你的位置:首页 > ASP.net教程

[ASP.net教程]DotNetOpenAuth实践之Webform资源服务器配置


系列目录:

DotNetOpenAuth实践系列(源码在这里)

 

上篇我们讲到WebApi资源服务器配置,这篇我们说一下Webform下的ashx,aspx做的接口如何使用OAuth2认证

 

一、环境搭建

 

1、新建Webform项目

 

2、使用Nuget添加DotNetOpenAuth 5.0.0 alpha3

3、把上次制作的证书文件拷贝的项目中

二、编写关键代码

1、公共代码

ResourceServerConfiguration

 1 using System.Security.Cryptography.X509Certificates; 2  3 namespace WebformResourcesServer.Code 4 { 5   public class ResourceServerConfiguration 6   { 7     public X509Certificate2 EncryptionCertificate { get; set; } 8     public X509Certificate2 SigningCertificate { get; set; } 9   }10 }

Common.cs

1 namespace WebformResourcesServer.Code2 {3   public class Common4   {5     public static ResourceServerConfiguration Configuration = new ResourceServerConfiguration();6   }7 }

Global

 1 using System; 2 using System.Collections.Generic; 3 using System.Linq; 4 using System.Security.Cryptography.X509Certificates; 5 using System.Web; 6 using System.Web.Optimization; 7 using System.Web.Routing; 8 using System.Web.Security; 9 using System.Web.SessionState;10 using WebformResourcesServer.Code;11 12 namespace WebformResourcesServer13 {14   public class Global : HttpApplication15   {16     void Application_Start(object sender, EventArgs e)17     {18       Common.Configuration = new ResourceServerConfiguration19       {20         EncryptionCertificate = new X509Certificate2(Server.MapPath("~/Certs/idefav.pfx"), "a"),21         SigningCertificate = new X509Certificate2(Server.MapPath("~/Certs/idefav.cer"))22       };23       // 在应用程序启动时运行的代码24       RouteConfig.RegisterRoutes(RouteTable.Routes);25       BundleConfig.RegisterBundles(BundleTable.Bundles);26     }27   }28 }

2、关键代码

ashxhandler

 1 using System; 2 using System.Collections.Generic; 3 using System.Linq; 4 using System.Net.Http; 5 using System.Security.Cryptography; 6 using System.Security.Principal; 7 using System.Threading; 8 using System.Threading.Tasks; 9 using System.Web;10 using System.Web.UI;11 using DotNetOpenAuth.Messaging;12 using DotNetOpenAuth.OAuth2;13 14 namespace WebformResourcesServer.Code15 {16   public class AshxHandler17   {18     public AshxHandler(HttpContext context)19     {20       Context = context;21     }22 23     public HttpContext Context { get; set; }24 25     private async Task<IPrincipal> VerifyOAuth2(HttpRequestBase httpDetails, params string[] requiredScopes)26     {27       var resourceServer = new ResourceServer(new StandardAccessTokenAnalyzer((RSACryptoServiceProvider)Common.Configuration.SigningCertificate.PublicKey.Key, (RSACryptoServiceProvider)Common.Configuration.EncryptionCertificate.PrivateKey));28       return await resourceServer.GetPrincipalAsync(httpDetails, requiredScopes: requiredScopes);29      30     }31 32     public async Task Proc(Action<HttpContext> action)33     {34       try35       {36         var principal = await VerifyOAuth2(new HttpRequestWrapper(Context.Request));37         if (principal != null)38         {39           Context.User = principal;40           Thread.CurrentPrincipal = principal;41           action.Invoke(Context);42         }43       }44       catch (ProtocolFaultResponseException exception)45       {46         var outgoingResponse = await exception.CreateErrorResponseAsync(CancellationToken.None);47         Context.Response.StatusCode = (int)outgoingResponse.StatusCode;48         //Context.Response.SuppressContent = true;49         foreach (var header in outgoingResponse.Headers)50         {51 52           //Context.Response.Headers[header.Key] = header.Value.First();53           Context.Response.AddHeader(header.Key, header.Value.First());54         }55         Context.Response.Write(exception.Message);56       }57     }58   }59 }

3、添加一个ashx文件

目录:

代码:

 1 using System; 2 using System.Threading; 3 using System.Threading.Tasks; 4 using System.Web; 5 using WebformResourcesServer.Code; 6  7 namespace WebformResourcesServer.Api 8 { 9   /// <summary>10   /// Values 的摘要说明11   /// </summary>12   public class Values : IHttpAsyncHandler13   {14 15     public void ProcessRequest(HttpContext context)16     {17       context.Response.ContentType = "text/plain";18     }19 20     public bool IsReusable21     {22       get23       {24         return false;25       }26     }27 28     public IAsyncResult BeginProcessRequest(HttpContext context, AsyncCallback cb, object extraData)29     {30       return new AsyncResult(cb, extraData, new AshxHandler(context).Proc(c =>31       {32         c.Response.Write("The Data you get!");33       }));34 35 36     }37 38     public void EndProcessRequest(IAsyncResult result)39     {40       var r = (AsyncResult)result;41       r.Task.Wait();42 43     }44   }45 46   internal class AsyncResult : IAsyncResult47   {48     private object _state;49     private Task _task;50     private bool _completedSynchronously;51 52     public AsyncResult(AsyncCallback callback, object state, Task task)53     {54       _state = state;55       _task = task;56       _completedSynchronously = _task.IsCompleted;57       _task.ContinueWith(t => callback(this), TaskContinuationOptions.ExecuteSynchronously);58     }59 60     public Task Task61     {62       get { return _task; }63     }64 65 66     public object AsyncState67     {68       get { return _state; }69     }70 71     public WaitHandle AsyncWaitHandle72     {73       get { return ((IAsyncResult)_task).AsyncWaitHandle; }74     }75 76     public bool CompletedSynchronously77     {78       get { return _completedSynchronously; }79     }80 81     public bool IsCompleted82     {83       get { return _task.IsCompleted; }84     }85   }86 }

4、测试

获取access_token

访问api

如果token不正确

 

到这篇为止,本系列基本结束,如果有不明白的地方可以评论留言,感谢大家的关注