ProcessNetserAuthorization上的DotNetOpenAuth错误请求

Question

我使用DotNetOpenAuth示例实现了SSO流程（OAuth 2.0）。该解决方案有3个项目（客户端Web，授权服务器和资源服务器），在授权服务器将授权代码返回给客户端后，我在处理用户授权响应的步骤中遇到了问题。

http://localhost/OAuthClient/SampleWcf2.aspx?code=xxx&state=L6SAxlXhlxwsBRcTCK3IAw

例外是：

[WebException: The remote server returned an error: (400) Bad Request.]
   System.Net.HttpWebRequest.GetResponse() +8765848
   DotNetOpenAuth.Messaging.StandardWebRequestHandler.GetResponse(HttpWebRequest request, DirectWebRequestOptions options) +271

[ProtocolException: Error occurred while sending a direct message or getting the response.]
   DotNetOpenAuth.Messaging.StandardWebRequestHandler.GetResponse(HttpWebRequest request, DirectWebRequestOptions options) +2261
   DotNetOpenAuth.Messaging.Channel.RequestCore(IDirectedProtocolMessage request) +516
   DotNetOpenAuth.Messaging.Channel.Request(IDirectedProtocolMessage requestMessage) +138
   DotNetOpenAuth.OAuth2.ClientBase.UpdateAuthorizationWithResponse(IAuthorizationState authorizationState, EndUserAuthorizationSuccessAuthCodeResponse authorizationSuccess) +210
   DotNetOpenAuth.OAuth2.WebServerClient.ProcessUserAuthorization(HttpRequestBase request) +904
   OAuthClient.SampleWcf2.Page_Load(Object sender, EventArgs e) +118
   System.Web.UI.Control.LoadRecursive() +71
   System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +3178

这是我的代码：

protected void Page_Load(object sender, EventArgs e) {
            if (!IsPostBack) {
                // Check to see if we're receiving a end user authorization response.
                var authorization = Client.ProcessUserAuthorization();                
                //Temp
                if (authorization != null)
                {
                    // We are receiving an authorization response.  Store it and associate it with this user.
                    Authorization = authorization;
                    Response.Redirect(Request.Path); // get rid of the /?code= parameter
                }
            }

            if (Authorization != null) {
                // Indicate to the user that we have already obtained authorization on some of these.
                foreach (var li in this.scopeList.Items.OfType<ListItem>().Where(li => Authorization.Scope.Contains(li.Value))) {
                    li.Selected = true;
                }
                this.authorizationLabel.Text = "Authorization received!";
                if (Authorization.AccessTokenExpirationUtc.HasValue) {
                    TimeSpan timeLeft = Authorization.AccessTokenExpirationUtc.Value - DateTime.UtcNow;
                    this.authorizationLabel.Text += string.Format(CultureInfo.CurrentCulture, "  (access token expires in {0} minutes)", Math.Round(timeLeft.TotalMinutes, 1));
                }
            }

            this.getNameButton.Enabled = this.getAgeButton.Enabled = this.getFavoriteSites.Enabled = Authorization != null;
        }