DotNetOpenAuth实践之Webform资源服务器配置

系列目录:

DotNetOpenAuth实践系列(源码在这里)

 

上篇我们讲到WebApi资源服务器配置,这篇我们说一下Webform下的ashx,aspx做的接口如何使用OAuth2认证

 

一、环境搭建

 

1、新建Webform项目

DotNetOpenAuth实践之Webform资源服务器配置_第1张图片

 

2、使用Nuget添加DotNetOpenAuth 5.0.0 alpha3

3、把上次制作的证书文件拷贝的项目中

DotNetOpenAuth实践之Webform资源服务器配置_第2张图片

二、编写关键代码

1、公共代码

ResourceServerConfiguration

 1 using System.Security.Cryptography.X509Certificates;
 2 
 3 namespace WebformResourcesServer.Code
 4 {
 5     public class ResourceServerConfiguration
 6     {
 7         public X509Certificate2 EncryptionCertificate { get; set; }
 8         public X509Certificate2 SigningCertificate { get; set; }
 9     }
10 }

Common.cs

1 namespace WebformResourcesServer.Code
2 {
3     public class Common
4     {
5         public static ResourceServerConfiguration Configuration = new ResourceServerConfiguration();
6     }
7 }

Global

 1 using System;
 2 using System.Collections.Generic;
 3 using System.Linq;
 4 using System.Security.Cryptography.X509Certificates;
 5 using System.Web;
 6 using System.Web.Optimization;
 7 using System.Web.Routing;
 8 using System.Web.Security;
 9 using System.Web.SessionState;
10 using WebformResourcesServer.Code;
11 
12 namespace WebformResourcesServer
13 {
14     public class Global : HttpApplication
15     {
16         void Application_Start(object sender, EventArgs e)
17         {
18             Common.Configuration = new ResourceServerConfiguration
19             {
20                 EncryptionCertificate = new X509Certificate2(Server.MapPath("~/Certs/idefav.pfx"), "a"),
21                 SigningCertificate = new X509Certificate2(Server.MapPath("~/Certs/idefav.cer"))
22             };
23             // 在应用程序启动时运行的代码
24             RouteConfig.RegisterRoutes(RouteTable.Routes);
25             BundleConfig.RegisterBundles(BundleTable.Bundles);
26         }
27     }
28 }

2、关键代码

ashxhandler

 1 using System;
 2 using System.Collections.Generic;
 3 using System.Linq;
 4 using System.Net.Http;
 5 using System.Security.Cryptography;
 6 using System.Security.Principal;
 7 using System.Threading;
 8 using System.Threading.Tasks;
 9 using System.Web;
10 using System.Web.UI;
11 using DotNetOpenAuth.Messaging;
12 using DotNetOpenAuth.OAuth2;
13 
14 namespace WebformResourcesServer.Code
15 {
16     public class AshxHandler
17     {
18         public AshxHandler(HttpContext context)
19         {
20             Context = context;
21         }
22 
23         public HttpContext Context { get; set; }
24 
25         private async Task<IPrincipal> VerifyOAuth2(HttpRequestBase httpDetails, params string[] requiredScopes)
26         {
27             var resourceServer = new ResourceServer(new StandardAccessTokenAnalyzer((RSACryptoServiceProvider)Common.Configuration.SigningCertificate.PublicKey.Key, (RSACryptoServiceProvider)Common.Configuration.EncryptionCertificate.PrivateKey));
28             return await resourceServer.GetPrincipalAsync(httpDetails, requiredScopes: requiredScopes);
29            
30         }
31 
32         public async Task Proc(Action<HttpContext> action)
33         {
34             try
35             {
36                 var principal = await VerifyOAuth2(new HttpRequestWrapper(Context.Request));
37                 if (principal != null)
38                 {
39                     Context.User = principal;
40                     Thread.CurrentPrincipal = principal;
41                     action.Invoke(Context);
42                 }
43             }
44             catch (ProtocolFaultResponseException exception)
45             {
46                 var outgoingResponse = await exception.CreateErrorResponseAsync(CancellationToken.None);
47                 Context.Response.StatusCode = (int)outgoingResponse.StatusCode;
48                 //Context.Response.SuppressContent = true;
49                 foreach (var header in outgoingResponse.Headers)
50                 {
51 
52                     //Context.Response.Headers[header.Key] = header.Value.First();
53                     Context.Response.AddHeader(header.Key, header.Value.First());
54                 }
55                 Context.Response.Write(exception.Message);
56             }
57         }
58     }
59 }

3、添加一个ashx文件

目录:

DotNetOpenAuth实践之Webform资源服务器配置_第3张图片

代码:

 1 using System;
 2 using System.Threading;
 3 using System.Threading.Tasks;
 4 using System.Web;
 5 using WebformResourcesServer.Code;
 6 
 7 namespace WebformResourcesServer.Api
 8 {
 9     /// <summary>
10     /// Values 的摘要说明
11     /// </summary>
12     public class Values : IHttpAsyncHandler
13     {
14 
15         public void ProcessRequest(HttpContext context)
16         {
17             context.Response.ContentType = "text/plain";
18         }
19 
20         public bool IsReusable
21         {
22             get
23             {
24                 return false;
25             }
26         }
27 
28         public IAsyncResult BeginProcessRequest(HttpContext context, AsyncCallback cb, object extraData)
29         {
30             return new AsyncResult(cb, extraData, new AshxHandler(context).Proc(c =>
31             {
32                 c.Response.Write("The Data you get!");
33             }));
34 
35 
36         }
37 
38         public void EndProcessRequest(IAsyncResult result)
39         {
40             var r = (AsyncResult)result;
41             r.Task.Wait();
42 
43         }
44     }
45 
46     internal class AsyncResult : IAsyncResult
47     {
48         private object _state;
49         private Task _task;
50         private bool _completedSynchronously;
51 
52         public AsyncResult(AsyncCallback callback, object state, Task task)
53         {
54             _state = state;
55             _task = task;
56             _completedSynchronously = _task.IsCompleted;
57             _task.ContinueWith(t => callback(this), TaskContinuationOptions.ExecuteSynchronously);
58         }
59 
60         public Task Task
61         {
62             get { return _task; }
63         }
64 
65 
66         public object AsyncState
67         {
68             get { return _state; }
69         }
70 
71         public WaitHandle AsyncWaitHandle
72         {
73             get { return ((IAsyncResult)_task).AsyncWaitHandle; }
74         }
75 
76         public bool CompletedSynchronously
77         {
78             get { return _completedSynchronously; }
79         }
80 
81         public bool IsCompleted
82         {
83             get { return _task.IsCompleted; }
84         }
85     }
86 }

4、测试

获取access_token

DotNetOpenAuth实践之Webform资源服务器配置_第4张图片

访问api

DotNetOpenAuth实践之Webform资源服务器配置_第5张图片

如果token不正确

DotNetOpenAuth实践之Webform资源服务器配置_第6张图片

 

到这篇为止,本系列基本结束,如果有不明白的地方可以评论留言,感谢大家的关注

你可能感兴趣的:(DotNetOpenAuth实践之Webform资源服务器配置)