我正在尝试使用 OAuth 对我的 ASP.NET MVC C# 应用程序中的 FreshBooks API 进行身份验证。这是我目前所拥有的:
我正在使用 DotNetOpenAuth,这是我在 Controller 操作中的代码
if (TokenManager != null)
{
ServiceProviderDescription provider = new ServiceProviderDescription();
provider.ProtocolVersion = ProtocolVersion.V10a;
provider.AccessTokenEndpoint = new MessageReceivingEndpoint ("https://myfbid.freshbooks.com/oauth/oauth_access.php", DotNetOpenAuth.Messaging.HttpDeliveryMethods.PostRequest);
provider.RequestTokenEndpoint = new DotNetOpenAuth.Messaging.MessageReceivingEndpoint("https://myfbid.freshbooks.com/oauth/oauth_request.php", DotNetOpenAuth.Messaging.HttpDeliveryMethods.PostRequest);
provider.UserAuthorizationEndpoint = new DotNetOpenAuth.Messaging.MessageReceivingEndpoint("https://myfbid.freshbooks.com/oauth/oauth_authorize.php", DotNetOpenAuth.Messaging.HttpDeliveryMethods.GetRequest);
provider.TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() };
var consumer = new WebConsumer(provider, TokenManager);
var response = consumer.ProcessUserAuthorization();
if (response != null)
{
this.AccessToken = response.AccessToken;
}
else
{
// we need to request authorization
consumer.Channel.Send(consumer.PrepareRequestUserAuthorization(
new Uri("http://localhost:9876/home/testoauth/"), null, null));
}
}
TokenManager 与 DotNetOpenAuth 示例提供的类相同,我设置了 FreshBooks 给我的消费者密码。
在 consumer.Channel.Send(consumer.PrepareRequestUserAuthorization(...))
上我遇到了以下异常:
"The remote server returned an error: (400) Bad Request.".
我这样做正确吗?基于应该可以正常工作的 FreshBooks 文档和 DotNetOpenAuth 示例。
是否有更简单的方法来使用 OAuth 进行身份验证,因为 DotNetOpenAuth 对于仅使用 OAuth 身份验证来说有点庞大?
最佳答案
如果您想使用 DotNetOpenAuth,您需要确保:
- 您使用签名方法“PLAINTEXT”
- 并使用 PlaintextSigningBindingElement 作为 TamperProtectionElements
这样的东西对我有用:
public static readonly ServiceProviderDescription ServiceDescription = new ServiceProviderDescription
{
ProtocolVersion = ProtocolVersion.V10a,
RequestTokenEndpoint = new MessageReceivingEndpoint(oAuthBase + "/oauth_request.php", HttpDeliveryMethods.PostRequest),
UserAuthorizationEndpoint = new MessageReceivingEndpoint(oAuthBase + "/oauth_authorize.php", HttpDeliveryMethods.GetRequest | HttpDeliveryMethods.AuthorizationHeaderRequest),
AccessTokenEndpoint = new MessageReceivingEndpoint(oAuthBase + "/oauth_access.php", HttpDeliveryMethods.PostRequest | HttpDeliveryMethods.AuthorizationHeaderRequest),
TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new PlaintextSigningBindingElement() }
};
public static void RequestAuthorization(WebConsumer consumer)
{
if (consumer == null)
{
throw new ArgumentNullException("consumer");
}
var extraParameters = new Dictionary<string, string> {
{ "oauth_signature_method", "PLAINTEXT" },
};
Uri callback = Util.GetCallbackUrlFromContext();
var request = consumer.PrepareRequestUserAuthorization(callback, extraParameters, null);
consumer.Channel.Send(request);
}
关于c# - 通过 DotNetOpenAuth 对 FreshBooks 进行身份验证,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/4974056/