OAuth 1a MVC4和WebApi

时间:2012-09-19 20:02:09

标签: oauth asp.net-mvc-4 asp.net-web-api dotnetopenauth

所以我尝试使用MVC 4 Webapi而不是WCF从DotNetOpenAuth重新实现OAuth1 OAuthConsumer和OAuthServiceProvider示例。我已经在Callback端点中完成了所有工作。当它进行ProcessUserAuthorization调用时,它似乎在MVC 4版本的DotNetOpenAuth代码中采用不同的路径,然后它在样本中执行。在示例中,它调用DatabaseTokenManager.GetRequestToken方法。但是在MVC 4版本中,它调用GetAccessToken方法。 我在每种情况下都使用相同的Consumer项目。我将OAuth.ashx从原始样本复制到MVC 4版本。我创建了一个新的令牌管理器,使用相同的数据库,但没有使用EntityFramework,我使用PetaPoco进行数据库访问。 我的问题是为什么会发生这种情况,如果有人使用MVC4 / WebApi做过OAuth1的样本。在当前的Web框架下看到这一点会很高兴。

这是调用堆栈: DotNetOpenAuth.OAuth.ServiceProvider.dll!DotNetOpenAuth.OAuth.ChannelElements.TokenHandlingBindingElement.VerifyThrowTokenNotExpired(DotNetOpenAuth.OAuth.Messages.AccessProtectedResourceRequest message) + 0x7d bytes DotNetOpenAuth.OAuth.ServiceProvider.dll!DotNetOpenAuth.OAuth.ChannelElements.TokenHandlingBindingElement.ProcessIncomingMessage(DotNetOpenAuth.Messaging.IProtocolMessage message) + 0x92 bytes
DotNetOpenAuth.Core.dll!DotNetOpenAuth.Messaging.Channel.ProcessIncomingMessage(DotNetOpenAuth.Messaging.IProtocolMessage message = {DotNetOpenAuth.OAuth.Messages.AccessProtectedResourceRequest}) + 0x1d3 bytes
DotNetOpenAuth.Core.dll!DotNetOpenAuth.Messaging.Channel.ReadFromRequest(System.Web.HttpRequestBase httpRequest) + 0x26d bytes
Provider.dll!Provider.OAuthHandler.ProcessRequest(System.Web.HttpContext context = {System.Web.HttpContext}) Line 29 + 0x23 bytes C# System.Web.dll!System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() + 0x391 bytes
System.Web.dll!System.Web.HttpApplication.ExecuteStep(System.Web.HttpApplication.IExecutionStep step = {System.Web.HttpApplication.CallHandlerExecutionStep}, ref bool completedSynchronously = false) + 0xa5 bytes System.Web.dll!System.Web.HttpApplication.PipelineStepManager.ResumeSteps(System.Exception error) + 0x7d1 bytes System.Web.dll!System.Web.HttpApplication.BeginProcessRequestNotification(System.Web.HttpContext context, System.AsyncCallback cb) + 0x80 bytes System.Web.dll!System.Web.HttpRuntime.ProcessRequestNotificationPrivate(System.Web.Hosting.IIS7WorkerRequest wr = {System.Web.Hosting.IIS7WorkerRequest}, System.Web.HttpContext context = {System.Web.HttpContext}) + 0x2ae bytes
System.Web.dll!System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(System.IntPtr rootedObjectsPointer, System.IntPtr nativeRequestContext = 74727914648, System.IntPtr moduleData, int flags) + 0x491 bytes System.Web.dll!System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(System.IntPtr rootedObjectsPointer, System.IntPtr nativeRequestContext, System.IntPtr moduleData, int flags) + 0x22 bytes

这是日志输出:

