我可以配置DotNetOpenAuth请求令牌过期? [英] Can I configure DotNetOpenAuth request token expiration?
问题描述
在我们的API,我们实施DotNetOpenAuth(v3.4.7)。
我们经常收到异常的消息在令牌不是由服务供应商认可的,这个堆栈跟踪一起:
In our API we implemented DotNetOpenAuth (v3.4.7). We frequently receive the exception "A token in the message was not recognized by the service provider", along with this stack trace:
at DotNetOpenAuth.Messaging.ErrorUtilities.VerifyProtocol(Boolean condition, String message, Object[] args)
at DotNetOpenAuth.Messaging.ErrorUtilities.ThrowProtocol(String message, Object[] args)
at DotNetOpenAuth.OAuth.ChannelElements.TokenHandlingBindingElement.VerifyThrowTokenTimeToLive(ITokenContainingMessage message)
at DotNetOpenAuth.OAuth.ChannelElements.TokenHandlingBindingElement.ProcessIncomingMessage(IProtocolMessage message)
at DotNetOpenAuth.Messaging.Channel.ProcessIncomingMessage(IProtocolMessage message)
就在最近,我发现,当人们需要太长时间授权其请求令牌此异常。所以步骤1和授权过程的步骤2之间的时间过长。
Just recently I discovered this exception is thrown when people take too long authorize their request token. So the time between step 1 and step 2 of the authorization process is too long.
可这时候在web.config配置或编程?
Can this time be configured in the web.config or programmatically?
请注意:我试过信息生命周期=00:30:00但这似乎并不影响什么,我瞄准了
Note: I tried messaging lifetime="00:30:00" but that does not seem to influence what I'm aiming for.
推荐答案
有两个因素进入可能产生这个错误:
Two factors go into possibly producing this error:
-
IServiceProviderTokenManager.GetRequestToken抛出一个KeyNotFoundException或 - 令牌比你的web.config文件中的
dotNetOpenAuth / OAuth的/的ServiceProvider /安全/ @ maxAuthorizationTime设置指定的超时以上。
IServiceProviderTokenManager.GetRequestTokenthrows aKeyNotFoundException, OR- The token is older than the timeout specified in your web.config file's
dotNetOpenAuth/oauth/serviceProvider/security/@maxAuthorizationTimesetting.
例如:
<dotNetOpenAuth>
<oauth>
<serviceProvider>
<security maxAuthorizationTime="00:05:00"/>
</serviceProvider>
</oauth>
</dotNetOpenAuth>
这篇关于我可以配置DotNetOpenAuth请求令牌过期?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
