【问题标题】:D2L Brightspace SSO authentication in C#C# 中的 D2L Brightspace SSO 身份验证
【发布时间】:2017-05-01 20:43:52
【问题描述】:

我已经能够使用 Boomerang 客户端发布一个肥皂请求以返回一个过期的 GUID(用于 SSO)。

我现在正尝试在 C# ASP.NET 中实现相同的功能。我得到了一个可以正常工作的经典 ASP 示例:

<%


Option Explicit

Dim objHttp
Dim xmlData
Dim GUIDUrl
Dim SSOUrl
Dim redirectURL
Dim guidType
Dim orgId
Dim installCode
Dim TTL
Dim key
Dim user

' ====================================
' CONFIGURE THIS SECTION
' ====================================
  GUIDUrl = "https://{URL}/d2l/guids/D2L.Guid.2.asmx"
  SSOUrl  = "https://{URL}/d2l/lp/auth/login/ssoLogin.d2l"
  guidType = "SSO"
  orgId = "12947"
  installCode = "{Please Set this Value}"
  TTL = "30"
  key = "{Please Set this Value}"
  user = "{Replace with an existing username or OegDefinedId}"
' ====================================
' END OF CONFIGURATION
' ====================================

  Dim strResult, getusername

    strResult = GUIDUrl & "/GenerateExpiringGuid" '?guidType=" & guidType & "&orgId=" & orgId & "&installCode=" & installCode & "&TTL=" & TTL & "&data=" & user & "&key=" & key


Set objHttp = Server.CreateObject("Microsoft.XMLHTTP") 
  objHTTP.open "POST", strResult,false
  objHTTP.setRequestHeader "Content-Type","application/x-www-form-urlencoded"

objHttp.Send "guidType=" & guidType & "&orgId=" & orgId & "&installCode=" & installCode & "&TTL=" & TTL & "&data=" & user & "&key=" & key
  strResult=objHTTP.responseText



If objHttp.Status = 200 Then 
    Set xmlData = objHttp.ResponseXML
    RedirectURL = SSOUrl & "?username=" & user & "&guid=" & xmlData.childNodes(1).text
    Response.Redirect (RedirectURL)
End If 
Set objHttp = Nothing 


%>

Boomerang 客户端和经典 ASP 示例代码都返回一个 385 个字符的字符串“GenerateExpiringGuidResult”。在这两种情况下,我都可以在 SSO URL 查询字符串中包含这个 GUID 以及一个用户 ID,然后我就可以成功地通过 D2L Brightspace 实例的身份验证。

我尝试在 C#/ASP.NET 中编写等效的代码,但是我的示例返回的是 429 个字符的字符串。

string guidType = "SSO";
string orgId = "1234";
string installCode = "{Please Set this Value}";
string TTL = "30";
string key = "{Please Set this Value}";
string user = "{Replace with an existing username or OegDefinedId}";

var GUIDUrl = "https://{URL}/d2l/guids/D2L.Guid.2.asmx";

var AuthURL = "https://{URL}/d2l/lp/auth/login/ssoLogin.d2l";

string postData = "guidType=" + guidType + "&orgId=" + orgId + "&installCode=" + installCode + "&TTL=" + TTL + "&data=" + user + "&key=" + key;
byte[] byteArray = System.Text.Encoding.UTF8.GetBytes(postData);

HttpWebRequest request = HttpWebRequest.Create(GUIDUrl + "/GenerateExpiringGuid") as HttpWebRequest;

request.Method = "POST";
request.ContentType = "application/x-www-form-urlencoded";
request.ContentLength = byteArray.Length;

StreamWriter requestWriter = new StreamWriter(request.GetRequestStream());
requestWriter.Write(postData);
requestWriter.Close();

HttpWebResponse response = request.GetResponse() as HttpWebResponse;

XmlDocument xmlDoc = new XmlDocument();
xmlDoc.Load(response.GetResponseStream());
string strGUID = xmlDoc.DocumentElement.LastChild.InnerText;

string strRedirect = AuthURL + "?guid=" + strGUID + "&userid=" + user;

lblResult.Text = strRedirect;

尝试使用此 GUID(如上所述)会导致“未授权”页面:“错误:未授权。您无权查看您尝试访问的页面”。

【问题讨论】:

    标签: c# asp.net desire2learn valence


    【解决方案1】:

    如果您从 GUIDUrl Web 服务收到 200 响应,那么我会查看响应的编码。

    set response encoding from XML

    还要确保您在响应中查看正确的 XML 节点。

    xmlData.childNodes(1).text 与 xmlDoc.DocumentElement.LastChild.InnerText

    【讨论】:

      【解决方案2】:

      谢谢@derekadk。写了这段代码解决了这个问题:

          string user = "{Replace with an existing userid}";
      
          var GUIDUrl = "https://{URL}/d2l/guids/D2L.Guid.2.asmx";
          var AuthURL = "https://{URL}/d2l/lp/auth/login/ssoLogin.d2l";
      
          // Load XML file (a SOAP 1.2 request as per asmx example provided), containing key/pair values
          string filepath = HttpContext.Current.Request.MapPath("~/d2l_send.xml");
          XmlDocument xmldoc = new XmlDocument();
          xmldoc.Load(filepath);
      
          // Encode XML and post request
          HttpWebRequest req = (HttpWebRequest)WebRequest.Create(GUIDUrl);
          byte[] requestBytes = Encoding.ASCII.GetBytes(xmldoc.InnerXml);
          req.Method = "POST";
          req.ContentType = "text/xml;charset=utf-8";
          req.ContentLength = requestBytes.Length;
          Stream requestStream = req.GetRequestStream();
          requestStream.Write(requestBytes, 0, requestBytes.Length);
          requestStream.Close();
      
          // Get response from server
          HttpWebResponse res = (HttpWebResponse)req.GetResponse();
          StreamReader sr = new StreamReader(res.GetResponseStream(), Encoding.Default);
          string backstr = sr.ReadToEnd();
      
          // Load response into XML document class instance
          XmlDocument xmlResult = new XmlDocument();
          xmlResult.LoadXml(backstr);
          XmlElement root = xmlResult.DocumentElement;
          XmlNodeList GUIDNode = root.GetElementsByTagName("GenerateExpiringGuidResult");
      
          // Get GUID
          string innerObject = Server.HtmlEncode(GUIDNode[0].InnerXml);
          string strRedirect = AuthURL + "?guid=" + innerObject + "&userid=" + user;
      
          //lblResult.Text = "<a href='" + strRedirect + "'>Click here</a>"; 
      
          sr.Close();
          res.Close();
      
          Response.Redirect(strRedirect);
      

      【讨论】:

        猜你喜欢
        • 1970-01-01
        • 1970-01-01
        • 2016-10-31
        • 2013-09-28
        • 1970-01-01
        • 1970-01-01
        • 1970-01-01
        • 2014-08-28
        • 1970-01-01
        相关资源
        最近更新 更多