我一直在尝试使用类ExtraData上的属性EndUserAuthorizationSuccessBase将额外的参数发送回客户端。我首先需要发回用户名,但后来我发现我可以从AccessToken. 现在我需要发回用户是否让她保持登录的选择(所以我会创建一个持久性 cookie 或一个在 30 分钟内过期的 cookie)。不幸的是,我无法让它正常工作。发生的情况是,当我在授权服务器上调用令牌的端点时,消息中的OutgoingWebResponse指示失败。下面是我的代码:invalid tokenBody
public ActionResult Login(String username, String password, String rememberMe, String keepMeSignedIn)
{
var request = Session[SESSION_KEY] as EndUserAuthorizationRequest;
if (request != null)
{
Guid siteId = Guid.Parse(request.ClientIdentifier);
Boolean isAuthenticated = this._identityProviderManager.Authenticate(siteId, "FA", username, password);
if (isAuthenticated)
{
var serviceHost = new AuthorizationServerHost();
var authorizationServer = new DotNetOpenAuth.OAuth2.AuthorizationServer(serviceHost);
var approvalMessage = authorizationServer.PrepareApproveAuthorizationRequest(request, username, request.Scope);
approvalMessage.ExtraData[GlobalConstants.Misc.KeepMeSignedIn] = Convert.ToString(keepMeSignedIn != null && keepMeSignedIn.Equals("on", StringComparison.InvariantCultureIgnoreCase));
return authorizationServer.Channel.PrepareResponse(approvalMessage).AsActionResult();
}
}
return View();
}
令牌端点
public ActionResult GetToken()
{
AuthorizationServerHost serverHost = new AuthorizationServerHost();
AuthorizationServer authorizationServer = new DotNetOpenAuth.OAuth2.AuthorizationServer(serverHost);
OutgoingWebResponse response = authorizationServer.HandleTokenRequest(Request);
ActionResult result = response.AsActionResult();
return result;
}
为什么会这样?