如何使OAuth与DotNetOpenAuth和Evernote一起使用？ [英] How to get OAuth working with DotNetOpenAuth and Evernote?

问题描述

我正在尝试使用 DotNetOpenAuth 库编写C＃ASP.NET MVC应用，该库使用 OAuth 连接到 Evernote 沙箱，但我无法使其正常工作。我的应用程序运行良好，直到调用了回调，但是当我尝试在此图，它将失败，并显示401未经授权。

I'm trying to write a C# ASP.NET MVC app using the DotNetOpenAuth library that connects to the Evernote Sandbox using OAuth, but I'm having trouble getting it working. My app is fine up until the callback is invoked but when I try to request the exchange of the temporary credentials in step 10 of this diagram, it fails with a 401 Unauthorized.

我的回调如下：

    public ActionResult OAuthCallback()
    {
        var webConsumer = CreateWebConsumer();
        var accessTokenResponse = webConsumer.ProcessUserAuthorization();

        if (accessTokenResponse != null)
        {
            AccessToken = accessTokenResponse.AccessToken;
        }


        return RedirectToAction("Index");
    }

该异常发生在 var accessTokenResponse = webConsumer上。

The exception occurs on the var accessTokenResponse = webConsumer.ProcessUserAuthorization(); line which is what is attempting the credential exchange.

Fiddler显示以下内容：

Fiddler shows the following:

调用回调：

GET http://localhost:22297/Home/OAuthCallback?oauth_token=GiddyUpHorsey.13F82BDC264.687474703A2F2F6C6F63616C686F73743A32323239372F486F6D652F4F4175746843616C6C6261636B.CFB67142944B4EB90148DDAFE2120A71&oauth_verifier=93534C2B04F862E57B30D738C3569242 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Connection: Keep-Alive
Accept-Language: en-NZ
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)
Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: localhost:22297
DNT: 1
Cache-Control: no-cache

请求令牌交换：

由 webConsumer.ProcessUserAuthorization（）; 触发。

POST https://sandbox.evernote.com/oauth HTTP/1.1
Content-Type: application/x-www-form-urlencoded; charset=utf-8
User-Agent: DotNetOpenAuth.Core/4.3.0.13117
Host: sandbox.evernote.com
Cache-Control: no-store,no-cache
Pragma: no-cache
Content-Length: 369
Expect: 100-continue

oauth_verifier=93534C2B04F862E57B30D738C3569242&oauth_token=GiddyUpHorsey.13F82BDC264.687474703A2F2F6C6F63616C686F73743A32323239372F486F6D652F4F4175746843616C6C6261636B.CFB67142944B4EB90148DDAFE2120A71&oauth_consumer_key=GiddyUpHorsey&oauth_nonce=cHABo5jv&oauth_signature_method=PLAINTEXT&oauth_signature=4c0dd81215379f75%26&oauth_version=1.0&oauth_timestamp=1372288061

响应：

HTTP/1.1 401 Unauthorized
Set-Cookie: JSESSIONID=4CDCD690AEAD69D952CEE4CBED5AC8DC; Path=/
Content-Type: text/html;charset=ISO-8859-1
Content-Language: en
Date: Wed, 26 Jun 2013 23:07:48 GMT
Server: Evernote/1.0
Content-Length: 1587


<html>
.....
        <div class="page-header">
          <h1>
            Oops, we encountered an error.</h1>
        </div>
        <div>
          <p>
            Sorry, we've encountered an unexpected error.</p>
        </div>
        <div class="clear"></div>
      </div>
...
</html>

（我从响应中删除了很多HTML）

(I stripped out much of the HTML from the response)

为什么会失败并显示 401未经授权？

Why does it fail with 401 Unauthorized?

推荐答案

我不确定您是否可以使用此功能，但是今天早上我在玩Evernote，OpenAuth和C＃，并设法使其全部正常工作。我在这里整理了一篇博客文章/库，解释了经验并概述了如何使用MVC进行操作- http://www.shaunmccarthy.com/evernote-oauth-csharp/ -它使用AsyncOAuth库： https://github.com/neuecc/AsyncOAuth

I am not sure if you ever got this working, but I was playing around with Evernote, OpenAuth and C# this morning and managed to get it all working. I have put together a blog post / library explaining the experience and outlining how to do it with MVC here - http://www.shaunmccarthy.com/evernote-oauth-csharp/ - it uses the AsyncOAuth library: https://github.com/neuecc/AsyncOAuth

我为AsyncOAuth编写了一个包装，您可能会在这里找到有用的包装： https://github.com/shaunmccarthy/AsyncOAuth.Evernote.Simple

I wrote a wrapper around AsyncOAuth that you might find useful here: https://github.com/shaunmccarthy/AsyncOAuth.Evernote.Simple

需要注意的一个棘手的事情-Evernote端点（/ oauth和/OAuth.action）区分大小写

One prickly thing to be aware of - the Evernote Endpoints (/oauth and /OAuth.action) are case sensitive

// Download the library from https://github.com/shaunmccarthy/AsyncOAuth.Evernote.Simple

// Configure the Authorizer with the URL of the Evernote service,
// your key, and your secret. 
var EvernoteAuthorizer = new EvernoteAuthorizer(
    "https://sandbox.evernote.com", 
    "slyrp-1234", // Not my real id / secret :)
    "7acafe123456badb123");

// First of all, get a request token from Evernote - this causes a 
// webrequest from your server to Evernote.
// The callBackUrl is the URL you want the user to return to once
// they validate the app
var requestToken = EvernoteAuthorizer.GetRequestToken(callBackUrl);

// Persist this token, as we are going to redirect the user to 
// Evernote to Authorize this app
Session["RequestToken"] = requestToken;

// Generate the Evernote URL that we will redirect the user to in
// order to 
var callForwardUrl = EvernoteAuthorizer.BuildAuthorizeUrl(requestToken);

// Redirect the user (e.g. MVC)
return Redirect(callForwardUrl);

// ... Once the user authroizes the app, they get redirected to callBackUrl

// where we parse the request parameter oauth_validator and finally get
// our credentials
// null = they didn't authorize us
var credentials = EvernoteAuthorizer.ParseAccessToken(
    Request.QueryString["oauth_verifier"], 
    Session["RequestToken"] as RequestToken);

// Example of how to use the credential with Evernote SDK
var noteStoreUrl = EvernoteCredentials.NotebookUrl;
var noteStoreTransport = new THttpClient(new Uri(noteStoreUrl));
var noteStoreProtocol = new TBinaryProtocol(noteStoreTransport);
var noteStore = new NoteStore.Client(noteStoreProtocol);
List<Notebook> notebooks = client.listNotebooks(EvernoteCredentials.AuthToken);

这篇关于如何使OAuth与DotNetOpenAuth和Evernote一起使用？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！