我正在使用DotNetOpenAuth对用户进行身份验证,但我无法使其工作。这是我的代码:
public string AuthenticateUser(
string key, string secret, string user, string password,
AuthorizationServerDescription serviceDescription)
{
UserAgentClient agent = new UserAgentClient(
serviceDescription,
key,
secret);
IAuthorizationState authState = mConsumer.ExchangeUserCredentialForToken(
user,
password,
GetScope());
if (authState != null)
{
return authState.Token;
}
}
我正在尝试对Google和WindowsLive进行身份验证,在两种情况下都没有成功。
谷歌
这些是用来访问Google OAuth服务的配置参数:
AuthorizationEndpoint = new Uri("https://accounts.google.com/o/oauth2/auth")
TokenEndpoint = new Uri("https://accounts.google.com/o/oauth2/token")
ProtocolVersion = ProtocolVersion.V20
State = "/profile"
Scope = "https://www.googleapis.com/auth/userinfo.email"
错误了:
---------------------------
Error
---------------------------
Error occurred while sending a direct message or getting the response.
---------------------------
OK
---------------------------
Windows Live
这些是用来访问Windows Live youth服务的参数:
TokenEndpoint = new Uri("https://oauth.live.com/token"),
AuthorizationEndpoint = new Uri("https://oauth.live.com/authorize")
ProtocolVersion = ProtocolVersion.V20
State = null
Scope = "wl.signin"
错误了:
---------------------------
Error
---------------------------
Unexpected response Content-Type text/html
---------------------------
OK
---------------------------
我还以各种方式使用ClientCredentialApplicator进行了测试:
- NetworkCredential
- NoSecret
- PostParameter
我做错了什么吗?谁能给我一个ExchangeUserCredentisForToken的工作例子?
谢谢。
资源所有者凭据授予仅在授权服务器允许时有效。我相信谷歌和微软都故意不支持这一点,因为他们不希望第三方应用程序直接获取用户凭证。