如何保护基于OAuth的wcf rest服务

Question

我需要基于OAuth来保护wcf服务。在这种情况下，Java应用程序正在向我传递一个令牌，我需要在.Net层中基于Oauth进行验证，如果令牌已通过，则需要调用wcf服务。

我检查了基于OAuth的几个例子，但没有得到任何想法来实现这一目标。请帮助我如何在.net中基于OAuth实现此目标。

Answer 1

最后我解决了这个由下面实施

var authHeader = WebOperationContext.Current.IncomingRequest.Headers.GetValues("Authorization"); 
       if (authHeader == null || authHeader.Length == 0) 
       { 
        throw new WebFaultException(HttpStatusCode.Unauthorized); 
       } 
       NameValueCollection outgoingQueryString = HttpUtility.ParseQueryString(String.Empty); 

       var parts = authHeader[0].Split(' '); 
       if (parts[0] == "Bearer") 
       { 
        string token = parts[1]; 

        outgoingQueryString.Add("token", token); 
        byte[] postdata = Encoding.ASCII.GetBytes(outgoingQueryString.ToString()); 

        var result = string.Empty; 
        var httpWebRequest = (HttpWebRequest)WebRequest.Create(oauthConfiguration.Setting.CheckUrl); 
        httpWebRequest.ContentType = "application/x-www-form-urlencoded"; 
        httpWebRequest.Method = "POST"; 
        httpWebRequest.Headers.Add("Authorization", GetAuthorizationHeader(oauthConfiguration.Setting.ClientId, oauthConfiguration.Setting.ClientSecret)); 
        httpWebRequest.ContentLength = postdata.Length; 
        using (Stream postStream = httpWebRequest.GetRequestStream()) 
        { 
         postStream.Write(postdata, 0, postdata.Length); 
         postStream.Flush(); 
         postStream.Close(); 
        } 

        var response = (HttpWebResponse)httpWebRequest.GetResponse(); 
        var responseString = new StreamReader(response.GetResponseStream()).ReadToEnd();