.NET HttpWebRequest的OAuth的401未授权 [英] .NET HttpWebRequest oAuth 401 Unauthorized

问题描述

我需要消耗从VB.NET应用程序的Web资源。我已经成功地检索访问令牌，我准备用它来调用受保护的资源。然而，每次我所说的受保护的资源，我收到一个401未经授权响应，因为授权领域还没有被添加到头部。

I need to consume a web resource from a VB.NET app. I have successfully retrieved the access token and am ready to use it to make calls to the protected resource. However, everytime I call the protected resource I receive a 401 Unauthorized response because the Authorization field has not been added to the header.

下面是我的code。

WebRequest = DirectCast(Net.WebRequest.Create(ApiUri), HttpWebRequest)
WebRequest.Method = "POST"
WebRequest.ContentType = "application/json"
WebRequest.ContentLength = Bytes.Length
Dim RequestStream As IO.Stream = WebRequest.GetRequestStream
RequestStream.Write(Bytes, 0, Bytes.Length)
RequestStream.Close()
WebRequest.Headers("Authorization") = "OAuth " & _
                                      "oauth_version=""1.0""," & _
                                      "oauth_nonce=""" & Nonce & """," & _
                                      "oauth_timestamp=""" & TimeStamp & """," & _
                                      "oauth_consumer_key=""" & ConsumerKey & """," & _
                                      "oauth_token=""" & Token & """," & _
                                      "oauth_signature_method=""HMAC-SHA1""," & _
                                      "oauth_signature=""" & Signature & """"
WebResponse = DirectCast(WebRequest.GetResponse(), HttpWebResponse)

然后我使用招监测的要求。所有我看到提琴手与401响应该请求，如下图所示（不包括机构）。

I then monitor the request using Fiddler. All I see in Fiddler is the request with the 401 response as shown below (excluding the bodies).

要求

POST ***url*** HTTP/1.0
Content-Type: application/json
Host: ***host***
Content-Length: 45
Connection: Keep-Alive

响应

HTTP/1.0 401 Unauthorized
X-Powered-By: PHP/5.3.13
WWW-Authenticate: Basic realm="***realm***"
Content-type: application/json
Content-Length: 79
Connection: keep-alive
Date: Mon, 07 Jan 2013 01:13:22 GMT
Server: lighttpd/1.4.28

无论我读过在互联网上指示的HttpWebRequest应该先挑战服务器收到一个401响应，我在这里看到的。然后，它应与添加到报头中的字段的授权再次尝试，并获得200 OK响应。这第二部分不会发生。难道我不理解这是如何工作正常，还是我做错了什么？

Everywhere I've read on the internet indicates that HttpWebRequest should first challenge the server and receive a 401 response as I'm seeing here. It should then try again with the Authorization field added to the header and get the 200 OK response. This second part doesn't happen. Am I not understanding how this works correctly, or am I doing something wrong?

推荐答案

原来你需要添加使用的BinaryWriter，不是甲流，内容

Turns out you need to add the content using a BinaryWriter, not a Stream.

所以不是这个。

WebRequest.ContentLength = Bytes.Length
Dim RequestStream As IO.Stream = WebRequest.GetRequestStream
RequestStream.Write(Bytes, 0, Bytes.Length)
RequestStream.Close()

做到这一点。

Do this.

Using Writer As New IO.BinaryWriter(WebRequest.GetRequestStream)
    Writer.Write(Bytes)
End Using

这篇关于.NET HttpWebRequest的OAuth的401未授权的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！