C# 与OAuth 1.0的3个版本混淆
我的目标是:使用一次点击和重定向,我希望用户登录到我的网站,并给我授权accessToken访问他的Gmail。我想使用DNOA来授权并升级到accessToken 但是DNOA对我来说不太清楚,所以我使用了另一个dllhttp://www.matlus.com/oauth-c-library/ 在B 然后我意识到,我希望用户在第二次访问我的站点时得到身份验证和授权,这样在不将他再次重定向到站点X的情况下,我会请求对你的Gmail页面的权限 我知道我必须同时使用OpenID和OAuth。所以我用了C语言的代码 尽管有以上所有这些,我还是很困惑,不确定哪种代码最适合我的需要 也许一点也不合适? 如何在本地主机上检查它们?参见C中的代码注释 你所能照亮的一切都将是感激的 A: C: 考虑到您的需求,方法C似乎最正确。但是,不要基于当前请求设置域的方案http vs https。对于谷歌来说,OpenID领域绝对必须始终保持相同,因为这是您的一个选项,否则您的用户在登录时将被分配不同的声明标识符,并且在您的站点上有两个帐户,一个用于HTTP,另一个用于HTTPS,这不是您想要的C# 与OAuth 1.0的3个版本混淆,c#,asp.net-mvc,dotnetopenauth,C#,Asp.net Mvc,Dotnetopenauth,我的目标是:使用一次点击和重定向,我希望用户登录到我的网站,并给我授权accessToken访问他的Gmail。我想使用DNOA来授权并升级到accessToken 但是DNOA对我来说不太清楚,所以我使用了另一个dllhttp://www.matlus.com/oauth-c-library/ 在B 然后我意识到,我希望用户在第二次访问我的站点时得到身份验证和授权,这样在不将他再次重定向到站点X的情况下,我会请求对你的Gmail页面的权限 我知道我必须同时使用OpenID和OAuth。所以我用
是的,考虑到Google的OAuth设计,您必须在URL中有一个可公开寻址的域才能进行测试。很遗憾,但这是真的,不管您使用哪种OAuth消费者库
我建议您使用如上所述调整的C,并对其进行修改,使其在localhost上运行时能够正常降级,这样您就有了一个用于测试的本地开发人员案例。谢谢您的回答。请您再优雅地解释一下,在本地主机上运行时会降级。您建议如何降级?Google的OAuth设计您必须在URL中有一个可公开寻址的域才能进行测试。我已成功下载并试用了localhost。当您看到matlus库工作时,您是否将localhost领域与matlus库一起使用?我认为这个领域必须等于你在谷歌注册的用户密钥,所以我很惊讶它能起作用。是的,本地主机领域和matlus。
public void PrepareAuthorizationRequest(Uri authCallbakUrl)
{
var consumer = new WebConsumer(GoogleConsumerConsts.ServiceDescription, mConsumerTokenManager);
var requestParameters = new Dictionary<string, string>
{
{"scope", "https://www.googleapis.com/auth/userinfo#email"}};
// request access
consumer.Channel.Send(consumer.PrepareRequestUserAuthorization(authCallbakUrl, requestParameters, null));
// throw new NoRedirectToAuthPageException();
}
public ProcessAuthorizationRequestResponse ProcessAuthorizationRequest()
{
ProcessAuthorizationRequestResponse response;
// Process result from the service provider
var consumer = new WebConsumer(GoogleConsumerConsts.ServiceDescription, mConsumerTokenManager);
var accessTokenResponse = consumer.ProcessUserAuthorization();
// If we didn't have an access token response, this wasn't called by the service provider
if (accessTokenResponse == null)
response = new ProcessAuthorizationRequestResponse
{
IsAuthorized = false
};
else
{
// Extract the access token
string accessToken = accessTokenResponse.AccessToken;
response = new ProcessAuthorizationRequestResponse
{
IsAuthorized = true,
Token = accessToken,
Secret = mConsumerTokenManager.GetTokenSecret(accessToken)
};
}
return response;
}
public void GetAuthorizeRequestToken(OAuthProviderTypes authType)
{
var consumer = mAuthorizationConsumerFactory.GetConsumer(authType);
requestToken = GetRequestToken(consumer);
AuthorizeRequestToken(requestToken, consumer);
}
public AccessToken UpgradeToAccessToken(OAuthProviderTypes authType, RequestToken requestToken)
{
var consumer = mAuthorizationConsumerFactory.GetConsumer(authType);
var oAuthConsumer = new OAuthConsumer();
var accessToken = oAuthConsumer.GetOAuthAccessToken(consumer.AccessTokenEndpoint, _realm, consumer.ConsumerKey, consumer.ConsumerSecret, consumer.Token, consumer.Verifier, requestToken.TokenSecret);
System.Web.HttpContext.Current.Response.Redirect("~/Authentication.htm?google");
// Google Only - This method will get the email of the authenticated user
//var responseText = oAuthConsumer.GetUserInfo("https://www.googleapis.com/userinfo/email", realm, consumerKey, consumerSecret, accessToken.Token, accessToken.TokenSecret);
return new AccessToken();
}
private RequestToken GetRequestToken(IConsumer consumer)
{
var oAuthConsumer = new OAuthConsumer();
var requestToken = oAuthConsumer.GetOAuthRequestToken(consumer.RequestTokenEndpoint, _realm,
consumer.ConsumerKey, consumer.ConsumerSecret,
consumer.RequestTokenCallback);
// PersistRequestToken(requestToken);
return requestToken;
}
private void AuthorizeRequestToken(RequestToken requestToken, IConsumer consumer)
{
System.Web.HttpContext.Current.Response.Redirect(consumer.AuthorizeTokenUrl + "?oauth_token=" + requestToken.Token);
}
private IAuthenticationRequest GetGoogleRequest()
{
// Google requires that the realm and consumer key be equal,
// so we constrain the realm to match the realm in the web.config file.
// This does mean that the return_to URL must also fall under the key,
// which means this sample will only work on a public web site
// that is properly registered with Google.
// We will customize the realm to use http or https based on what the
// return_to URL will be (which will be this page).
var consumer = new WebConsumer(GoogleConsumerConsts.ServiceDescription, mConsumerTokenManager);
//Realm realm = "http://localhost:8976/";
Realm realm = System.Web.HttpContext.Current.Request.Url.Scheme + Uri.SchemeDelimiter + consumer.ConsumerKey + "/";
IAuthenticationRequest authReq = GoogleConsumerConsts.RelyingParty.CreateRequest(GoogleConsumerConsts.GoogleOPIdentifier, realm);
// Prepare the OAuth extension
string scope = GoogleConsumerConsts.GetScopeUri(GoogleConsumerConsts.Applications.Contacts);
consumer.AttachAuthorizationRequest(authReq, scope);
// We also want the user's email address
var fetch = new FetchRequest();
fetch.Attributes.AddRequired(WellKnownAttributes.Contact.Email);
authReq.AddExtension(fetch);
return authReq;
}