[英]DotNetOpenAuth CTP - Facebook bad request
我正在嘗試使用CTP通過OAuth 2.0與Facebook連接。
我可以得到Facebook的初始請求工作正常,但當它回來時我們打電話:
// Where null will become an HttpRequestInfo object
client.ProcessUserAuthorization(null);
我明白了:
遠程服務器返回錯誤:(400)錯誤請求。
我對初始代碼庫沒有太多幫助; 只是將可選值設置為null(我們仍然在.NET 3.5上)。 任何線索將非常感激。
此外,我想這對安德魯來說更具問題; 是否存在任何此類內容的論壇/博客,或者定期更新的任何地方? 了解一些事情會很棒:
無論如何,任何建議都是最受歡迎的。
在遇到這個問題后,我編寫了自己的代碼進行授權,並獲取用戶詳細信息。 另一種方法是使用Facebook C#SDK 。 作為其他任何想要自己做的人的首發,我就是這樣做的。 請注意我沒有查看錯誤案例。
首先, 閱讀facebooks doc如何工作(它相當簡單!)
我這樣消耗它:
private static readonly FacebookClient facebookClient = new FacebookClient();
public ActionResult LoginWithFacebook()
{
var result = facebookClient.Authorize();
if (result == FacebookAuthorisationResult.RequestingCode)
{
//The client will have already done a Response.Redirect
return View();
} else if (result == FacebookAuthorisationResult.Authorized)
{
var user = facebookClient.GetCurrentUser();
}
return Redirect("/");
}
和客戶端代碼:
using System;
using System.IO;
using System.Net;
using System.Runtime.Serialization;
using System.Runtime.Serialization.Json;
using System.Text;
using System.Web;
namespace Web.Services
{
public enum FacebookAuthorisationResult
{
Denied,
Authorized,
RequestingCode
}
public class FacebookClient
{
private const String SESSION_NAME_TOKEN = "UserFacebookToken";
public FacebookClient()
{
TokenEndpoint = new Uri("https://graph.facebook.com/oauth/access_token");
AuthorizationEndpoint = new Uri("https://graph.facebook.com/oauth/authorize");
MeGraphEndpoint = new Uri("https://graph.facebook.com/me");
ClientIdentifier = "xxxxxxxxxxxxxxxxxx";
Secret = "xxxxxxxxxxxx";
LocalSubDomain = "local.xxxxxxx.com";
}
public Uri TokenEndpoint { get; set; }
public Uri AuthorizationEndpoint { get; set; }
public Uri MeGraphEndpoint { get; set; }
public String Secret { get; set; }
public String ClientIdentifier { get; set; }
private String LocalSubDomain { get; set; }
public FacebookAuthorisationResult Authorize()
{
var errorReason = HttpContext.Current.Request.Params["error_reason"];
var userDenied = errorReason != null;
if (userDenied)
return FacebookAuthorisationResult.Denied;
var verificationCode = HttpContext.Current.Request.Params["code"];
var redirectUrl = GetResponseUrl(HttpContext.Current.Request.Url);
var needToGetVerificationCode = verificationCode == null;
if (needToGetVerificationCode)
{
var url = AuthorizationEndpoint + "?" +
"client_id=" + ClientIdentifier + "&" +
"redirect_uri=" + redirectUrl;
HttpContext.Current.Response.Redirect(url);
return FacebookAuthorisationResult.RequestingCode;
}
var token = ExchangeCodeForToken(verificationCode, redirectUrl);
HttpContext.Current.Session[SESSION_NAME_TOKEN] = token;
return FacebookAuthorisationResult.Authorized;
}
public Boolean IsCurrentUserAuthorized()
{
return HttpContext.Current.Session[SESSION_NAME_TOKEN] != null;
}
public FacebookGraph GetCurrentUser()
{
var token = HttpContext.Current.Session[SESSION_NAME_TOKEN];
if (token == null)
return null;
var url = MeGraphEndpoint + "?" +
"access_token=" + token;
