C# 如何让OAuth与DotNetOpenAuth和Evernote一起工作?
我正在尝试使用DotNetOpenAuth库编写一个C#ASP.NET MVC应用程序,该库使用OAuth连接到Evernote沙盒,但我无法让它工作。在调用回调之前,我的应用程序是正常的,但当我在的步骤10中尝试请求交换临时凭据时,它会失败,并出现401未经授权的错误 我的回调如下所示:C# 如何让OAuth与DotNetOpenAuth和Evernote一起工作?,c#,oauth,dotnetopenauth,evernote,C#,Oauth,Dotnetopenauth,Evernote,我正在尝试使用DotNetOpenAuth库编写一个C#ASP.NET MVC应用程序,该库使用OAuth连接到Evernote沙盒,但我无法让它工作。在调用回调之前,我的应用程序是正常的,但当我在的步骤10中尝试请求交换临时凭据时,它会失败,并出现401未经授权的错误 我的回调如下所示: public ActionResult OAuthCallback() { var webConsumer = CreateWebConsumer(); var
public ActionResult OAuthCallback()
{
var webConsumer = CreateWebConsumer();
var accessTokenResponse = webConsumer.ProcessUserAuthorization();
if (accessTokenResponse != null)
{
AccessToken = accessTokenResponse.AccessToken;
}
return RedirectToAction("Index");
}
异常发生在var accessTokenResponse=webConsumer.ProcessUserAuthorization()上代码>行,这是尝试凭证交换的内容
Fiddler显示了以下内容:
调用回调:
GET http://localhost:22297/Home/OAuthCallback?oauth_token=GiddyUpHorsey.13F82BDC264.687474703A2F2F6C6F63616C686F73743A32323239372F486F6D652F4F4175746843616C6C6261636B.CFB67142944B4EB90148DDAFE2120A71&oauth_verifier=93534C2B04F862E57B30D738C3569242 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Connection: Keep-Alive
Accept-Language: en-NZ
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)
Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: localhost:22297
DNT: 1
Cache-Control: no-cache
HTTP/1.1 401 Unauthorized
Set-Cookie: JSESSIONID=4CDCD690AEAD69D952CEE4CBED5AC8DC; Path=/
Content-Type: text/html;charset=ISO-8859-1
Content-Language: en
Date: Wed, 26 Jun 2013 23:07:48 GMT
Server: Evernote/1.0
Content-Length: 1587
<html>
.....
<div class="page-header">
<h1>
Oops, we encountered an error.</h1>
</div>
<div>
<p>
Sorry, we've encountered an unexpected error.</p>
</div>
<div class="clear"></div>
</div>
...
</html>
请求令牌交换:
GET http://localhost:22297/Home/OAuthCallback?oauth_token=GiddyUpHorsey.13F82BDC264.687474703A2F2F6C6F63616C686F73743A32323239372F486F6D652F4F4175746843616C6C6261636B.CFB67142944B4EB90148DDAFE2120A71&oauth_verifier=93534C2B04F862E57B30D738C3569242 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Connection: Keep-Alive
Accept-Language: en-NZ
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)
Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: localhost:22297
DNT: 1
Cache-Control: no-cache
HTTP/1.1 401 Unauthorized
Set-Cookie: JSESSIONID=4CDCD690AEAD69D952CEE4CBED5AC8DC; Path=/
Content-Type: text/html;charset=ISO-8859-1
Content-Language: en
Date: Wed, 26 Jun 2013 23:07:48 GMT
Server: Evernote/1.0
Content-Length: 1587
<html>
.....
<div class="page-header">
<h1>
Oops, we encountered an error.</h1>
</div>
<div>
<p>
Sorry, we've encountered an unexpected error.</p>
</div>
<div class="clear"></div>
</div>
...
</html>
由webConsumer.ProcessUserAuthorization()触发代码>
响应:
GET http://localhost:22297/Home/OAuthCallback?oauth_token=GiddyUpHorsey.13F82BDC264.687474703A2F2F6C6F63616C686F73743A32323239372F486F6D652F4F4175746843616C6C6261636B.CFB67142944B4EB90148DDAFE2120A71&oauth_verifier=93534C2B04F862E57B30D738C3569242 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Connection: Keep-Alive
Accept-Language: en-NZ
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)
Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: localhost:22297
DNT: 1
Cache-Control: no-cache
HTTP/1.1 401 Unauthorized
Set-Cookie: JSESSIONID=4CDCD690AEAD69D952CEE4CBED5AC8DC; Path=/
Content-Type: text/html;charset=ISO-8859-1
Content-Language: en
Date: Wed, 26 Jun 2013 23:07:48 GMT
Server: Evernote/1.0
Content-Length: 1587
<html>
.....
<div class="page-header">
<h1>
Oops, we encountered an error.</h1>
</div>
<div>
<p>
Sorry, we've encountered an unexpected error.</p>
</div>
<div class="clear"></div>
</div>
...
</html>
HTTP/1.1 401未经授权
设置Cookie:JSESSIONID=4CDCD690AEAD69D952CEE4CBED5AC8DC;路径=/
内容类型:text/html;字符集=ISO-8859-1
内容语言:英语
日期:2013年6月26日星期三23:07:48 GMT
服务器:Evernote/1.0
内容长度:1587
.....
哎呀,我们遇到了一个错误。
很抱歉,我们遇到了意外错误
...
