Owin OAuth 提供商 Twitter 和 Microsoft

Question

我在以下行为 twitter 和 microsoft 返回 null 时遇到问题：

var loginInfo = await AuthenticationManager.GetExternalLoginInfoAsync();

这是在帐户控制器中，如下所示：

[AllowAnonymous]
public async Task<ActionResult> ExternalLoginCallback(string returnUrl)
{
    var loginInfo = await 
    AuthenticationManager.GetExternalLoginInfoAsync();

    if (loginInfo == null)
    {
        return RedirectToAction("Login");
    }

    var result = await SignInManager.ExternalSignInAsync(loginInfo, false);
    switch (result)
    {
        case SignInStatus.Success:
            return RedirectToLocal(returnUrl);
        case SignInStatus.LockedOut:
            return View("Lockout");
        //case SignInStatus.RequiresVerification:
        //    return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = false });
        case SignInStatus.Failure:
        default:
            // If the user does not have an account, then prompt the user to create an account
            ViewBag.ReturnUrl = returnUrl;
            ViewBag.LoginProvider = loginInfo.Login.LoginProvider;
            return View("ExternalLoginConfirmation", new AccountExternalLoginConfirmationViewModel { Email = loginInfo.Email });
    }
}

在startup.auth.cs中当前的配置是：

app.UseTwitterAuthentication(
    new TwitterAuthenticationOptions()
    {
        ConsumerKey = ConfigurationManager.AppSettings["TwitterAPIKey"],
        ConsumerSecret = ConfigurationManager.AppSettings["TwitterAPISecret"],

        Provider = new TwitterAuthenticationProvider()
        {
            OnAuthenticated = context =>
            {
                context.Identity.AddClaim(new Claim("urn:tokens:twitter:accesstoken", context.AccessToken));
                context.Identity.AddClaim(new Claim("urn:tokens:twitter:accesstokensecret",
                    context.AccessTokenSecret));
                return Task.FromResult(true);
            }
        }
    });

       app.UseMicrosoftAccountAuthentication(new MicrosoftAccountAuthenticationOptions()
        {
           ClientId = ConfigurationManager.AppSettings["MicrosoftAPIKey"],
           ClientSecret = ConfigurationManager.AppSettings["MicrosoftAPISecret"],
           // Scope = { "wl.basic", "wl.emails" },
            Provider = new MicrosoftAccountAuthenticationProvider()
           {
               OnAuthenticated = context =>
               {
                   context.Identity.AddClaim(new Claim("urn:microsoftaccount:access_token", context.AccessToken, "Microsoft"));
                   context.Identity.AddClaim(new Claim("urn:microsoft:email", context.Email));
                   return Task.FromResult(true);
               }
           }
        });

建议在 MicrosoftAccountAuthenticationOptions 中包含 Scope = { "wl.basic", "wl.emails" }。然而，这会返回一个错误的请求。关于通过 twitter 和 microsoft login 解决此问题的任何想法。

我用于微软的网址是 重定向网址：https://localhost/signin-microsoft 登出网址：https://localhost/account/logout 主页：https://localhost

推特 网址：https://127.0.0.1 回调地址：https://127.0.0.1/signin-twitter

我也尝试过在 live 上使用 live url，但仍然无效 var loginInfo = 等待 AuthenticationManager.GetExternalLoginInfoAsync();

Answer 1

试试这个：

  var options = new TwitterAuthenticationOptions
        {
            SignInAsAuthenticationType = signInAsType,
            ConsumerKey = "...",
            ConsumerSecret = "...",
            Provider = new TwitterAuthenticationProvider()
            {

                OnAuthenticated = async ctx =>
                {


 var manager = new OAuth.Manager(
                        "-your-twitter-access-token-",
                        "-your-twitter-access-token-secret-",
                        ctx.AccessToken,
                        ctx.AccessTokenSecret);
                    var url = "https://api.twitter.com/1.1/account/verify_credentials.json";
                    var authzHeader = manager.GenerateAuthzHeader(url, "GET");
                    var request = (HttpWebRequest)WebRequest.Create(url);
                    request.Method = "GET";
                    request.PreAuthenticate = true;
                    request.AllowWriteStreamBuffering = true;
                    request.Headers.Add("Authorization", authzHeader);
                    using (var response = (HttpWebResponse)request.GetResponse())
                    {
                        if (response.StatusCode != HttpStatusCode.OK)
                            throw new Exception("NOK");
                        var responseStream = response.GetResponseStream();

                        var reader = new System.IO.StreamReader(responseStream);
                        var res = reader.ReadToEnd();
                        Newtonsoft.Json.Linq.JObject data = (Newtonsoft.Json.Linq.JObject)JsonConvert.DeserializeObject(res);

                        var claims = new List<Claim>();

                        claims.Add(new Claim(Core.Constants.ClaimTypes.RawData, ctx.Identity.Claims.ToJsonString()));
                        claims.Add(new Claim(Core.Constants.ClaimTypes.AccessToken, ctx.AccessToken));
                        claims.Add(new Claim(Core.Constants.ClaimTypes.AccessTokenSecret, ctx.AccessTokenSecret));
                        claims.Add(new Claim(Core.Constants.ClaimTypes.Subject, ctx.UserId));
                        claims.Add(new Claim(Core.Constants.ClaimTypes.Name, data["name"].TokenString()));
                        claims.Add(new Claim(Core.Constants.ClaimTypes.Locale, GenerateLocale(data["lang"].TokenString())));
                        claims.Add(new Claim(Core.Constants.ClaimTypes.ZoneInfo, GenerateZone(data["location"].TokenString(), data["time_zone"].TokenString())));
                        claims.Add(new Claim(Core.Constants.ClaimTypes.WebSite, data["url"].TokenString()));
                        claims.Add(new Claim(Core.Constants.ClaimTypes.ProfileUrl, "https://twitter.com/" + ctx.ScreenName));
                        claims.Add(new Claim(Core.Constants.ClaimTypes.Picture, data["profile_image_url"].TokenString()));

                        await PrepClaims(ctx.Identity, claims);

                    }
                }
            }