1. 首頁
  2. 問答
  3. 谷歌混合的OpenID + OAuth的與dotnetopenauth

谷歌混合的OpenID + OAuth的與dotnetopenauth

2012-10-18 60 views
3

我可能已經在過去兩天花了10多個小時的努力理解如何實現用戶登錄與谷歌混合的OpenID + OAuth的(Federated Login谷歌混合的OpenID + OAuth的與dotnetopenauth

要觸發授權請求我使用方法:

InMemoryOAuthTokenManager tm = new InMemoryOAuthTokenManager(ConfigurationManager.AppSettings["googleConsumerKey"], ConfigurationManager.AppSettings["googleConsumerSecret"]); 
using (OpenIdRelyingParty openid = new OpenIdRelyingParty()) 
{ 
    Realm realm = HttpContext.Current.Request.Url.Scheme + Uri.SchemeDelimiter + ConfigurationManager.AppSettings["googleConsumerKey"] + "/"; 
    IAuthenticationRequest request = openid.CreateRequest(identifier, Realm.AutoDetect, new Uri(HttpContext.Current.Request.Url.Scheme + "://" + HttpContext.Current.Request.Url.Authority + "/OAuth/google")); 

    var authorizationRequest = new AuthorizationRequest 
    { 
    Consumer = ConfigurationManager.AppSettings["googleConsumerKey"], 
    Scope = "https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/plus.me", 
    }; 

    request.AddExtension(authorizationRequest); 

    request.AddExtension(new ClaimsRequest 
    { 
    Email = DemandLevel.Request, 
    Gender = DemandLevel.Require 
    }); 

    request.RedirectToProvider(); 
}

要檢索的accessToken我用:

using (OpenIdRelyingParty openid = new OpenIdRelyingParty()) 
{ 
    IAuthenticationResponse authResponse = openid.GetResponse(); 
    if (authResponse != null) 
    { 
    switch (authResponse.Status) 
    { 
     case AuthenticationStatus.Authenticated: 
     HttpContext.Current.Trace.Write("AuthenticationStatus", "Authenticated"); 
     FetchResponse fr = authResponse.GetExtension<FetchResponse>(); 

     InMemoryOAuthTokenManager tm = new InMemoryOAuthTokenManager(ConfigurationManager.AppSettings["googleConsumerKey"], ConfigurationManager.AppSettings["googleConsumerSecret"]); 

     ServiceProviderDescription spd = new ServiceProviderDescription { 
      spd.RequestTokenEndpoint = new DotNetOpenAuth.Messaging.MessageReceivingEndpoint("https://accounts.google.com/o/oauth2/token", HttpDeliveryMethods.AuthorizationHeaderRequest | HttpDeliveryMethods.GetRequest); 
      spd.AccessTokenEndpoint = new DotNetOpenAuth.Messaging.MessageReceivingEndpoint("https://accounts.google.com/o/oauth2/token", HttpDeliveryMethods.AuthorizationHeaderRequest | HttpDeliveryMethods.GetRequest); 
      spd.UserAuthorizationEndpoint = new DotNetOpenAuth.Messaging.MessageReceivingEndpoint("https://accounts.google.com/o/oauth2/auth?access_type=offline", HttpDeliveryMethods.AuthorizationHeaderRequest | HttpDeliveryMethods.GetRequest); 
      spd.TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() }; 

     WebConsumer wc = new WebConsumer(spd, tm); 
     AuthorizedTokenResponse accessToken = wc.ProcessUserAuthorization(); 

     if (accessToken != null) 
     { 
      HttpContext.Current.Trace.Write("accessToken", accessToken.ToString()); 
     } 
     else 
     { 
     } 
     break; 
     case AuthenticationStatus.Canceled: 
     HttpContext.Current.Trace.Write("AuthenticationStatus", "Canceled"); 
     break; 
     case AuthenticationStatus.Failed: 
     HttpContext.Current.Trace.Write("AuthenticationStatus", "Failed"); 
     break; 
     default: 
     break; 
    } 
    } 
}

可惜的是,我得到AuthenticationStatus.Authenticatedwc.ProcessUserAuthorization()null

我在做什麼錯?

非常感謝您的幫助。

來源

2012-10-18 Max Favilli

回答

1

而不是使用WebConsumer,使用WebConsumerOpenIdRelyingParty類,它在DotNetOpenAuth.OpenIdOAuth NuGet包中可用。該類提供了用於將OAuth請求作爲OpenID擴展(無論如何你都做得很好)以及在返回時提取OpenID擴展響應的輔助方法。

看着the source code for the above mentioned class可能會有助於激勵你。在DotNetOpenAuth中還有一個專門針對Google OpenID登錄和OAuth擴展的示例。 Get the samples from SourceForge,然後查看OpenIdRelyingPartyWebForms示例項目的loginPlusOAuth.aspx頁面(以及代碼隱藏和支持類)。

來源

2012-10-25 05:45:08

相關問題

 相關問題