【发布时间】:2015-07-04 11:37:50
【问题描述】:
我在我的 WCF RESTful 服务中实现 Oauth,在客户端我使用脚本 (link2) 生成签名(签名参考 link2),在服务器端我使用 c# (code reference) 生成签名),一切正常,但唯一的是客户端生成签名与服务器端生成签名不匹配。
这是我的代码,请指出我做错的地方
脚本:
$("#BtnCheck").click(function () {
oauth = OAuth({
consumer: {
public: 'test',
secret: 'secret'
},
signature_method: 'HMAC-SHA1'
});
request_data = {
// url: 'http://MyPcName/RestfulService/Login/LoginService.svc/GetSampleMethod_With_OAuth/inputStr/validate',
url: 'http://localhost/RestfulService/Login/LoginService.svc/GetSampleMethod_With_OAuth/inputStr/validate',
method: 'GET',
data: {
status: 'Hello Ladies + Gentlemen, a signed OAuth request!'
}
};
varType = "GET";
varUrl = "http://localhost/RestfulService/Login/LoginService.svc/GetSampleMethod_With_OAuth/inputStr/validate";
data = oauth.authorize(request_data, null);
varContentType = "application/json; charset=utf-8";
varDataType = "json";
varProcessData = false;
varCache = false
varData = data;
CallService(Authenticate);
});
function Authenticate(response) {
var data = response
alert(response);
}
呼叫服务:
function CallService(sucessData) {
$.ajax({
//headers: getHeaders(),
type: varType, //GET or POST or PUT or DELETE verb
url: varUrl, // Location of the service
data: varData, //Data sent to server
contentType: varContentType, // content type sent to server
dataType: varDataType, //Expected data format from server
processdata: varProcessData, //True or False
crossDomain: true,
timeout: 200000,
success: sucessData,
cache: varCache,
error: function (xhr) {// When Service call fails
alert("Error: " + xhr.responseText);
//alert('Error occured in Service Call');
}
});
}
WCF 服务:
[OperationContract(Name = "GetSampleMethod_With_OAuth")]
[WebGet(UriTemplate = "GetSampleMethod_With_OAuth/inputStr/{name}")]
string GetSampleMethod_With_OAuth(string name);
public string GetSampleMethod_With_OAuth(string strUserName)
{
if (Authenticate(WebOperationContext.Current.IncomingRequest))
{
StringBuilder strReturnValue = new StringBuilder();
// return username prefixed as shown below
strReturnValue.Append(string.Format("AUTHORIZED REQUEST"));
return strReturnValue.ToString();
}
else
{
WebOperationContext.Current.OutgoingResponse.StatusCode = HttpStatusCode.Unauthorized;
return "401 Unauthorized Request.";
}
}
private static bool Authenticate(IncomingWebRequestContext context)
{
bool Authenticated = false;
string normalizedUrl;
string normalizedRequestParameters;
//context.Headers
NameValueCollection pa = context.UriTemplateMatch.QueryParameters;
if (pa != null && pa["oauth_consumer_key"] != null)
{
// to get uri without oauth parameters
string uri = context.UriTemplateMatch.RequestUri.OriginalString.Replace
(context.UriTemplateMatch.RequestUri.Query, "");
string consumersecret = "secret";
OAuthBase oauth = new OAuthBase();
string hash = oauth.GenerateSignature(
new Uri(uri),
pa["oauth_consumer_key"],
consumersecret,
null, // totken
null, //token secret
"GET",
pa["oauth_timestamp"],
pa["oauth_nonce"],
out normalizedUrl,
out normalizedRequestParameters
);
Authenticated = pa["oauth_signature"] == hash;
}
return Authenticated;
}
【问题讨论】:
-
嗨,我也面临类似的问题。您找到解决问题的方法了吗?
-
是的,我找到了,请看下面提到的答案