我使用 ASP.NET Core 2.1 创建了一个 API 服务器。其中一个步骤涉及使用 DocuSign API 的 OAuth 代码授权。
当我转到登录路由时,服务器对用户进行了完美的身份验证,响应中存在 Auth token ,用户可以做他们需要做的一切。 但是,在用户首次“登录”(或者如果他们已清除缓存)时,当 DocuSign 已登录用户并将其返回到回调 URL 时,将抛出 500 错误。
启动.cs
.AddOAuth("DocuSign", options =>
{
options.ClientId = Configuration["ApplicationSettings:ConnectionSettings:DocuSign:ClientID"];
options.ClientSecret = Configuration["ApplicationSettings:ConnectionSettings:DocuSign:SecretKey"];
options.CallbackPath = new PathString("/ds/callback");
options.AuthorizationEndpoint = Configuration["ApplicationSettings:ConnectionSettings:DocuSign:AuthorizationEndpoint"];
options.TokenEndpoint = Configuration["ApplicationSettings:ConnectionSettings:DocuSign:TokenEndpoint"];
options.UserInformationEndpoint = Configuration["ApplicationSettings:ConnectionSettings:DocuSign:UserInformationEndpoint"];
options.Scope.Add("signature");
options.SaveTokens = true;
options.ClaimActions.Clear();
options.ClaimActions.MapJsonKey(ClaimTypes.NameIdentifier, "sub");
options.ClaimActions.MapJsonKey(ClaimTypes.Name, "name");
options.ClaimActions.MapJsonKey("accounts", "accounts");
options.ClaimActions.MapCustomJson("account_id", obj => ExtractDefaultAccountValue(obj, "account_id"));
options.ClaimActions.MapCustomJson("account_name", obj => ExtractDefaultAccountValue(obj, "account_name"));
options.ClaimActions.MapCustomJson("base_uri", obj => ExtractDefaultAccountValue(obj, "base_uri"));
options.ClaimActions.MapJsonKey("access_token", "access_token");
options.ClaimActions.MapJsonKey("refresh_token", "refresh_token");
options.ClaimActions.MapJsonKey("expires_in", "expires_in");
options.Events = new OAuthEvents
{
OnCreatingTicket = async context =>
{
var request = new HttpRequestMessage(HttpMethod.Get, context.Options.UserInformationEndpoint);
request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", context.AccessToken);
var response = await context.Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, context.HttpContext.RequestAborted);
response.EnsureSuccessStatusCode();
var user = JObject.Parse(await response.Content.ReadAsStringAsync());
user.Add("access_token", context.AccessToken);
user.Add("refresh_token", context.RefreshToken);
user.Add("expires_in", DateTime.Now.Add(context.ExpiresIn.Value).ToString());
context.RunClaimActions(user);
context.Response.Redirect("/api/values");
},
OnRemoteFailure = context =>
{
context.HandleResponse();
context.Response.StatusCode = 500;
Console.WriteLine(context.Failure.ToString());
return Task.FromResult(0);
},
};
});
OAuth抛出的错误是:
RemoteAuthentication 错误:oauth 状态丢失或无效..
我使用 Fiddler 检查了请求参数,OAuth 似乎没有拼接“state”参数。
有没有办法添加这个参数?或者甚至是完全忽略它的方法?
最佳答案
state 是一个可选参数,用于传递任何类型的附加数据,这些数据稍后将在重定向 uri 中传回您的应用。您能否尝试在您的请求中添加 &state= 并查看是否可以解决问题?
关于c# - 如何将 'state' 查询参数添加到 OAuth 请求(或忽略它),我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/57459325/