0

我必须在 ASP.NET MVC 中实现三足身份验证。我已按照 Blackboard 文档的步骤进行操作,尤其是链接https://community.blackboard.com/docs/DOC-3976-three-legged-oauth

我通过调用 REST API /learn/api/public/v1/oauth2/authorizationcode 收到了授权码。之后根据文档(我完全按照文档操作,但我不知道我错过了什么),我向 /learn/api/public/v1/oauth2/token 构建了一个 POST 请求以获取 access_token,但我无法获取 access_token。

相反,access_token,我收到了一个 BadRequest。这意味着我在构建第二个请求时犯了一个错误,但我无法解决问题。我没有在 .NET 中找到任何代码示例来为 Blackboard Learn 实现三足身份验证。你能帮我解决这个问题吗?

这是我调用这两个 API 以接收 access_token 的代码。

public class HomeController : Controller
{
    public ActionResult Index()
    {
        // GET /learn/api/public/v1/oauth2/authorizationcode

        Guid stateId = Guid.NewGuid();

        string applicationKey = "Application key goes here";

        string redirectUrl = string.Format("https://Blackboard Learn URL goes here/learn/api/public/v1/oauth2/authorizationcode" +

        "?redirect_uri=https://localhost:44300/Home/OAuth2Response&response_type=code&client_id={0}&scope=read&state={1}",

        applicationKey, stateId);

        Response.Redirect(redirectUrl, true);

        return View();
    }


    public async Task<bool> OAuth2Response(string code = null, string state = null, string error = null, string error_description = null)    
    {    
        bool success = true;  

        string json = string.Empty;

        string urlCommand = string.Format("/learn/api/public/v1/oauth2/token?code={0}&redirect_url=https://localhost:44300/Home/OAuth2Response", code);

        try    
        {    
            using (HttpClient client = new HttpClient())    
            {    
                var endpoint = new Uri("Blackboard Learn URL goes here" + urlCommand);


                var postData = new List<KeyValuePair<string, string>>();

                postData.Add(new KeyValuePair<string, string>("grant_type", "authorization_code"));    

                    HttpContent body = new FormUrlEncodedContent(postData);       

                // POST /learn/api/public/v1/oauth2/token

                using (HttpResponseMessage response = await client.PostAsync(endpoint, body)) // Problem is here    
                {    
                    if (response.IsSuccessStatusCode)

                    {

                        json = await response.Content.ReadAsStringAsync();

                    }

                    else

                    {

                        success = false;

                    }

                }

            }

        }

        catch (Exception err)

        {

            //hopefully we never end up here, log this exception for forensics

            success = false;

        }

        return success;    
    }    
}

注意:我可以在 Postman 工具中成功接收 access_token。

4

1 回答 1

1

最后,下面的代码非常适用于 ASP.NET MVC 中的 3 条腿身份验证。

public class HomeController : Controller
{
    //https://blackboard.jiveon.com/docs/DOC-3976-three-legged-oauth 

    public ActionResult Index()
    {
        // GET /learn/api/public/v1/oauth2/authorizationcode

        Guid stateId = Guid.NewGuid();

        string applicationKey = "Application key goes here";

        string redirectUrl = string.Format("Blackboard Learn URL goes here/learn/api/public/v1/oauth2/authorizationcode" +
            "?redirect_uri=https://localhost:44300/Home/OAuth2Response&response_type=code&client_id={0}&scope=read&state={1}",
            applicationKey, stateId);

        Response.Redirect(redirectUrl, true);

        return View();
    }


    public async Task<bool> OAuth2Response(string code = null, string state = null, string error = null, string error_description = null)
    {
        bool success = true;
        string json = string.Empty;
        string urlCommand = string.Format("/learn/api/public/v1/oauth2/token?code={0}&redirect_uri=https://localhost:44300/Home/OAuth2Response", code);

        try
        {
            using (HttpClient client = new HttpClient())
            {

                var endpoint = new Uri("Blackboard Learn URL goes here" + urlCommand);
             

                client.DefaultRequestHeaders.Accept.Clear();

                client.DefaultRequestHeaders.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Basic", Convert.ToBase64String(Encoding.UTF8.GetBytes("client_id:client_secret")));                  

                var postData = new List<KeyValuePair<string, string>>();
                postData.Add(new KeyValuePair<string, string>("grant_type", "authorization_code")); 

                HttpContent body = new FormUrlEncodedContent(postData);


                using (HttpResponseMessage response = await client.PostAsync(endpoint, body))
                {

                    if (response.IsSuccessStatusCode)
                    {
                        json = await response.Content.ReadAsStringAsync();

                        dynamic oauth2Result = Newtonsoft.Json.JsonConvert.DeserializeObject(json);     

                        string access_token = oauth2Result.access_token;

                        string refresh_token = oauth2Result.refresh_token;           }
                    else
                    {
                        success = false;
                    }
                }
            }
        }
        catch (Exception err)            {
            //hopefully we never end up here, log this exception for forensics      
            success = false;
        }
        return success;           
    }     
}
于 2019-02-19T12:28:24.127 回答