【发布时间】:2011-05-10 23:01:43
【问题描述】:
我正在使用 DotNetOpenAuth 构建一个 OAuth 服务提供者,为了测试它,我修改了示例 wcf 使用者以简单地调用一个普通的 http 端点。令牌请求工作正常,但是当我请求访问受保护资源时,我得到以下协议执行:
The following required parameters were missing from the DotNetOpenAuth.OAuth.Messages.AuthorizedTokenRequest message: oauth_verifier
当我查看服务提供商的日志输出时,我看到:
Error while performing basic validation of AuthorizedTokenRequest with these message parts:
oauth_token: pgzjBIs0pKCeDIcaIinyrV5Jhi0=
oauth_consumer_key: sampleconsumer
oauth_nonce: TM0Rc8kg
oauth_signature_method: HMAC-SHA1
oauth_signature: zmpxK5c69n1VzTEEcrnnd4e+qYI=
oauth_version: 1.0
oauth_timestamp: 1305067751
请注意 oauth_version: 1.0,即使我在创建使用者时指定了 ProtocolVersion.V10a。
如果我在两边都指定 ProtocolVersion.V10,我会得到这个异常:
Expected message DotNetOpenAuth.OAuth.Messages.AccessProtectedResourceRequest but received DotNetOpenAuth.OAuth.Messages.AuthorizedTokenRequest instead.
这是获取令牌的消费者代码(直接来自示例代码):
WebConsumer consumer = this.CreateConsumer();
UriBuilder callback = new UriBuilder(Request.Url);
callback.Query = null;
string[] scopes = (from item in this.scopeList.Items.OfType<ListItem>()
where item.Selected
select item.Value).ToArray();
string scope = string.Join("|", scopes);
var requestParams = new Dictionary<string, string> { { "scope", scope } };
var response = consumer.PrepareRequestUserAuthorization(callback.Uri, requestParams, null);
consumer.Channel.Send(response);
这是我失败的消费者代码:
var accessToken = Session["WcfAccessToken"] as string;
var consumer = CreateConsumer();
var serviceEndpoint = new MessageReceivingEndpoint("https://mymachine/test/getUserName", HttpDeliveryMethods.AuthorizationHeaderRequest | HttpDeliveryMethods.PostRequest);
var httpRequest = consumer.PrepareAuthorizedRequest(serviceEndpoint, accessToken);
var httpResponse = httpRequest.GetResponse();
在我的服务提供商中,我调用 serviceProvider.ReadProtectedResourceAuthorization();除了我上面提到的例外,它失败了。
任何想法我做错了什么?
【问题讨论】:
-
您能否加强您的问题,将源代码包含在实际获得令牌的消费者身上?
-
我添加了获取授权的调用,正如我在问题中提到的那样,该部分正在使用 DotNetOpenAuth 附带的示例中的 OAuthConsumer SampleWcf.aspx 页面。
标签: dotnetopenauth