如何让OAuth与DotNetOpenAuth和Evernote一起工作

本文关键字:Evernote 一起 工作 DotNetOpenAuth OAuth | 更新日期: 2023-09-27 18:20:00

我正试图使用DotNetOpenAuth库编写一个C#ASP.NET MVC应用程序,该库使用OAuth连接到Evernote沙盒,但我很难使其正常工作。在调用回调之前,我的应用程序一直很好,但当我在该图的步骤10中尝试请求交换临时凭据时,它失败了,并显示401 Unauthorized。

我的回拨如下:

    public ActionResult OAuthCallback()
    {
        var webConsumer = CreateWebConsumer();
        var accessTokenResponse = webConsumer.ProcessUserAuthorization();
        if (accessTokenResponse != null)
        {
            AccessToken = accessTokenResponse.AccessToken;
        }

        return RedirectToAction("Index");
    }

异常发生在var accessTokenResponse = webConsumer.ProcessUserAuthorization();线路上,该线路正试图进行凭证交换。

Fiddler显示以下内容:

调用回调:

GET http://localhost:22297/Home/OAuthCallback?oauth_token=GiddyUpHorsey.13F82BDC264.687474703A2F2F6C6F63616C686F73743A32323239372F486F6D652F4F4175746843616C6C6261636B.CFB67142944B4EB90148DDAFE2120A71&oauth_verifier=93534C2B04F862E57B30D738C3569242 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Connection: Keep-Alive
Accept-Language: en-NZ
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)
Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: localhost:22297
DNT: 1
Cache-Control: no-cache

请求代币交换:

webConsumer.ProcessUserAuthorization();触发。

POST https://sandbox.evernote.com/oauth HTTP/1.1
Content-Type: application/x-www-form-urlencoded; charset=utf-8
User-Agent: DotNetOpenAuth.Core/4.3.0.13117
Host: sandbox.evernote.com
Cache-Control: no-store,no-cache
Pragma: no-cache
Content-Length: 369
Expect: 100-continue
oauth_verifier=93534C2B04F862E57B30D738C3569242&oauth_token=GiddyUpHorsey.13F82BDC264.687474703A2F2F6C6F63616C686F73743A32323239372F486F6D652F4F4175746843616C6C6261636B.CFB67142944B4EB90148DDAFE2120A71&oauth_consumer_key=GiddyUpHorsey&oauth_nonce=cHABo5jv&oauth_signature_method=PLAINTEXT&oauth_signature=4c0dd81215379f75%26&oauth_version=1.0&oauth_timestamp=1372288061

响应:

HTTP/1.1 401 Unauthorized
Set-Cookie: JSESSIONID=4CDCD690AEAD69D952CEE4CBED5AC8DC; Path=/
Content-Type: text/html;charset=ISO-8859-1
Content-Language: en
Date: Wed, 26 Jun 2013 23:07:48 GMT
Server: Evernote/1.0
Content-Length: 1587

<html>
.....
        <div class="page-header">
          <h1>
            Oops, we encountered an error.</h1>
        </div>
        <div>
          <p>
            Sorry, we've encountered an unexpected error.</p>
        </div>
        <div class="clear"></div>
      </div>
...
</html>

(我从响应中去掉了大部分HTML)

为什么401未经授权会失败?

如何让OAuth与DotNetOpenAuth和Evernote一起工作

我不确定你是否能做到这一点,但今天早上我在玩Evernote、OpenAuth和C#,并设法做到了这一切。我整理了一篇博客文章/库,解释了这种体验,并概述了如何在这里使用MVChttp://www.shaunmccarthy.com/evernote-oauth-csharp/-它使用AsyncOAuth库:https://github.com/neuecc/AsyncOAuth

我围绕AsyncOAuth编写了一个包装器,您可能会在这里发现它很有用:https://github.com/shaunmccarthy/AsyncOAuth.Evernote.Simple

需要注意的一件棘手的事情是Evernote端点(/oauth和/oauth.action)是区分大小写的

// Download the library from https://github.com/shaunmccarthy/AsyncOAuth.Evernote.Simple
// Configure the Authorizer with the URL of the Evernote service,
// your key, and your secret. 
var EvernoteAuthorizer = new EvernoteAuthorizer(
    "https://sandbox.evernote.com", 
    "slyrp-1234", // Not my real id / secret :)
    "7acafe123456badb123");
// First of all, get a request token from Evernote - this causes a 
// webrequest from your server to Evernote.
// The callBackUrl is the URL you want the user to return to once
// they validate the app
var requestToken = EvernoteAuthorizer.GetRequestToken(callBackUrl);
// Persist this token, as we are going to redirect the user to 
// Evernote to Authorize this app
Session["RequestToken"] = requestToken;
// Generate the Evernote URL that we will redirect the user to in
// order to 
var callForwardUrl = EvernoteAuthorizer.BuildAuthorizeUrl(requestToken);
// Redirect the user (e.g. MVC)
return Redirect(callForwardUrl);
// ... Once the user authroizes the app, they get redirected to callBackUrl
// where we parse the request parameter oauth_validator and finally get
// our credentials
// null = they didn't authorize us
var credentials = EvernoteAuthorizer.ParseAccessToken(
    Request.QueryString["oauth_verifier"], 
    Session["RequestToken"] as RequestToken);
// Example of how to use the credential with Evernote SDK
var noteStoreUrl = EvernoteCredentials.NotebookUrl;
var noteStoreTransport = new THttpClient(new Uri(noteStoreUrl));
var noteStoreProtocol = new TBinaryProtocol(noteStoreTransport);
var noteStore = new NoteStore.Client(noteStoreProtocol);
List<Notebook> notebooks = client.listNotebooks(EvernoteCredentials.AuthToken);