10

ASP.NET MVC 5 项目。
欧文版本 4.0.0.0

启动验证

app.UseTwitterAuthentication(
  consumerKey: "somekey",
  consumerSecret: "someSecretKey");

ExternalLogin方法中发生异常

响应状态码不表示成功:403(禁止)。

以下是回调 URL

在此处输入图像描述

仅供参考:该网站是真实的,并且可以正常运行,Twitter 登录在几周前可以正常工作,但是现在突然开始因先前的错误而失败。


堆栈跟踪

[HttpRequestException: Response status code does not indicate success: 403 (Forbidden).]
   System.Net.Http.HttpResponseMessage.EnsureSuccessStatusCode() +121834
   Microsoft.Owin.Security.Twitter.<ObtainRequestTokenAsync>d__23.MoveNext() +2387
   System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
   Microsoft.Owin.Security.Twitter.<ApplyResponseChallengeAsync>d__12.MoveNext() +1091
   System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
   Microsoft.Owin.Security.Infrastructure.<ApplyResponseCoreAsync>d__b.MoveNext() +376
   System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
   Microsoft.Owin.Security.Infrastructure.<ApplyResponseAsync>d__8.MoveNext() +475
   System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
   Microsoft.Owin.Security.Infrastructure.<TeardownAsync>d__5.MoveNext() +215
   System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
   Microsoft.Owin.Security.Infrastructure.<Invoke>d__0.MoveNext() +968
   System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
   Microsoft.Owin.Security.Infrastructure.<Invoke>d__0.MoveNext() +768
   System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
   Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.<RunApp>d__5.MoveNext() +197
   System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
   Microsoft.Owin.Security.Infrastructure.<Invoke>d__0.MoveNext() +768
   System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
   Microsoft.Owin.Security.Infrastructure.<Invoke>d__0.MoveNext() +768
   System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
   Microsoft.Owin.Security.Infrastructure.<Invoke>d__0.MoveNext() +768
   System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
   Microsoft.Owin.Security.Infrastructure.<Invoke>d__0.MoveNext() +768
   System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
   Microsoft.Owin.Security.Infrastructure.<Invoke>d__0.MoveNext() +768
   System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
   Microsoft.Owin.Security.Infrastructure.<Invoke>d__0.MoveNext() +768
   System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
   Microsoft.Owin.Security.Infrastructure.<Invoke>d__0.MoveNext() +768
   System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
   Microsoft.AspNet.Identity.Owin.<Invoke>d__0.MoveNext() +448
   System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
   Microsoft.AspNet.Identity.Owin.<Invoke>d__0.MoveNext() +448
   System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
   Microsoft.AspNet.Identity.Owin.<Invoke>d__0.MoveNext() +448
   System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
   Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.<RunApp>d__5.MoveNext() +197
   System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
   Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.<DoFinalWork>d__2.MoveNext() +184
   System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
   Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.StageAsyncResult.End(IAsyncResult ar) +117
   System.Web.<>c__DisplayClass11_0.<InvokeEndHandler>b__0() +41
   System.Web.AsyncEventExecutionStep.InvokeEndHandler(IAsyncResult ar) +151
   System.Web.AsyncEventExecutionStep.OnAsyncEventCompletion(IAsyncResult ar) +156
4

1 回答 1

8

我们在过去一两周遇到了类似的问题,发现 Twitter 虽然之前没有验证回调 URL,但已经开始检查它。

Twitter的登录流程是这样的:

  1. 客户端调用您的后端。
  2. 后端使用回调 URL、密钥等调用 Twitter API。
  3. Twitter 发出登录 URL。
  4. 作为质询的结果,后端将客户端重定向到登录 URL。
  5. 客户在 Twitter 上登录(并授权应用程序)
  6. Twitter 重定向到回调 URL(通常https://www.example.com/signin-twitter除非您指定替代callbackPath
  7. 后端接收 Twitter 令牌。

回调 URL 验证发生在 #2,如果失败,将向客户端返回 403。

我在您的图片中注意到您的 callbackPath 是/twittersignin,但您没有在 ASP.NET 端配置它,因此 ASP.NET 正在使用/signin-twitter. 您应该在 Twitter 上更新您的回调 URL(通过开发人员门户)以反映这一点。

于 2018-06-20T07:27:58.973 回答