DotNetOpenAuth.WebServerClient.XSRF-回调期间会话更改

Question

我正在尝试设置一个简单的Oauth2登录验证。但是我卡在抛出以下异常回调：

[ProtocolException: Unexpected OAuth authorization response received with callback and client state that does not match an expected value.] 
    DotNetOpenAuth.Messaging.ErrorUtilities.VerifyProtocol(Boolean condition, String unformattedMessage, Object[] args) +426 
    DotNetOpenAuth.OAuth2.WebServerClient.ProcessUserAuthorization(HttpRequestBase request) +771 

完全相同的问题是在here

讨论在我的情况下的SessionID保持不变，但DotNetOpenAuth.WebServerClient.XSRF-会话cookie在回调中更改它的值。

实现：

public void Authorize(HttpRequest request) 
    { 
     string callbackString = request.Url.AbsoluteUri; 
     Uri callbackUri = new Uri(callbackString);; 

     IAuthorizationState authorization = nimbleClient.ProcessUserAuthorization(); 

     if (authorization == null) 
     { 
      // Kick off authorization request 
      nimbleClient.RequestUserAuthorization(returnTo: callbackUri); 
     } 
     else 
     { 
      //Get AccesToken 
      Uri.EscapeDataString(authorization.AccessToken); 
     } 

Answer 1

你有你的声明作为饼干不变，如下图所示：

private const string XsrfCookieName = "DotNetOpenAuth.WebServerClient.XSRF-Session" 

这将有助于即使在回调保持价值。