1. 首頁
  2. 問答
  3. 與Google的DotNetOpenAuth OAuth 2.0授權

與Google的DotNetOpenAuth OAuth 2.0授權

2014-03-27 146 views
1

我試圖使用DNOA通過OAuth 2.0與Facebook和Google連接。與Google的DotNetOpenAuth OAuth 2.0授權

相同的代碼正在與Facebook,但不與谷歌

IAuthorizationState authorization = client.ProcessUserAuthorization(request); 
if (authorization == null) { 
    // Kick off authorization request 
    client.RequestUserAuthorization(openAuthClient.scope, new Uri(redirectUrl)); 
}

問題是,爲什麼工作?

我開始記錄DNOA請求,並找到如下:

2014-03-27 12:20:19,497 (GMT+9) [6] DEBUG DotNetOpenAuth.Messaging.Channel - Preparing to send AccessTokenAuthorizationCodeRequestC (2.0) message. 

2014-03-27 12:20:19,500 (GMT+9) [6] INFO DotNetOpenAuth.Messaging.Channel - Prepared outgoing AccessTokenAuthorizationCodeRequestC (2.0) message for https://accounts.google.com/o/oauth2/token: 

code: 4/sFMRXFQwkQR_I1BsKXIA-XRO0eid.MoM8z1Q_qZEdPvB8fYmgkJxxjiYDigI 
redirect_uri: http://test.almazcom.ru/asp/logon.aspx?Mode=OpenAuthLogon&Provider=google&Response=1&authuser=0&num_sessions=1&session_state=f1b3dbc278071954a1b03facd6d7053deac831f7..b3c2&prompt=none 
grant_type: authorization_code 
client_id: 514202796818.apps.googleusercontent.com 
client_secret: ******** 

2014-03-27 12:20:19,500 (GMT+9) [6] DEBUG DotNetOpenAuth.Messaging.Channel - Sending AccessTokenAuthorizationCodeRequestC request. 

2014-03-27 12:20:20,447 (GMT+9) [6] DEBUG DotNetOpenAuth.Http - HTTP POST https://accounts.google.com/o/oauth2/token 

2014-03-27 12:20:20,533 (GMT+9) [6] ERROR DotNetOpenAuth.Http - https://accounts.google.com/o/oauth2/token returned 400 BadRequest: Bad Request 

2014-03-27 12:20:20,533 (GMT+9) [6] DEBUG DotNetOpenAuth.Http - WebException from https://accounts.google.com/o/oauth2/token: 
{ 
"error" : "invalid_request" 
}

然後我改變參數REDIRECT_URI並手動發送該請求。結果是OK!在我的Google應用程序中指定了以下重定向URI:http://test.almazcom.ru/asp/logon.aspx?Mode=OpenAuthLogon&Provider=google&Response=1

如何在不同的用戶授權(方法ProcessUserAuthorization)期間更改uri?此uri必須與Google應用程序重定向URI完全相同。在其他情況下,我得到「INVALID_REQUEST」從谷歌

來源

2014-03-27 Krumberg Andrey

+0

沒有人遇到過這個問題嗎? –

回答

2

您應該使用「狀態」來存儲後的認證信息重定向

要停止DNOA自動設置狀態,並允許您設置自己的一個創建一個實現IClientAuthorizationTracker

然後

oClient = New WebServerClient(MyAuthDesc) 
... 
oClient.AuthorizationTracker = New TokenManager

最後(當ProcessUserAuthorization()返回訥L /沒有)

Dim owr As DotNetOpenAuth.Messaging.OutgoingWebResponse 
owr = oClient.PrepareRequestUserAuthorization(scopes:=sScope, returnTo:=Request.Url) 
oOAuthParams.Redirect = owr.Headers.Item("Location") & "&state=" & sReturnHere

當ProcessUserAuthorization成功和您確認您的訪問令牌,那麼你可以在URL中讀取狀態,並用它做的東西(我不使用它返回實際上我用它來阻止欺詐)

我需要做反正上面得到DNOA工作,我不想使用會話對象

希望這有助於。

來源

2014-05-16 05:20:08

相關問題

 相關問題