我使用DotNetOpenAuth示例实现了SSO流程(OAuth 2.0)。该解决方案有3个项目(客户端Web,授权服务器和资源服务器),在授权服务器将授权代码返回给客户端后,我在处理用户授权响应的步骤中遇到了问题。
http://localhost/OAuthClient/SampleWcf2.aspx?code=xxx&state=L6SAxlXhlxwsBRcTCK3IAw
例外是:
[WebException: The remote server returned an error: (400) Bad Request.]
System.Net.HttpWebRequest.GetResponse() +8765848
DotNetOpenAuth.Messaging.StandardWebRequestHandler.GetResponse(HttpWebRequest request, DirectWebRequestOptions options) +271
[ProtocolException: Error occurred while sending a direct message or getting the response.]
DotNetOpenAuth.Messaging.StandardWebRequestHandler.GetResponse(HttpWebRequest request, DirectWebRequestOptions options) +2261
DotNetOpenAuth.Messaging.Channel.RequestCore(IDirectedProtocolMessage request) +516
DotNetOpenAuth.Messaging.Channel.Request(IDirectedProtocolMessage requestMessage) +138
DotNetOpenAuth.OAuth2.ClientBase.UpdateAuthorizationWithResponse(IAuthorizationState authorizationState, EndUserAuthorizationSuccessAuthCodeResponse authorizationSuccess) +210
DotNetOpenAuth.OAuth2.WebServerClient.ProcessUserAuthorization(HttpRequestBase request) +904
OAuthClient.SampleWcf2.Page_Load(Object sender, EventArgs e) +118
System.Web.UI.Control.LoadRecursive() +71
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +3178
这是我的代码:
protected void Page_Load(object sender, EventArgs e) {
if (!IsPostBack) {
// Check to see if we're receiving a end user authorization response.
var authorization = Client.ProcessUserAuthorization();
//Temp
if (authorization != null)
{
// We are receiving an authorization response. Store it and associate it with this user.
Authorization = authorization;
Response.Redirect(Request.Path); // get rid of the /?code= parameter
}
}
if (Authorization != null) {
// Indicate to the user that we have already obtained authorization on some of these.
foreach (var li in this.scopeList.Items.OfType<ListItem>().Where(li => Authorization.Scope.Contains(li.Value))) {
li.Selected = true;
}
this.authorizationLabel.Text = "Authorization received!";
if (Authorization.AccessTokenExpirationUtc.HasValue) {
TimeSpan timeLeft = Authorization.AccessTokenExpirationUtc.Value - DateTime.UtcNow;
this.authorizationLabel.Text += string.Format(CultureInfo.CurrentCulture, " (access token expires in {0} minutes)", Math.Round(timeLeft.TotalMinutes, 1));
}
}
this.getNameButton.Enabled = this.getAgeButton.Enabled = this.getFavoriteSites.Enabled = Authorization != null;
}