我在C#中创建自己的OAuth 2.0客户端。它确实有效,但我想知道授权的功能是否正确和安全。我应该做一些数据加密吗?我见过一些OAuth客户端正在进行HMACSHA1加密。对不起,但我是新手。这是代码:
public string getAccessToken()
{
string uri = "http://192.168.1.89:8080/oauth/token";
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue(
"Basic", Convert.ToBase64String(System.Text.ASCIIEncoding.ASCII.GetBytes(
string.Format("{0}:{1}", client_id, client_secret))));
client.BaseAddress = new Uri(uri);
var parameters = new Dictionary<string, string>();
parameters["password"] = password;
parameters["username"] = username;
parameters["grant_type"] = grant_type;
parameters["scope"] = scope;
parameters["client_id"] = client_id;
parameters["client_secret"] = client_secret;
var response = client.PostAsync(uri, new FormUrlEncodedContent(parameters)).Result;
Console.WriteLine((response.StatusCode.ToString()));
string resultContent = response.Content.ReadAsStringAsync().Result;
Console.WriteLine(resultContent);
string s = "access_token\":\"";
string token = resultContent.Substring(resultContent.IndexOf(s) + s.Length, tokenLength);
return token;
}