更改从代码到令牌的C＃Owin响应类型

Question

我正在尝试使用OWIN进行Google/Facebook的外部登录。

面临的问题是owin挑战不断改变响应类型从令牌到代码。

挑战生成以下网址： https://accounts.google.com/o/oauth2/auth?response_type=code&client_id=client_dim&redirect_uri=mywebsite.com&scope=scope&state=state

这从谷歌返回一个错误。如果我将response_type更改为令牌（response_type = token），它将起作用。

这里是OAuth的选项

OAuthOptions = new OAuthAuthorizationServerOptions 
     { 

      TokenEndpointPath = new PathString("/Token"), 
      Provider = new ApplicationOAuthProvider(PublicClientId), 
      AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"), 
      AccessTokenExpireTimeSpan = TimeSpan.FromDays(14), 

      // In production mode set AllowInsecureHttp = false 
      AllowInsecureHttp = true, 


     }; 

谷歌中间件设置：

app.UseGoogleAuthentication(new GoogleOAuth2AuthenticationOptions() 
     { 
      ClientId = "clientid", 
      ClientSecret = "client secret", 
     }); 

我们的难题是：

var properties = new AuthenticationProperties() { AllowRefresh = true, RedirectUri="mywebsite.co.za" }; 


     Request.GetOwinContext().Authentication.Challenge(properties,LoginProvider); 

     HttpResponseMessage response = new HttpResponseMessage(HttpStatusCode.Unauthorized); 
     response.RequestMessage = Request; 
     return Task.FromResult(response); 

的OWIN是从一般的MVC API进行基本设置项目。

Answer 1

解决重写RESPONSE_TYPE令牌如下：

GoogleOAuth2AuthenticationOptions googleOAuth2AuthenticationOptions = new GoogleOAuth2AuthenticationOptions 
     { 
      ClientId = "clientid", 
      ClientSecret = "secret", 

      Provider = new GoogleOAuth2AuthenticationProvider 
      { 
       OnApplyRedirect = context => 
       { 
        string redirect = context.RedirectUri.Replace("response_type=code", "response_type=token"); 
        context.Response.Redirect(redirect); 
       }, 

      }, 
     }; 

     app.UseGoogleAuthentication(googleOAuth2AuthenticationOptions); 

它还引出了一个问题，如果谷歌的OAuth 2.0需要RESPONSE_TYPE =令牌为什么用Owin.google提供商使用RESPONSE_TYPE =代码。