【问题标题】:.AddOAuth get access_token from nonstandard TokenEndpoint response.AddOAuth 从非标准 TokenEndpoint 响应中获取 access_token
【发布时间】:2021-04-05 19:28:53
【问题描述】:

我已经添加了这样的身份验证

    services.AddAuthentication()
                .AddOAuth("external", "External Login", options =>
                {
                    options.ClientId = "external_id";
                    options.ClientSecret = "external_secret";
                    options.CallbackPath = new PathString("/signin-external");

                    options.AuthorizationEndpoint = "https://external.com/open-apis/authen/v1/index?app_id=external_id&redirect_uri=" + WebUtility.UrlEncode("https://myapp.com/signin-external");
                    options.TokenEndpoint = "https://external.com/open-apis/authen/v1/access_token";
                    options.UserInformationEndpoint = "https://external.com/open-apis/authen/v1/user_info";

                    options.BackchannelHttpHandler = new ExternalAuthorizingHandler(new HttpClientHandler(), options);

                    options.Events = new OAuthEvents
                    {
                        // never called
                        OnCreatingTicket = async context =>
                        {
                            var request = new HttpRequestMessage(HttpMethod.Get, context.Options.UserInformationEndpoint);
                            request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", context.AccessToken);

                            request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));

                            var response = await context.Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, context.HttpContext.RequestAborted);
                            response.EnsureSuccessStatusCode();

                            var user = JsonDocument.Parse(await response.Content.ReadAsStringAsync());

                            //context.HttpContext.Response.Cookies.Append("token", context.AccessToken);

                            context.RunClaimActions(user.RootElement);
                        }
                    };
                });

ExternalAuthorizingHandler.cs

public class ExternalAuthorizingHandler : DelegatingHandler
    {
        private readonly OAuthOptions options;
        public ExternalAuthorizingHandler(HttpMessageHandler inner, OAuthOptions options) : base(inner)
        {
            this.options = options;
        }

        protected override Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
        {
            if (request.RequestUri == new Uri(options.TokenEndpoint))
            {
                string appendData = $"app_id={options.ClientId}&app_secret={options.ClientSecret}&";
                var content = request.Content.ReadAsStringAsync().Result;
                var cntn = QueryHelpers.ParseQuery(appendData + content);

                var dict = new Dictionary<string, string>();
                foreach (var c in cntn)
                {
                        dict.Add(c.Key, c.Value[0]);
                }
                string newContent = JsonConvert.SerializeObject(dict);

                request.Content = new StringContent(newContent, System.Text.Encoding.UTF8, "application/json");
            }
            return base.SendAsync(request, cancellationToken);
        }
    }

此代码可以运行,直到我获得授权代码并重定向到 tokenEndpoint

但在SendAsync 执行后,我得到一个error

我不知道SendAsync 是否成功,但如果成功,那么来自 tokenEndpoint 的响应将是:

{
    "code": 0,
    "data": {
        "access_token": "u-D8kcSIGdlwQCySfgiEbrNc",
        "en_name": "John Doe",
        "expires_in": 6900,
        "name": "John Doe",
        "open_id": "ou_bace1bf309f5c8ad196019e63725e7ce",
        "refresh_expires_in": 2591700,
        "refresh_token": "ur-jFRCmumR5nqhanRVH3SGdf",
        "tenant_key": "2ede6044ee4f1656",
        "token_type": "Bearer",
        "union_id": "on_13c0df6770171400f042f536660ca8be"
    },
    "msg": "success"
}
  1. 这是什么错误以及如何处理?和cookie有关吗?
  2. 如何查看SendAsync结果
  3. 如何处理来自AddOAuth 选项的上述响应

谢谢

【问题讨论】:

    标签: asp.net-core .net-core identityserver4 asp.net-core-3.1


    【解决方案1】:

    在 ASP.NET Core 中,您不应该使用 AddOAuth,而是更推荐使用 AddOpenIDConnect。

    关于未知位置,或许这个question能给你一些线索。

    【讨论】:

      猜你喜欢
      • 2019-04-09
      • 1970-01-01
      • 2011-06-03
      • 1970-01-01
      • 2017-11-06
      • 1970-01-01
      • 2019-11-02
      • 2017-07-28
      • 2019-03-04
      相关资源
      最近更新 更多