• 基于DotNetOpenAuth的OAuth实现示例代码: 获取access token


    1. 场景

    根据OAuth 2.0规范,该场景发生于下面的流程图中的(D)(E)节点,根据已经得到的authorization code获取access token。

     

    2. 实现环境

    DotNetOpthAuth v5.0.0-alpha3, ASP.NET MVC 5, .NET Framework 4.5.1。

    2. 主要实现示例代码

    2.1. Authorization Server实现代码

    2.1.1. ASP.NET MVC Controller实现代码

    using System.Threading.Tasks;
    using System.Web.Mvc;
    using CNBlogs.Open.Domain.Entities.OpenAuth;
    using DotNetOpenAuth.OAuth2;
    using DotNetOpenAuth.Messaging;
    
    namespace CNBlogs.Open.Web.Controllers
    {
        public class OAuthController : Controller
        {
            public async Task<ActionResult> Token()
            {
                var authServer = new AuthorizationServer(new AuthorizationServerHost());
                var response = await authServer.HandleTokenRequestAsync(Request);
                return response.AsActionResult();
            }
        }
    }

    2.1.2. IAuthorizationServerHost接口实现

    需要实现IsAuthorizationValid与CreateAccessToken这两个方法,实现代码如下:

    public class AuthorizationServerHost : IAuthorizationServerHost
    {
         public bool IsAuthorizationValid(IAuthorizationDescription authorization)
        {
            return authorization.ClientIdentifier == "webclientdemo"
                && ClientIdentifier.;
        }
        public AccessTokenResult CreateAccessToken(IAccessTokenRequest accessTokenRequestMessage)
        {
            var accessToken = new AuthorizationServerAccessToken
            {
                Lifetime = TimeSpan.FromHours(10),
                SymmetricKeyStore = this.CryptoKeyStore,
            };
            var result = new AccessTokenResult(accessToken);
            return result;
        }
    }

    2.2 Client实现代码

    namespace OAuthWebClient.Controllers
    {
        public class OAuthController : Controller
        {
            private static readonly string CLIENT_ID = "webclientdemo";
    
            public async Task<ActionResult> Redirect(string code)
            {
                var httpClient = new HttpClient();
                var queryDict = new Dictionary<string, string>
                {
                    {"grant_type", "authorization_code"},
                    {"code", code},
                    {"redirect_uri", Request.Url.Scheme + "://" + 
                        Request.Url.Host + Request.Url.AbsolutePath},
                    {"client_id", CLIENT_ID},
                    {"client_secret", "webclientdemosecret"}
                };
    
                var httpContent = new FormUrlEncodedContent(queryDict);
                var response = await httpClient.PostAsync(Request.Url.Scheme + 
                    "://open.cnblogs.com/oauth/token", httpContent);
    
                return Content(await response.Content.ReadAsStringAsync());
            }
        }
    }

    考虑到跨平台访问的方便性,未使用DotNetOpenAuth.OAuth2.WebServerClient。 

    3. 参考资料:

  • 相关阅读:
    关于MSSQL导入导出时主键与约束丢失的问题解决
    逐层循环删除
    HttpContext.Current.User.Identity.IsAuthenticated
    如何给网站地址栏前增添图标
    站内搜索引擎
    一分钟加入google站内搜索代码
    【转】google谷歌百度收录网站的技巧方法,如何让百度收录?
    开启Microsoft SQL Management时,如果出现"未能加载包
    Zookeeper数据与存储
    前端学HTTP之实体和编码
  • 原文地址:https://www.cnblogs.com/dudu/p/dotnetopenauth_access_token.html
Copyright © 2020-2023  润新知