1. 首页
  2. 问答
  3. 谷歌混合的OpenID + OAuth的与dotnetopenauth

谷歌混合的OpenID + OAuth的与dotnetopenauth

2012-10-18 48 views
3

我可能已经在过去两天花了10多个小时的努力理解如何实现用户登录与谷歌混合的OpenID + OAuth的(Federated Login谷歌混合的OpenID + OAuth的与dotnetopenauth

要触发授权请求我使用方法:

InMemoryOAuthTokenManager tm = new InMemoryOAuthTokenManager(ConfigurationManager.AppSettings["googleConsumerKey"], ConfigurationManager.AppSettings["googleConsumerSecret"]); 
using (OpenIdRelyingParty openid = new OpenIdRelyingParty()) 
{ 
    Realm realm = HttpContext.Current.Request.Url.Scheme + Uri.SchemeDelimiter + ConfigurationManager.AppSettings["googleConsumerKey"] + "/"; 
    IAuthenticationRequest request = openid.CreateRequest(identifier, Realm.AutoDetect, new Uri(HttpContext.Current.Request.Url.Scheme + "://" + HttpContext.Current.Request.Url.Authority + "/OAuth/google")); 

    var authorizationRequest = new AuthorizationRequest 
    { 
    Consumer = ConfigurationManager.AppSettings["googleConsumerKey"], 
    Scope = "https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/plus.me", 
    }; 

    request.AddExtension(authorizationRequest); 

    request.AddExtension(new ClaimsRequest 
    { 
    Email = DemandLevel.Request, 
    Gender = DemandLevel.Require 
    }); 

    request.RedirectToProvider(); 
}

要检索的accessToken我用:

using (OpenIdRelyingParty openid = new OpenIdRelyingParty()) 
{ 
    IAuthenticationResponse authResponse = openid.GetResponse(); 
    if (authResponse != null) 
    { 
    switch (authResponse.Status) 
    { 
     case AuthenticationStatus.Authenticated: 
     HttpContext.Current.Trace.Write("AuthenticationStatus", "Authenticated"); 
     FetchResponse fr = authResponse.GetExtension<FetchResponse>(); 

     InMemoryOAuthTokenManager tm = new InMemoryOAuthTokenManager(ConfigurationManager.AppSettings["googleConsumerKey"], ConfigurationManager.AppSettings["googleConsumerSecret"]); 

     ServiceProviderDescription spd = new ServiceProviderDescription { 
      spd.RequestTokenEndpoint = new DotNetOpenAuth.Messaging.MessageReceivingEndpoint("https://accounts.google.com/o/oauth2/token", HttpDeliveryMethods.AuthorizationHeaderRequest | HttpDeliveryMethods.GetRequest); 
      spd.AccessTokenEndpoint = new DotNetOpenAuth.Messaging.MessageReceivingEndpoint("https://accounts.google.com/o/oauth2/token", HttpDeliveryMethods.AuthorizationHeaderRequest | HttpDeliveryMethods.GetRequest); 
      spd.UserAuthorizationEndpoint = new DotNetOpenAuth.Messaging.MessageReceivingEndpoint("https://accounts.google.com/o/oauth2/auth?access_type=offline", HttpDeliveryMethods.AuthorizationHeaderRequest | HttpDeliveryMethods.GetRequest); 
      spd.TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() }; 

     WebConsumer wc = new WebConsumer(spd, tm); 
     AuthorizedTokenResponse accessToken = wc.ProcessUserAuthorization(); 

     if (accessToken != null) 
     { 
      HttpContext.Current.Trace.Write("accessToken", accessToken.ToString()); 
     } 
     else 
     { 
     } 
     break; 
     case AuthenticationStatus.Canceled: 
     HttpContext.Current.Trace.Write("AuthenticationStatus", "Canceled"); 
     break; 
     case AuthenticationStatus.Failed: 
     HttpContext.Current.Trace.Write("AuthenticationStatus", "Failed"); 
     break; 
     default: 
     break; 
    } 
    } 
}

可惜的是,我得到AuthenticationStatus.Authenticatedwc.ProcessUserAuthorization()null

我在做什么错?

非常感谢您的帮助。

来源

2012-10-18 Max Favilli

回答

1

而不是使用WebConsumer,使用WebConsumerOpenIdRelyingParty类,它在DotNetOpenAuth.OpenIdOAuth NuGet包中可用。该类提供了用于将OAuth请求作为OpenID扩展(无论如何你都做得很好)以及在返回时提取OpenID扩展响应的辅助方法。

看着the source code for the above mentioned class可能会有助于激励你。在DotNetOpenAuth中还有一个专门针对Google OpenID登录和OAuth扩展的示例。 Get the samples from SourceForge,然后查看OpenIdRelyingPartyWebForms示例项目的loginPlusOAuth.aspx页面(以及代码隐藏和支持类)。

来源

2012-10-25 05:45:08

相关问题

 相关问题