版本一:query.v1 C# OAuth2 收到 401 未经授权的错误，但 rest-1.oauth.v1/Data

本文关键字：v1 错误 rest-1 oauth 授权 Data query OAuth2 版本收到 | 更新日期: 2023-09-27 18:30:27

我能够使用 OAuth2 和这个进行查询：

/rest-1.oauth.v1/Data/Story?sel=Name,Number&Accept=text/json

但是，我无法让 OAuth2 和新查询 1.v1 对抗 Sumnmer2013 版本一。我收到（401） 使用两个不同的 URL 不支持未经授权和指定的方法。

下面是包含工作/rest-1.oauth.v1 和非工作查询 1.v1 和非工作 query.legacy.v1 的代码。滚动到代码底部以查看程序主（代码的起点）请告知我在这里缺少什么。

using System;
using System.Collections.Generic;
using System.Linq;
using System.Net;
using System.Net.Http;  
using System.Text;
using System.Threading.Tasks;
using OAuth2Client;
namespace ExampleMemberListCSharp
{
    class Defaults
    {
        public static string Scope = "apiv1";
        //public static string EndpointUrl = "http://localhost/VersionOne.Web";
        public static string EndpointUrl = "https://versionone-test.web.acme.com/summer13_demo";
        public static string ApiQueryWorks = "/rest-1.oauth.v1/Data/Member?Accept=text/json";
        public static string ApiQuery = "/rest-1.oauth.v1/Data/Story?sel=Name,Number&Accept=text/json";
    }

    static class WebClientExtensions
    {
        public static string DownloadStringOAuth2(this WebClient client, IStorage storage, string scope, string path)
        {
            var creds = storage.GetCredentials();
            client.AddBearer(creds);
            try
            {
                return client.DownloadString(path);
            }
            catch (WebException ex)
            {
                if (ex.Status == WebExceptionStatus.ProtocolError)
                {
                    if (((HttpWebResponse)ex.Response).StatusCode != HttpStatusCode.Unauthorized)
                        throw;
                    var secrets = storage.GetSecrets();
                    var authclient = new AuthClient(secrets, scope);
                    var newcreds = authclient.refreshAuthCode(creds);
                    var storedcreds = storage.StoreCredentials(newcreds);
                    client.AddBearer(storedcreds);
                    return client.DownloadString(path);
                }
                throw;
            }
        }
        public static string UploadStringOAuth2(this WebClient client, IStorage storage
            , string scope, string path, string pinMethod, string pinQueryBody)
        {
            var creds = storage.GetCredentials();
            client.AddBearer(creds);
            client.UseDefaultCredentials = true;
            try
            {
                return client.UploadString(path, pinMethod, pinQueryBody);
            }
            catch (WebException ex)
            {
                if (ex.Status == WebExceptionStatus.ProtocolError)
                {
                    if (((HttpWebResponse)ex.Response).StatusCode != HttpStatusCode.Unauthorized)
                        throw;
                    var secrets = storage.GetSecrets();
                    var authclient = new AuthClient(secrets, scope);
                    var newcreds = authclient.refreshAuthCode(creds);
                    var storedcreds = storage.StoreCredentials(newcreds);
                    client.AddBearer(storedcreds);
                    client.UseDefaultCredentials = true;
                    return client.UploadString(path, pinMethod, pinQueryBody);
                }
                throw;
            }
        }
    }

    class AsyncProgram
    {
        private static async Task<string> DoRequestAsync(string path)
        {
            var httpclient = HttpClientFactory.WithOAuth2("apiv1");
            var response = await httpclient.GetAsync(Defaults.EndpointUrl + Defaults.ApiQuery);
            var body = await response.Content.ReadAsStringAsync();
            return body;
        }
        public static int MainAsync(string[] args)
        {
            var t = DoRequestAsync(Defaults.EndpointUrl + Defaults.ApiQuery);
            Task.WaitAll(t);
            Console.WriteLine(t.Result);
            return 0;
        }
    }
    class Program
    {
        static void Main(string[] args)
        {
            IStorage storage = Storage.JsonFileStorage.Default;
            using (var webclient = new WebClient())
            {
                // this works:
                var body = webclient.DownloadStringOAuth2(storage, "apiv1", Defaults.EndpointUrl + Defaults.ApiQuery);
                Console.WriteLine(body);
            }
            IStorage storage2 = Storage.JsonFileStorage.Default;
            using (var webclient2 = new WebClient())
            {
                // This does NOT work.  It throws an exception of  (401) Unauthorized:
                 var body2 = webclient2.UploadStringOAuth2(storage2, "apiv1", Defaults.EndpointUrl + "/query.v1", "SEARCH", QueryBody);
                // This does NOT work. It throws an exception of The remote server returned an error: (403): Forbidden."
                var body3 = webclient2.UploadStringOAuth2(storage2, "apiv1", Defaults.EndpointUrl + "/query.legacy.v1", "SEARCH", QueryBody);
                // These do NOT work.  Specified method is not supported:
                var body4 = webclient2.UploadStringOAuth2(storage2, "apiv1", Defaults.EndpointUrl + "/oauth.v1/query.legacy.v1", "SEARCH", QueryBody);
                var body5 = webclient2.UploadStringOAuth2(storage2, "apiv1", Defaults.EndpointUrl + "/oauth.v1/query.legacy.v1", "SEARCH", QueryBody);

            }
            Console.ReadLine();
            AsyncProgram.MainAsync(args);
        }
        public const string QueryBody = @"
from: Story
select:
- Name
";
    }
}

版本一:query.v1 C# OAuth2 收到 401 未经授权的错误，但 rest-1.oauth.v1/Data

此时，query.v1终结点需要授予query-api-1.0范围。

您必须将其添加到范围列表中（它可以简单地以空格分隔，例如 apiv1 query-api-1.0 ），然后再次访问授权 URL 以授权权限。

这条有点重要的信息似乎没有出现在 community.versionone.com 的文档中，所以看起来更新是有序的。

此外，目前只有 rest-1.oauth.v1 和 query.v1 终结点响应 OAuth2 标头。在未来版本中，它将应用于所有终结点，并删除两种类型身份验证的终结点重复

项

我过去在尝试使用 POST 以外的 HTTP 方法来传输查询时遇到过问题。安全软件、IIS 设置和代理都可能以意外的方式处理此类请求。