1
我需要基于OAuth来保护wcf服务。在这种情况下,Java应用程序正在向我传递一个令牌,我需要在.Net层中基于Oauth进行验证,如果令牌已通过,则需要调用wcf服务。如何保护基于OAuth的wcf rest服务
我检查了基于OAuth的几个例子,但没有得到任何想法来实现这一目标。请帮助我如何在.net中基于OAuth实现此目标。
我需要基于OAuth来保护wcf服务。在这种情况下,Java应用程序正在向我传递一个令牌,我需要在.Net层中基于Oauth进行验证,如果令牌已通过,则需要调用wcf服务。如何保护基于OAuth的wcf rest服务
我检查了基于OAuth的几个例子,但没有得到任何想法来实现这一目标。请帮助我如何在.net中基于OAuth实现此目标。
最后我解决了这个由下面实施
var authHeader = WebOperationContext.Current.IncomingRequest.Headers.GetValues("Authorization");
if (authHeader == null || authHeader.Length == 0)
{
throw new WebFaultException(HttpStatusCode.Unauthorized);
}
NameValueCollection outgoingQueryString = HttpUtility.ParseQueryString(String.Empty);
var parts = authHeader[0].Split(' ');
if (parts[0] == "Bearer")
{
string token = parts[1];
outgoingQueryString.Add("token", token);
byte[] postdata = Encoding.ASCII.GetBytes(outgoingQueryString.ToString());
var result = string.Empty;
var httpWebRequest = (HttpWebRequest)WebRequest.Create(oauthConfiguration.Setting.CheckUrl);
httpWebRequest.ContentType = "application/x-www-form-urlencoded";
httpWebRequest.Method = "POST";
httpWebRequest.Headers.Add("Authorization", GetAuthorizationHeader(oauthConfiguration.Setting.ClientId, oauthConfiguration.Setting.ClientSecret));
httpWebRequest.ContentLength = postdata.Length;
using (Stream postStream = httpWebRequest.GetRequestStream())
{
postStream.Write(postdata, 0, postdata.Length);
postStream.Flush();
postStream.Close();
}
var response = (HttpWebResponse)httpWebRequest.GetResponse();
var responseString = new StreamReader(response.GetResponseStream()).ReadToEnd();