var request = WebRequest.CreateDefault(new Uri(url));
using (var response = request.GetResponse())
{
using (var responseStream = response.GetResponseStream())
{
using (var responseReader = new StreamReader(responseStream))
{
var responseText = responseReader.ReadToEnd();
var user = FacebookGraph.Deserialize(responseText);
return user;
}
}
}
}
private String ExchangeCodeForToken(String code, Uri redirectUrl)
{
var url = TokenEndpoint + "?" +
"client_id=" + ClientIdentifier + "&" +
"redirect_uri=" + redirectUrl + "&" +
"client_secret=" + Secret + "&" +
"code=" + code;
var request = WebRequest.CreateDefault(new Uri(url));
using (var response = request.GetResponse())
{
using (var responseStream = response.GetResponseStream())
{
using (var responseReader = new StreamReader(responseStream))
{
var responseText = responseReader.ReadToEnd();
var token = responseText.Replace("access_token=", "");
return token;
}
}
}
}
private Uri GetResponseUrl(Uri url)
{
var urlAsString = url.ToString();
var doesUrlContainQuestionMark = urlAsString.Contains("?");
if (doesUrlContainQuestionMark)
{
// Remove any parameters. Apparently Facebook does not support state: http://forum.developers.facebook.net/viewtopic.php?pid=255231
// If you do not do this, you will get 'Error validating verification code'
urlAsString = urlAsString.Substring(0, urlAsString.IndexOf("?"));
}
var replaceLocalhostWithSubdomain = url.Host == "localhost";
if (!replaceLocalhostWithSubdomain)
return new Uri(urlAsString);
// Facebook does not like localhost, you can only use the configured url. To get around this, log into facebook
// and set your Site Domain setting, ie happycow.com.
// Next edit C:\Windows\System32\drivers\etc\hosts, adding the line:
// 127.0.0.1 local.happycow.cow
// And lastly, set LocalSubDomain to local.happycow.cow
urlAsString = urlAsString.Replace("localhost", LocalSubDomain);
return new Uri(urlAsString);
}
}
[DataContract]
public class FacebookGraph
{
private static DataContractJsonSerializer jsonSerializer = new DataContractJsonSerializer(typeof(FacebookGraph));
// Note: Changed from int32 to string based on Antonin Jelinek advise of an overflow
[DataMember(Name = "id")]
public string Id { get; set; }
[DataMember(Name = "name")]
public string Name { get; set; }
[DataMember(Name = "first_name")]
public string FirstName { get; set; }
[DataMember(Name = "last_name")]
public string LastName { get; set; }
[DataMember(Name = "link")]
public Uri Link { get; set; }
[DataMember(Name = "birthday")]
public string Birthday { get; set; }
public static FacebookGraph Deserialize(string json)
{
if (String.IsNullOrEmpty(json))
{
throw new ArgumentNullException("json");
}
return Deserialize(new MemoryStream(Encoding.UTF8.GetBytes(json)));
}
public static FacebookGraph Deserialize(Stream jsonStream)
{
if (jsonStream == null)
{
throw new ArgumentNullException("jsonStream");
}
return (FacebookGraph)jsonSerializer.ReadObject(jsonStream);
}
}
}
Iain的解決方案終於讓我的東西與之合作。
未來的實施者有一個注意事項 - 似乎Facebook ID屬性現在超過了Int32類型的容量。 你可能需要在FacebookGraph類中更改它,我使用了純字符串。
謝謝Iain,你的代碼真的幫助了我!
