我已经在我的网站上登录了多年。我随机决定今天进行测试,发现它无法正常工作。
我正在使用dotnetopenauth 3.4.7.11121。我在我的网络配置中有twitterConsumerKey和twitterConsumerSecret。关于在哪里进行故障排除的想法?
错误是“远程服务器返回错误:(401)未经授权。”
我的注意事项:
public static OutgoingWebResponse StartSignInWithTwitter(bool forceNewLogin)
{
var redirectParameters = new Dictionary<string, string>();
if (forceNewLogin)
{
redirectParameters["force_login"] = "true";
}
Uri callback = MessagingUtilities.GetRequestUrlFromContext().StripQueryArgumentsWithPrefix("oauth_");
var request = TwitterSignIn.PrepareRequestUserAuthorization(callback, null, redirectParameters);
return TwitterSignIn.Channel.PrepareResponse(request);
}
例外:
[WebException: The remote server returned an error: (401) Unauthorized.]
System.Net.HttpWebRequest.GetResponse() +6442312
DotNetOpenAuth.Messaging.StandardWebRequestHandler.GetResponse(HttpWebRequest request, DirectWebRequestOptions options) in c:\BuildAgent\work\a02b428f36957bca\src\DotNetOpenAuth\Messaging\StandardWebRequestHandler.cs:126
[ProtocolException: Error occurred while sending a direct message or getting the response.]
DotNetOpenAuth.Messaging.StandardWebRequestHandler.GetResponse(HttpWebRequest request, DirectWebRequestOptions options) in c:\BuildAgent\work\a02b428f36957bca\src\DotNetOpenAuth\Messaging\StandardWebRequestHandler.cs:169
DotNetOpenAuth.Messaging.StandardWebRequestHandler.GetResponse(HttpWebRequest request) in c:\BuildAgent\work\a02b428f36957bca\src\DotNetOpenAuth\Messaging\StandardWebRequestHandler.cs:100
DotNetOpenAuth.Messaging.Channel.GetDirectResponse(HttpWebRequest webRequest) in c:\BuildAgent\work\a02b428f36957bca\src\DotNetOpenAuth\Messaging\Channel.cs:622
DotNetOpenAuth.Messaging.Channel.RequestCore(IDirectedProtocolMessage request) in c:\BuildAgent\work\a02b428f36957bca\src\DotNetOpenAuth\Messaging\Channel.cs:644
DotNetOpenAuth.Messaging.Channel.Request(IDirectedProtocolMessage requestMessage) in c:\BuildAgent\work\a02b428f36957bca\src\DotNetOpenAuth\Messaging\Channel.cs:467
DotNetOpenAuth.Messaging.Channel.Request(IDirectedProtocolMessage requestMessage) in c:\BuildAgent\work\a02b428f36957bca\src\DotNetOpenAuth\Messaging\Channel.cs:447
DotNetOpenAuth.OAuth.ConsumerBase.PrepareRequestUserAuthorization(Uri callback, IDictionary`2 requestParameters, IDictionary`2 redirectParameters, String& requestToken) in c:\BuildAgent\work\a02b428f36957bca\src\DotNetOpenAuth\OAuth\ConsumerBase.cs:221
TwitterConsumer.StartSignInWithTwitter(Boolean forceNewLogin) in c:\TFSWebForms\www.nanaimo.ca\Nanaimo.Ca\openID\TwitterConsumer.cs:207
openID_login.ibTwitter_Click(Object sender, EventArgs e) in c:\TFSWebForms\www.nanaimo.ca\Nanaimo.Ca\openID\login.aspx.cs:717
System.Web.UI.WebControls.LinkButton.OnClick(EventArgs e) +116
System.Web.UI.WebControls.LinkButton.RaisePostBackEvent(String eventArgument) +101
System.Web.UI.WebControls.LinkButton.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument) +10
System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) +13
System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData) +9643314
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +1724
更新 我使用了fiddler,发现dotnetopenauth在从http重定向到https时没有转发身份验证。
答案 0 :(得分:4)
我发现了我的问题。 Twitter似乎已经开始强制https,重定向停止工作。我更新了我的Twitter消费者,将其从http更改为https。我的消费者来自样本。
/// <summary>
/// The description of Twitter's OAuth protocol URIs for use with actually reading/writing
/// a user's private Twitter data.
/// </summary>
public static readonly ServiceProviderDescription ServiceDescription = new ServiceProviderDescription
{
RequestTokenEndpoint = new MessageReceivingEndpoint("https://twitter.com/oauth/request_token", HttpDeliveryMethods.GetRequest | HttpDeliveryMethods.AuthorizationHeaderRequest),
UserAuthorizationEndpoint = new MessageReceivingEndpoint("https://twitter.com/oauth/authorize", HttpDeliveryMethods.GetRequest | HttpDeliveryMethods.AuthorizationHeaderRequest),
AccessTokenEndpoint = new MessageReceivingEndpoint("https://twitter.com/oauth/access_token", HttpDeliveryMethods.GetRequest | HttpDeliveryMethods.AuthorizationHeaderRequest),
TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() },
};
/// <summary>
/// The description of Twitter's OAuth protocol URIs for use with their "Sign in with Twitter" feature.
/// </summary>
public static readonly ServiceProviderDescription SignInWithTwitterServiceDescription = new ServiceProviderDescription
{
RequestTokenEndpoint = new MessageReceivingEndpoint("https://twitter.com/oauth/request_token", HttpDeliveryMethods.GetRequest | HttpDeliveryMethods.AuthorizationHeaderRequest),
UserAuthorizationEndpoint = new MessageReceivingEndpoint("https://twitter.com/oauth/authenticate", HttpDeliveryMethods.GetRequest | HttpDeliveryMethods.AuthorizationHeaderRequest),
AccessTokenEndpoint = new MessageReceivingEndpoint("https://twitter.com/oauth/access_token", HttpDeliveryMethods.GetRequest | HttpDeliveryMethods.AuthorizationHeaderRequest),
TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() },
};
半相关:我的旧时间轴网址“http://twitter.com/statuses/user_timeline/14529984.xml”在某个时候更改为https://api.twitter.com/1/statuses/user_timeline/14529984.xml,打破了我应用的另一个功能。