2012-09-21 07:57:31,143 (GMT-5) [10] INFO DotNetOpenAuth.OAuthServiceProvider - Sample starting... 2012-09-21 07:57:31,835 (GMT-5) [8] INFO DotNetOpenAuth - DotNetOpenAuth.Core, Version=4.1.0.12182, Culture=neutral, PublicKeyToken=2780ccd10d57b246 (official) 2012-09-21 07:57:31,838 (GMT-5) [8] INFO DotNetOpenAuth - Reporting will use isolated storage with scope: User, Domain, Assembly 2012-09-21 07:57:31,850 (GMT-5) [8] ERROR DotNetOpenAuth - Error while trying to initialize reporting. 2012-09-21 07:57:31,858 (GMT-5) [8] INFO DotNetOpenAuth.Messaging.Channel - Scanning incoming request for messages: http://localhost:8092/OAuthHandler.ashx 2012-09-21 07:57:31,953 (GMT-5) [8] DEBUG DotNetOpenAuth.Messaging.Channel - Incoming request received: UnauthorizedTokenRequest 2012-09-21 07:57:31,960 (GMT-5) [8] INFO DotNetOpenAuth.Messaging.Channel - Processing incoming UnauthorizedTokenRequest (1.0.1) message: oauth_callback: http://localhost:8093/Home/OAuthCallBack oauth_consumer_key: consumerkey oauth_nonce: Z8GPrfzX oauth_signature_method: HMAC-SHA1 oauth_signature: A1RrN/A/VpmGF4/cMT55qS2m4RU= oauth_version: 1.0 oauth_timestamp: 1348232249 scope: testScope 2012-09-21 07:57:31,978 (GMT-5) [8] DEBUG DotNetOpenAuth.Messaging.Bindings - Verifying incoming UnauthorizedTokenRequest message signature of: A1RrN/A/VpmGF4/cMT55qS2m4RU= 2012-09-21 07:57:31,979 (GMT-5) [8] DEBUG DotNetOpenAuth.Messaging.Channel - Applying secrets to message to prepare for signing or signature verification. 2012-09-21 07:57:32,085 (GMT-5) [8] DEBUG DotNetOpenAuth.Messaging.Bindings - Constructed signature base string: POST&http%3A%2F%2Flocalhost%3A8092%2FOAuthHandler.ashx&oauth_callback%3Dhttp%253A%252F%252Flocalhost%253A8093%252FHome%252FOAuthCallBack%26oauth_consumer_key%3Dconsumerkey%26oauth_nonce%3DZ8GPrfzX%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1348232249%26oauth_version%3D1.0%26scope%3DtestScope 2012-09-21 07:57:32,085 (GMT-5) [8] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OAuth.ChannelElements.SigningBindingElementChain applied to message. 2012-09-21 07:57:32,088 (GMT-5) [8] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.Messaging.Bindings.StandardExpirationBindingElement applied to message. 2012-09-21 07:57:32,097 (GMT-5) [8] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.Messaging.Bindings.StandardReplayProtectionBindingElement applied to message. 2012-09-21 07:57:32,098 (GMT-5) [8] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OAuth.ChannelElements.OAuthHttpMethodBindingElement did not apply to message. 2012-09-21 07:57:32,099 (GMT-5) [8] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OAuth.ChannelElements.TokenHandlingBindingElement did not apply to message. 2012-09-21 07:57:32,100 (GMT-5) [8] DEBUG DotNetOpenAuth.Messaging.Channel - After binding element processing, the received UnauthorizedTokenRequest (1.0.1) message is: oauth_callback: http://localhost:8093/Home/OAuthCallBack oauth_consumer_key: consumerkey oauth_nonce: Z8GPrfzX oauth_signature_method: HMAC-SHA1 oauth_signature: A1RrN/A/VpmGF4/cMT55qS2m4RU= oauth_version: 1.0 oauth_timestamp: 1348232249 scope: testScope 2012-09-21 07:57:32,111 (GMT-5) [8] DEBUG DotNetOpenAuth.Messaging.Channel - Preparing to send UnauthorizedTokenResponse (1.0.1) message. 2012-09-21 07:57:32,143 (GMT-5) [8] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OAuth.ChannelElements.TokenHandlingBindingElement applied to message. 2012-09-21 07:57:32,144 (GMT-5) [8] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OAuth.ChannelElements.OAuthHttpMethodBindingElement did not apply to message. 2012-09-21 07:57:32,145 (GMT-5) [8] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.Messaging.Bindings.StandardReplayProtectionBindingElement did not apply to message. 2012-09-21 07:57:32,146 (GMT-5) [8] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.Messaging.Bindings.StandardExpirationBindingElement did not apply to message. 2012-09-21 07:57:32,148 (GMT-5) [8] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OAuth.ChannelElements.SigningBindingElementChain did not apply to message. 2012-09-21 07:57:32,151 (GMT-5) [8] INFO DotNetOpenAuth.Messaging.Channel - Prepared outgoing UnauthorizedTokenResponse (1.0.1) message for : oauth_token: XO93OJQIsiEtVdKuN3GCce1gYIU= oauth_token_secret: br6QQ1ZwOyx7MJuxD23nM2Ro690= oauth_callback_confirmed: true 2012-09-21 07:57:32,151 (GMT-5) [8] DEBUG DotNetOpenAuth.Messaging.Channel - Sending message: UnauthorizedTokenResponse 2012-09-21 07:57:32,337 (GMT-5) [8] INFO DotNetOpenAuth.Messaging.Channel - Scanning incoming request for messages: http://localhost:8092/OAuthHandler.ashx 2012-09-21 07:57:32,352 (GMT-5) [8] DEBUG DotNetOpenAuth.Messaging.Channel - Incoming request received: UserAuthorizationRequest 2012-09-21 07:57:32,352 (GMT-5) [8] INFO DotNetOpenAuth.Messaging.Channel - Processing incoming UserAuthorizationRequest (1.0.1) message: oauth_token: XO93OJQIsiEtVdKuN3GCce1gYIU= 2012-09-21 07:57:32,352 (GMT-5) [8] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OAuth.ChannelElements.SigningBindingElementChain did not apply to message. 