在搞砸了DotNetOpenAuth的升級很長一段時間並且沒有經歷任何連接到Facebook的運氣之后,我也整理了一些代碼以支持從我的ASP.NET MVC應用程序中登錄Facebook。
首先,這樣的代碼應該放在控制器的某個地方。
// You call this action to initiate the process with Facebook
public ActionResult FacebookLogIn()
{
return CreateFacebookClient().RequestAuthorisation();
}
// Facebook will call you back here
public ActionResult FacebookAuthorisationResponse()
{
var facebookClient = CreateFacebookClient();
var authorisationResponse = facebookClient.HandleAuthorisationResponse();
if (authorisationResponse.IsSuccess)
{
var accessToken = authorisationResponse.AccessToken;
// TODO do whatever you want to do with your access token here
return Redirect("SomeUrl");
}
// TODO handle the error somehow
return Content(authorisationResponse.ErrorMessage);
}
private FacebookClient CreateFacebookClient()
{
const string clientId = "xxxxxxxxxxxxxxx";
const string appSecret = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
var redirectUrl = Url.Action("FacebookAuthorisationResponse", null, null, "http");
return new FacebookClient(clientId, appSecret, redirectUrl);
}
這幾乎就是你需要對代碼做的所有事情。 獲得該訪問令牌后,您可以執行以下操作:
// Get basic information for this user
var basicInfoUrl = string.Format("https://graph.facebook.com/me?access_token={0}", Uri.EscapeDataString(accessToken.TokenString));
var json = new WebClient().DownloadString(basicInfoUrl);
支持上面相對簡單的東西的代碼就在這里。 您可以將所有這些轉儲到項目的文件中:
// Drew Noakes, http://drewnoakes.com
// Created 08/08/2012 22:41
using System;
using System.Collections.Generic;
using System.Linq;
using System.Net;
using System.Web;
using System.Web.Mvc;
namespace DrewNoakes.Facebook.Mvc
{
public sealed class FacebookClient
{
private readonly string _clientId;
private readonly string _appSecret;
private readonly string _authorisationResponseUrl;
public IFacebookClientStateManager StateManager { get; set; }
public FacebookClient(string clientId, string appSecret, string authorisationResponseUrl)
{
_clientId = clientId;
_appSecret = appSecret;
_authorisationResponseUrl = authorisationResponseUrl;
StateManager = MemoryStateManager.Instance;
}
public ActionResult RequestAuthorisation(string[] permissions = null)
{
// First step is to redirect the visitor's browser to Facebook
var state = StateManager.GetState();
var url = string.Format("https://www.facebook.com/dialog/oauth?client_id={0}&redirect_uri={1}&scope={2}&state={3}",
_clientId, Uri.EscapeDataString(_authorisationResponseUrl), permissions == null ? string.Empty : string.Join(",", permissions), state);
return new RedirectResult(url, permanent: false);
}
public AuthorisationResponse HandleAuthorisationResponse()
{
var queryString = HttpContext.Current.Request.QueryString;
// Ensure returned state is expected
if (!StateManager.IsValidState(queryString["state"]))
return AuthorisationResponse.Error("Invalid state");
// TODO handle case where user declined: YOUR_REDIRECT_URI?error_reason=user_denied&error=access_denied&error_description=The+user+denied+your+request.&state=YOUR_STATE_VALUE
var code = queryString["code"];
var url = string.Format("https://graph.facebook.com/oauth/access_token?client_id={0}&redirect_uri={1}&code={3}&client_secret={2}",
_clientId, Uri.EscapeDataString(_authorisationResponseUrl), _appSecret, Uri.EscapeDataString(code));
var client = new WebClient { Proxy = null };
var responseBody = client.DownloadString(url);
// HTTP 200: access_token=USER_ACCESS_TOKEN&expires=NUMBER_OF_SECONDS_UNTIL_TOKEN_EXPIRES
// HTTP 400: TODO handle JSON error reponse: { "error": { "type": "OAuthException", "message": "Error validating verification code." } }
var response = HttpUtility.ParseQueryString(responseBody);
var accessToken = response["access_token"];
var expiresSecondsString = response["expires"];
int expiresSeconds;
if (!int.TryParse(expiresSecondsString, out expiresSeconds))
return AuthorisationResponse.Error("Unable to parse expiration time");
var expiresAtUtc = DateTime.UtcNow.AddSeconds(expiresSeconds);
return AuthorisationResponse.Success(accessToken, expiresAtUtc);
}
}
public class AuthorisationResponse
{
public bool IsSuccess { get; private set; }
public AccessToken AccessToken { get; private set; }
public string ErrorMessage { get; private set; }
private AuthorisationResponse() { }
public static AuthorisationResponse Error(string errorMessage)
{
return new AuthorisationResponse { IsSuccess = false, ErrorMessage = errorMessage };
}
public static AuthorisationResponse Success(string accessToken, DateTime expiresAtUtc)
{
return new AuthorisationResponse { IsSuccess = true, AccessToken = new AccessToken(accessToken, expiresAtUtc) };
}
}
public struct AccessToken
{
public string TokenString { get; private set; }
public DateTime ExpiresAtUtc { get; private set; }
public AccessToken(string tokenString, DateTime expiresAtUtc)
: this()
{
if (tokenString == null)
throw new ArgumentNullException("tokenString");
TokenString = tokenString;
ExpiresAtUtc = expiresAtUtc;
}
}
public interface IFacebookClientStateManager
{
string GetState();
bool IsValidState(string state);
}
/// <summary>
/// The default implementation of <see cref="IFacebookClientStateManager"/>.
