c# - 如何让 OAuth 与 DotNetOpenAuth 和 Evernote 一起使用？

Question

我正在尝试使用DotNetOpenAuth库编写一个 C# ASP.NET MVC 应用程序，该库使用OAuth连接到Evernote沙盒，但我无法让它工作。在调用回调之前，我的应用程序都很好，但是当我尝试在此图的第 10 步中请求交换临时凭据时，它会失败并显示 401 Unauthorized。

我的回调如下所示：

    public ActionResult OAuthCallback()
    {
        var webConsumer = CreateWebConsumer();
        var accessTokenResponse = webConsumer.ProcessUserAuthorization();

        if (accessTokenResponse != null)
        {
            AccessToken = accessTokenResponse.AccessToken;
        }


        return RedirectToAction("Index");
    }

异常发生在var accessTokenResponse = webConsumer.ProcessUserAuthorization();尝试进行凭证交换的线路上。

提琴手显示以下内容：

调用回调：

GET http://localhost:22297/Home/OAuthCallback?oauth_token=GiddyUpHorsey.13F82BDC264.687474703A2F2F6C6F63616C686F73743A32323239372F486F6D652F4F4175746843616C6C6261636B.CFB67142944B4EB90148DDAFE2120A71&oauth_verifier=93534C2B04F862E57B30D738C3569242 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Connection: Keep-Alive
Accept-Language: en-NZ
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)
Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: localhost:22297
DNT: 1
Cache-Control: no-cache

请求令牌交换：

由 触发webConsumer.ProcessUserAuthorization();。

POST https://sandbox.evernote.com/oauth HTTP/1.1
Content-Type: application/x-www-form-urlencoded; charset=utf-8
User-Agent: DotNetOpenAuth.Core/4.3.0.13117
Host: sandbox.evernote.com
Cache-Control: no-store,no-cache
Pragma: no-cache
Content-Length: 369
Expect: 100-continue

oauth_verifier=93534C2B04F862E57B30D738C3569242&oauth_token=GiddyUpHorsey.13F82BDC264.687474703A2F2F6C6F63616C686F73743A32323239372F486F6D652F4F4175746843616C6C6261636B.CFB67142944B4EB90148DDAFE2120A71&oauth_consumer_key=GiddyUpHorsey&oauth_nonce=cHABo5jv&oauth_signature_method=PLAINTEXT&oauth_signature=4c0dd81215379f75%26&oauth_version=1.0&oauth_timestamp=1372288061

响应：

HTTP/1.1 401 Unauthorized
Set-Cookie: JSESSIONID=4CDCD690AEAD69D952CEE4CBED5AC8DC; Path=/
Content-Type: text/html;charset=ISO-8859-1
Content-Language: en
Date: Wed, 26 Jun 2013 23:07:48 GMT
Server: Evernote/1.0
Content-Length: 1587


<html>
.....
        <div class="page-header">
          <h1>
            Oops, we encountered an error.</h1>
        </div>
        <div>
          <p>
            Sorry, we've encountered an unexpected error.</p>
        </div>
        <div class="clear"></div>
      </div>
...
</html>

（我从响应中删除了大部分 HTML）

为什么它会因 401 Unauthorized 而失败？

Answer 1

我不确定你是否有过这个工作，但今天早上我在玩 Evernote、OpenAuth 和 C# 并设法让它全部工作。我已经整理了一篇博客文章/库，解释了体验并概述了如何使用 MVC 在这里 - http://www.shaunmccarthy.com/evernote-oauth-csharp/ - 它使用 AsyncOAuth 库：https://github .com/neuecc/AsyncOAuth

我围绕 AsyncOAuth 编写了一个包装器，您可能会在这里发现它很有用：https ://github.com/shaunmccarthy/AsyncOAuth.Evernote.Simple

需要注意的一件棘手的事情 - Evernote 端点（/oauth 和 /OAuth.action）区分大小写

// Download the library from https://github.com/shaunmccarthy/AsyncOAuth.Evernote.Simple

// Configure the Authorizer with the URL of the Evernote service,
// your key, and your secret. 
var EvernoteAuthorizer = new EvernoteAuthorizer(
    "https://sandbox.evernote.com", 
    "slyrp-1234", // Not my real id / secret :)
    "7acafe123456badb123");

// First of all, get a request token from Evernote - this causes a 
// webrequest from your server to Evernote.
// The callBackUrl is the URL you want the user to return to once
// they validate the app
var requestToken = EvernoteAuthorizer.GetRequestToken(callBackUrl);

// Persist this token, as we are going to redirect the user to 
// Evernote to Authorize this app
Session["RequestToken"] = requestToken;

// Generate the Evernote URL that we will redirect the user to in
// order to 
var callForwardUrl = EvernoteAuthorizer.BuildAuthorizeUrl(requestToken);

// Redirect the user (e.g. MVC)
return Redirect(callForwardUrl);

// ... Once the user authroizes the app, they get redirected to callBackUrl

// where we parse the request parameter oauth_validator and finally get
// our credentials
// null = they didn't authorize us
var credentials = EvernoteAuthorizer.ParseAccessToken(
    Request.QueryString["oauth_verifier"], 
    Session["RequestToken"] as RequestToken);

// Example of how to use the credential with Evernote SDK
var noteStoreUrl = EvernoteCredentials.NotebookUrl;
var noteStoreTransport = new THttpClient(new Uri(noteStoreUrl));
var noteStoreProtocol = new TBinaryProtocol(noteStoreTransport);
var noteStore = new NoteStore.Client(noteStoreProtocol);
List<Notebook> notebooks = client.listNotebooks(EvernoteCredentials.AuthToken);