2016-12-27 46 views
0

我正在嘗試使用OWIN進行Google/Facebook的外部登錄。更改從代碼到令牌的C#Owin響應類型

面臨的問題是owin挑戰不斷改變響應類型從令牌到代碼。

挑戰生成以下網址: https://accounts.google.com/o/oauth2/auth?response_type=code&client_id=client_dim&redirect_uri=mywebsite.com&scope=scope&state=state

這從谷歌返回一個錯誤。如果我將response_type更改爲令牌(response_type = token),它將起作用。

這裏是OAuth的選項

OAuthOptions = new OAuthAuthorizationServerOptions 
     { 

      TokenEndpointPath = new PathString("/Token"), 
      Provider = new ApplicationOAuthProvider(PublicClientId), 
      AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"), 
      AccessTokenExpireTimeSpan = TimeSpan.FromDays(14), 

      // In production mode set AllowInsecureHttp = false 
      AllowInsecureHttp = true, 


     }; 

谷歌中間件設置:

app.UseGoogleAuthentication(new GoogleOAuth2AuthenticationOptions() 
     { 
      ClientId = "clientid", 
      ClientSecret = "client secret", 
     }); 

我們的難題是:

var properties = new AuthenticationProperties() { AllowRefresh = true, RedirectUri="mywebsite.co.za" }; 


     Request.GetOwinContext().Authentication.Challenge(properties,LoginProvider); 

     HttpResponseMessage response = new HttpResponseMessage(HttpStatusCode.Unauthorized); 
     response.RequestMessage = Request; 
     return Task.FromResult(response); 

的OWIN是從一般的MVC API進行基本設置項目。

回答

0

解決重寫RESPONSE_TYPE令牌如下:

GoogleOAuth2AuthenticationOptions googleOAuth2AuthenticationOptions = new GoogleOAuth2AuthenticationOptions 
     { 
      ClientId = "clientid", 
      ClientSecret = "secret", 

      Provider = new GoogleOAuth2AuthenticationProvider 
      { 
       OnApplyRedirect = context => 
       { 
        string redirect = context.RedirectUri.Replace("response_type=code", "response_type=token"); 
        context.Response.Redirect(redirect); 
       }, 

      }, 
     }; 

     app.UseGoogleAuthentication(googleOAuth2AuthenticationOptions); 

它還引出了一個問題,如果谷歌的OAuth 2.0需要RESPONSE_TYPE =令牌爲什麼用Owin.google提供商使用RESPONSE_TYPE =代碼。