2012-09-21 07:57:32,352 (GMT-5) [8] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.Messaging.Bindings.StandardExpirationBindingElement did not apply to message. 2012-09-21 07:57:32,352 (GMT-5) [8] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.Messaging.Bindings.StandardReplayProtectionBindingElement did not apply to message. 2012-09-21 07:57:32,352 (GMT-5) [8] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OAuth.ChannelElements.OAuthHttpMethodBindingElement did not apply to message. 2012-09-21 07:57:32,357 (GMT-5) [8] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OAuth.ChannelElements.TokenHandlingBindingElement did not apply to message. 2012-09-21 07:57:32,357 (GMT-5) [8] DEBUG DotNetOpenAuth.Messaging.Channel - After binding element processing, the received UserAuthorizationRequest (1.0.1) message is: oauth_token: XO93OJQIsiEtVdKuN3GCce1gYIU= 2012-09-21 07:57:32,373 (GMT-5) [8] DEBUG DotNetOpenAuth.Messaging.Channel - Preparing to send UserAuthorizationResponse (1.0.1) message. 2012-09-21 07:57:32,375 (GMT-5) [8] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OAuth.ChannelElements.TokenHandlingBindingElement applied to message. 2012-09-21 07:57:32,375 (GMT-5) [8] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OAuth.ChannelElements.OAuthHttpMethodBindingElement did not apply to message. 2012-09-21 07:57:32,376 (GMT-5) [8] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.Messaging.Bindings.StandardReplayProtectionBindingElement did not apply to message. 2012-09-21 07:57:32,376 (GMT-5) [8] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.Messaging.Bindings.StandardExpirationBindingElement did not apply to message. 2012-09-21 07:57:32,376 (GMT-5) [8] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OAuth.ChannelElements.SigningBindingElementChain did not apply to message. 2012-09-21 07:57:32,379 (GMT-5) [8] INFO DotNetOpenAuth.Messaging.Channel - Prepared outgoing UserAuthorizationResponse (1.0.1) message for http://localhost:8093/Home/OAuthCallBack: oauth_verifier: adbSjIo= oauth_token: XO93OJQIsiEtVdKuN3GCce1gYIU= 2012-09-21 07:57:32,379 (GMT-5) [8] DEBUG DotNetOpenAuth.Messaging.Channel - Sending message: UserAuthorizationResponse 2012-09-21 07:57:32,385 (GMT-5) [8] DEBUG DotNetOpenAuth.Http - Redirecting to http://localhost:8093/Home/OAuthCallBack?oauth_verifier=adbSjIo%3D&oauth_token=XO93OJQIsiEtVdKuN3GCce1gYIU%3D 2012-09-21 07:57:32,423 (GMT-5) [5] INFO DotNetOpenAuth.Messaging.Channel - Scanning incoming request for messages: http://localhost:8092/OAuthHandler.ashx 2012-09-21 07:57:32,428 (GMT-5) [5] DEBUG DotNetOpenAuth.Messaging.Channel - Incoming request received: AccessProtectedResourceRequest 2012-09-21 07:57:32,428 (GMT-5) [5] INFO DotNetOpenAuth.Messaging.Channel - Processing incoming AccessProtectedResourceRequest (1.0) message: oauth_token: XO93OJQIsiEtVdKuN3GCce1gYIU= oauth_consumer_key: consumerkey oauth_nonce: DxRe5Bax oauth_signature_method: HMAC-SHA1 oauth_signature: U1gDRYSdm6cD+lWjc3BdJObEnhE= oauth_version: 1.0 oauth_timestamp: 1348232252 oauth_verifier: adbSjIo= 2012-09-21 07:57:32,428 (GMT-5) [5] DEBUG DotNetOpenAuth.Messaging.Bindings - Verifying incoming AccessProtectedResourceRequest message signature of: U1gDRYSdm6cD+lWjc3BdJObEnhE= 2012-09-21 07:57:32,428 (GMT-5) [5] DEBUG DotNetOpenAuth.Messaging.Channel - Applying secrets to message to prepare for signing or signature verification. 2012-09-21 07:57:32,442 (GMT-5) [5] DEBUG DotNetOpenAuth.Messaging.Bindings - Constructed signature base string: POST&http%3A%2F%2Flocalhost%3A8092%2FOAuthHandler.ashx&oauth_consumer_key%3Dconsumerkey%26oauth_nonce%3DDxRe5Bax%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1348232252%26oauth_token%3DXO93OJQIsiEtVdKuN3GCce1gYIU%253D%26oauth_verifier%3DadbSjIo%253D%26oauth_version%3D1.0 2012-09-21 07:57:32,442 (GMT-5) [5] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OAuth.ChannelElements.SigningBindingElementChain applied to message. 2012-09-21 07:57:32,442 (GMT-5) [5] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.Messaging.Bindings.StandardExpirationBindingElement applied to message. 2012-09-21 07:57:32,443 (GMT-5) [5] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.Messaging.Bindings.StandardReplayProtectionBindingElement applied to message. 2012-09-21 07:57:32,443 (GMT-5) [5] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OAuth.ChannelElements.OAuthHttpMethodBindingElement did not apply to message.

这是Provider上处理程序中的代码:

http://localhost:8092/OAuthHandler.ashx

以下是消费者的代码:

http://localhost:8093/Home/OAuthCallBack

1 个答案:

答案 0 :(得分:0)

所以我发现了问题,即TokenManager实现的GetTokenType方法中的错误。