有没有人使用DNOA实现2 Legged OAuth？

Question

有没有人使用DNOA实现2 Legged OAuth？

Mad*_*enu 10 c# provider oauth 2-legged two-legged

我正在尝试在CSharp中创建一个身份验证模块,我需要使用用于2 Legged OAuth的DotNetOpenAuth(DNOA)库来验证请求中的签名,它只有消费者密钥和密钥.

如果您使用DNOA进行任何示例实施2 Legged OAuth,那将会很有帮助.如果没有,任何关于如何实施的想法也会起作用.任何帮助将非常感激.

Answer 1

我无法让DNOA与两条腿的OAuth合作,所以我最终使用http://oauth.googlecode.com/svn/code/csharp/OAuthBase.cs作为我的基类来制作我自己的消费者来处理签名签名.您需要做的就是将其子类化并使用签名方法构建http授权标头...

string sigMethodType = GetSigMethodType();
string ts, nonce, normalizedUrl, normalizedParams;
string sig = GenerateSignature(new Uri("http://some-endpoint-to-call"), "GET", out nonce, out ts, out normalizedUrl, out normalizedParams);

string header = "OAuth realm=\"" + normalizedUrl + "\"," +
                OAuthConsumerKeyKey + "=\"" + ConsumerKey + "\"," +
                OAuthSignatureMethodKey + "=\"" + "HMACSHA1SignatureType" + "\"," +
                OAuthSignatureKey + "=\"" + sig + "\"," +
                OAuthTimestampKey + "=\"" + ts + "\"," +
                OAuthTokenKey + "=\"" + String.Empty + "\"," +
                OAuthNonceKey + "=\"" + nonce + "\"," +
                OAuthVersionKey + "=\"" + OAuthVersion + "\"";

Run Code Online (Sandbox Code Playgroud)

获得授权标题后,只需构建您的Web请求并发送它...

var wr = (HttpWebRequest)HttpWebRequest.Create(messageEndpoint.Location);
wr.Headers.Add(HttpRequestHeader.Authorization, BuildAuthHeader(messageEndpoint));
wr.ContentType = messageEndpoint.ContentType;
wr.Method = CdwHttpMethods.Verbs[messageEndpoint.HttpMethod];
using (var resp = (HttpWebResponse)req.GetResponse())
{
    switch (resp.StatusCode)
    {
        case HttpStatusCode.Unauthorized:
            Assert.Fail("OAuth authorization failed");
            break;
        case HttpStatusCode.OK:
            using (var stream = resp.GetResponseStream())
            {
                using (var sr = new StreamReader(stream))
                {
                    var respString = sr.ReadToEnd();
                }
            }
            break;
    }
}

Run Code Online (Sandbox Code Playgroud)

更新: 我还能够让双腿与devdefined的oauth消费者合作.http://code.google.com/p/devdefined-tools/wiki/OAuthConsumer

var endPoint = new Uri("http://example.com/restendpoint.svc");
            var ctx = new OAuthConsumerContext
                        {
                            ConsumerKey = "consumerkey1",
                            ConsumerSecret = "consumersecret1",
                            SignatureMethod = SignatureMethod.HmacSha1
                        };

            var session = new OAuthSession(ctx, endPoint, endPoint, endPoint);
            var respText = session.Request().Get().ForUri(endPoint).ToString();

Run Code Online (Sandbox Code Playgroud)

如果它有一个空的构造函数或只是在上下文中的重载会很好,但这似乎有效.

归档时间：	15 年，7 月前
查看次数：	2560 次
最近记录：	13 年，10 月前