(我从回复中去掉了大部分HTML)
为什么401 Unauthorized会失败?我不确定你是否能让它正常工作,但今天早上我在玩Evernote、OpenAuth和C#,并设法让它正常工作。我在这里整理了一篇博客文章/库,解释了使用MVC的经验并概述了如何使用MVC——它使用AsyncOAuth库:
我围绕AsyncOAuth编写了一个包装器,在这里您可能会发现它很有用:
需要注意的一件棘手的事情是,Evernote端点(/oauth和/oauth.action)区分大小写
// Download the library from https://github.com/shaunmccarthy/AsyncOAuth.Evernote.Simple
// Configure the Authorizer with the URL of the Evernote service,
// your key, and your secret.
var EvernoteAuthorizer = new EvernoteAuthorizer(
"https://sandbox.evernote.com",
"slyrp-1234", // Not my real id / secret :)
"7acafe123456badb123");
// First of all, get a request token from Evernote - this causes a
// webrequest from your server to Evernote.
// The callBackUrl is the URL you want the user to return to once
// they validate the app
var requestToken = EvernoteAuthorizer.GetRequestToken(callBackUrl);
// Persist this token, as we are going to redirect the user to
// Evernote to Authorize this app
Session["RequestToken"] = requestToken;
// Generate the Evernote URL that we will redirect the user to in
// order to
var callForwardUrl = EvernoteAuthorizer.BuildAuthorizeUrl(requestToken);
// Redirect the user (e.g. MVC)
return Redirect(callForwardUrl);
// ... Once the user authroizes the app, they get redirected to callBackUrl
// where we parse the request parameter oauth_validator and finally get
// our credentials
// null = they didn't authorize us
var credentials = EvernoteAuthorizer.ParseAccessToken(
Request.QueryString["oauth_verifier"],
Session["RequestToken"] as RequestToken);
// Example of how to use the credential with Evernote SDK
var noteStoreUrl = EvernoteCredentials.NotebookUrl;
var noteStoreTransport = new THttpClient(new Uri(noteStoreUrl));
var noteStoreProtocol = new TBinaryProtocol(noteStoreTransport);
var noteStore = new NoteStore.Client(noteStoreProtocol);
List<Notebook> notebooks = client.listNotebooks(EvernoteCredentials.AuthToken);
//从下载库https://github.com/shaunmccarthy/AsyncOAuth.Evernote.Simple
//使用Evernote服务的URL配置授权人,
//你的钥匙,你的秘密。
var EvernoteAuthorizer=新的EvernoteAuthorizer(
"https://sandbox.evernote.com",
“slyrp-1234”,//不是我的真实id/秘密:)
“7acafe123456badb123”);
//首先,从Evernote获取请求令牌-这会导致
//从服务器到Evernote的webrequest。
//callBackUrl是希望用户返回一次的URL
//他们验证应用程序
var requestToken=EvernoteAuthorizer.GetRequestToken(callBackUrl);
//保留此令牌,因为我们将把用户重定向到
//Evernote授权此应用
会话[“RequestToken”]=RequestToken;
//生成我们将在中重定向用户的Evernote URL
//命令
var callForwardUrl=EvernoteAuthorizer.BuildAuthorizeUrl(requestToken);
//重定向用户(例如MVC)
返回重定向(callForwardUrl);
// ... 一旦用户对应用程序进行身份验证,他们就会被重定向到callBackUrl
//在这里,我们解析请求参数oauth_validator并最终获得
//我们的证书
//null=他们没有授权我们
var credentials=EvernoteAuthorizer.ParseAccessToken(
Request.QueryString[“oauth\u验证器”],
会话[“请求令牌”]作为请求令牌);
//如何在Evernote SDK中使用凭据的示例
var noteStoreUrl=EvernoteCredentials.NotebookUrl;
var noteStoreTransport=newthttpclient(新Uri(noteStoreUrl));
var noteStoreProtocol=新的TBinaryProtocol(noteStoreTransport);
var noteStore=new noteStore.Client(noteStoreProtocol);
列表笔记本=client.listNotebook(EvernoteCredentials.AuthToken);
我尝试了你的代码,但奇怪的是,我仍然收到了401未经授权的错误。我想知道这个问题是否与我的环境有关。应用程序必须通过代理服务器才能与外部世界通信。也许这与此有关。您在哪一步得到401错误?用户是否看到401,或者它是在GetRequestToken期间发生的?它发生在调用以下行的过程中:var result=wait base.GetAccessToken(OAuthull,token,oauth_verifier,null,null)代码>AsyncEvernoteAuthorizer.cs:第115行。用户已在Evernote中授权应用程序,然后出现错误。用户看到一个关于401未授权异常的YSOD。因此,在这一点上有两个可能的问题-要么您没有收到回oauth_验证器(检查它是否已填充),要么您的令牌为null(检查它,并且密钥和机密具有正确的值)。也许您忘记了在获取令牌(GetRequestToken)和重定向用户并将其返回之间的会话中存储令牌?调试器中的预期值应类似于此-值稍微更改以保护无辜者;)OAuthull=“”,token.Key=“YOUR-APP-ID.1419B6610F9.687474703A546F6B656E433.BFE5972454CD”,token.Secret=“5C1AC31B08E5FC321885B7BD690473C”,oauth_验证者=“2090AA4007C2990891719CCCBFFAA3B3”