我正在尝试在CSharp中创建一个身份验证模块,我需要使用DotNetOpenAuth(DNOA)Library for 2 Legged OAuth验证请求中的签名,该腿只有消费者密钥和密钥。
如果你有任何使用DNOA的2 Legged OAuth示例实现会有所帮助。 如果没有,任何关于如何实施的想法也会起作用。 任何帮助将不胜感激。
答案 0 :(得分:6)
我无法让DNOA使用双腿OAuth,因此我最终使用http://oauth.googlecode.com/svn/code/csharp/OAuthBase.cs作为我的基类来处理签名签名。您需要做的就是将其子类化并使用签名方法构建http授权标头...
string sigMethodType = GetSigMethodType();
string ts, nonce, normalizedUrl, normalizedParams;
string sig = GenerateSignature(new Uri("http://some-endpoint-to-call"), "GET", out nonce, out ts, out normalizedUrl, out normalizedParams);
string header = "OAuth realm=\"" + normalizedUrl + "\"," +
OAuthConsumerKeyKey + "=\"" + ConsumerKey + "\"," +
OAuthSignatureMethodKey + "=\"" + "HMACSHA1SignatureType" + "\"," +
OAuthSignatureKey + "=\"" + sig + "\"," +
OAuthTimestampKey + "=\"" + ts + "\"," +
OAuthTokenKey + "=\"" + String.Empty + "\"," +
OAuthNonceKey + "=\"" + nonce + "\"," +
OAuthVersionKey + "=\"" + OAuthVersion + "\"";
获得授权标题后,只需构建您的网络请求并发送...
var wr = (HttpWebRequest)HttpWebRequest.Create(messageEndpoint.Location);
wr.Headers.Add(HttpRequestHeader.Authorization, BuildAuthHeader(messageEndpoint));
wr.ContentType = messageEndpoint.ContentType;
wr.Method = CdwHttpMethods.Verbs[messageEndpoint.HttpMethod];
using (var resp = (HttpWebResponse)req.GetResponse())
{
switch (resp.StatusCode)
{
case HttpStatusCode.Unauthorized:
Assert.Fail("OAuth authorization failed");
break;
case HttpStatusCode.OK:
using (var stream = resp.GetResponseStream())
{
using (var sr = new StreamReader(stream))
{
var respString = sr.ReadToEnd();
}
}
break;
}
}
<强>更新 我也能够让双腿与devdefined的oauth消费者合作。 http://code.google.com/p/devdefined-tools/wiki/OAuthConsumer
var endPoint = new Uri("http://example.com/restendpoint.svc");
var ctx = new OAuthConsumerContext
{
ConsumerKey = "consumerkey1",
ConsumerSecret = "consumersecret1",
SignatureMethod = SignatureMethod.HmacSha1
};
var session = new OAuthSession(ctx, endPoint, endPoint, endPoint);
var respText = session.Request().Get().ForUri(endPoint).ToString();
如果它有一个空的构造函数或一个只接受上下文的重载会很好,但这似乎有效。