覆盖OAuth2令牌端点请求.net核心

时间:2018-03-27 15:04:50

标签: c# asp.net-core oauth-2.0 ebay-api

我试图通过注册身份验证中间件来在.net core 2中使用Ebay的OAuth2流程。授权成功,但在中间件处理令牌请求时(在从授权服务接收代码之后)收到此错误。

Exception: OAuth token endpoint failure: Status: BadRequest;Headers: 
Connection: keep-alive
Date: Tue, 27 Mar 2018 14:42:38 GMT
...  
Body: {"error":"invalid_request","error_description":"request is missing a 
required parameter or malformed."};

eBay对访问令牌请求的要求是

HTTP method: POST  
URL (Sandbox): https://api.sandbox.ebay.com/identity/v1/oauth2/token
HTTP headers:  
  Content-Type = application/x-www-form-urlencoded  
  Authorization = Basic 'B64-encoded-oauth-credentials'

Request body (wrapped for readability):  
grant_type=authorization_code&  
code=<authorization-code-value>&  
redirect_uri='RuName-value'

似乎请求令牌的格式不正确,其中代码可以格式化令牌请求所需的正文和标题。

附加我的代码my code

代码:

public void ConfigureServices(IServiceCollection services)
    {
        services.AddMvc();

        services.Configure<MvcOptions>(options =>
        {
            options.Filters.Add(new RequireHttpsAttribute());
            options.SslPort = 44321;
        });

        services.AddAntiforgery(
            options =>
            {
                options.Cookie.Name = "_af";
                options.Cookie.HttpOnly = true;
                options.Cookie.SecurePolicy = CookieSecurePolicy.Always;
                options.HeaderName = "X-XSRF-TOKEN";
            });

        // authentication middleware
        services.AddAuthentication(options =>
        {
            options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
            options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
            options.DefaultChallengeScheme = "Ebay";
        })
    .AddCookie()
    .AddOAuth("Ebay", options =>
    {
        options.ClientId = "my-client-id";
        options.ClientSecret = "my-secret";
        options.CallbackPath = "/signin-Ebay";

        options.AuthorizationEndpoint = "https://signin.ebay.com/authorize?redirect_uri=my-uri";
        options.TokenEndpoint = "https://api.ebay.com/identity/v1/oauth2/token";
        options.Scope.Add("https://api.ebay.com/oauth/api_scope");

        options.Events = new OAuthEvents
        {
            OnCreatingTicket = async context =>
            {
                var request = new HttpRequestMessage(HttpMethod.Get, context.Options.UserInformationEndpoint);
                request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
                request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", context.AccessToken);

                var response = await context.Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, 
                                                                    context.HttpContext.RequestAborted);
                response.EnsureSuccessStatusCode();

                var user = JObject.Parse(await response.Content.ReadAsStringAsync());

                context.RunClaimActions(user);
            }
        };
    });


    }

0 个答案:

没有答案
相关问题
最新问题