaimActions.Clear();
options.ClaimActions.MapJsonKey(ClaimTypes.NameIdentifier, "sub");
options.ClaimActions.MapJsonKey(ClaimTypes.Name, "name");
options.ClaimActions.MapJsonKey("accounts", "accounts");
options.ClaimActions.MapCustomJson("account_id", obj => ExtractDefaultAccountValue(obj, "account_id"));
options.ClaimActions.MapCustomJson("account_name", obj => ExtractDefaultAccountValue(obj, "account_name"));
options.ClaimActions.MapCustomJson("base_uri", obj => ExtractDefaultAccountValue(obj, "base_uri"));
options.ClaimActions.MapJsonKey("access_token", "access_token");
options.ClaimActions.MapJsonKey("refresh_token", "refresh_token");
options.ClaimActions.MapJsonKey("expires_in", "expires_in");
options.Events = new OAuthEvents
{
OnCreatingTicket = async context =>
{
var request = new HttpRequestMessage(HttpMethod.Get, context.Options.UserInformationEndpoint);
request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", context.AccessToken);
var response = await context.Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, context.HttpContext.RequestAborted);
response.EnsureSuccessStatusCode();
var user = JObject.Parse(await response.Content.ReadAsStringAsync());
user.Add("access_token", context.AccessToken);
user.Add("refresh_token", context.RefreshToken);
user.Add("expires_in", DateTime.Now.Add(context.ExpiresIn.Value).ToString());
context.RunClaimActions(user);
context.Response.Redirect("/api/values");
},
OnRemoteFailure = context =>
{
context.HandleResponse();
context.Response.StatusCode = 500;
Console.WriteLine(context.Failure.ToString());
return Task.FromResult(0);
},
};
});
OAuth 抛出的错误是:
Error from RemoteAuthentication: The oauth state is missing or invalid..
我使用 Fiddler 检查了请求参数,似乎 OAuth 没有在“状态”参数上拼接。
到底有没有加这个参数?或者甚至是完全忽略它的方法?
【问题讨论】:
标签: c# asp.net-core oauth docusignapi