/// </summary>
public sealed class MemoryStateManager : IFacebookClientStateManager
{
private static readonly IFacebookClientStateManager _instance = new MemoryStateManager();
public static IFacebookClientStateManager Instance
{
get { return _instance; }
}
private readonly Dictionary<string, DateTime> _stateTimes = new Dictionary<string, DateTime>();
public string GetState()
{
var state = Guid.NewGuid().ToString("N");
_stateTimes[state] = DateTime.UtcNow;
return state;
}
public bool IsValidState(string state)
{
var isValid = _stateTimes.Remove(state);
// Remove any keys that have not been accessed within a given period
var staleKeys = _stateTimes.Where(pair => pair.Value < DateTime.UtcNow.AddMinutes(-30)).Select(pair => pair.Key).ToList();
foreach (var staleKey in staleKeys)
_stateTimes.Remove(staleKey);
return isValid;
}
}
}
我今晚很快就把它扔到了一起,但如果發現問題,我會稍后再回來修補它。 它現在在我的網站上運行得非常好。
有一些與強大的錯誤響應處理相關的TODO。
當我使用WebServerClient的PrepareRequestUserAuthorization()的returnTo參數時,我一直在間歇地遇到同樣的問題。 只有某些returnTo URI會遇到問題...我傳入的URI有一個Base64組件。 其中一些在其中包含=。 如果我對這些URL進行URL編碼,我會從本地服務器收到“從客戶端檢測到潛在危險的Request.Path值(%)”錯誤。
直到我找到一個更好的解決方案,我才會在傳遞之前對字符串進行一些刺激;
localReturnTo = localReturnTo.Replace("=", "_")
然后,當我收到我的回復時,我執行相反的操作;
returnedUri = returnedUri.Replace("_", "=")
它不漂亮。 但它確實解決了我遇到的直接(類似)問題。
我發現編寫自己的實現比使用DNOA花費更少的時間。 這並不是很困難,雖然我還沒有真正對代碼進行徹底的安全檢查; 我想這將是一個重要的警告。
這可能沒那么有用,但我發現只需要每天花一半時間才能完成工作。
使用DotNetOpenAuth返回Amazon(400)錯誤請求
[英]Login with Amazon using DotNetOpenAuth returns (400) Bad Request
如何使用DotNetOpenAuth調試400 Bad Request錯誤?
[英]How do I debug a 400 Bad Request error with DotNetOpenAuth?
Facebook身份驗證:調用https://graph.facebook.com/oauth/access_token返回400錯誤請求
[英]Facebook authentication: call to https://graph.facebook.com/oauth/access_token returns 400 bad request
DotNetOpenAuth不能從Facebook客戶端取回電子郵件地址嗎?
[英]DotNetOpenAuth not getting back email address from Facebook client?
使用DotNetOpenAuth通過單次訪問令牌授權Web服務之間的請求
[英]Authorize request between web services by Single Access Token using DotNetOpenAuth
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.