1
我需要基於OAuth來保護wcf服務。在這種情況下,Java應用程序正在向我傳遞一個令牌,我需要在.Net層中基於Oauth進行驗證,如果令牌已通過,則需要調用wcf服務。如何保護基於OAuth的wcf rest服務
我檢查了基於OAuth的幾個例子,但沒有得到任何想法來實現這一目標。請幫助我如何在.net中基於OAuth實現此目標。
我需要基於OAuth來保護wcf服務。在這種情況下,Java應用程序正在向我傳遞一個令牌,我需要在.Net層中基於Oauth進行驗證,如果令牌已通過,則需要調用wcf服務。如何保護基於OAuth的wcf rest服務
我檢查了基於OAuth的幾個例子,但沒有得到任何想法來實現這一目標。請幫助我如何在.net中基於OAuth實現此目標。
最後我解決了這個由下面實施
var authHeader = WebOperationContext.Current.IncomingRequest.Headers.GetValues("Authorization");
if (authHeader == null || authHeader.Length == 0)
{
throw new WebFaultException(HttpStatusCode.Unauthorized);
}
NameValueCollection outgoingQueryString = HttpUtility.ParseQueryString(String.Empty);
var parts = authHeader[0].Split(' ');
if (parts[0] == "Bearer")
{
string token = parts[1];
outgoingQueryString.Add("token", token);
byte[] postdata = Encoding.ASCII.GetBytes(outgoingQueryString.ToString());
var result = string.Empty;
var httpWebRequest = (HttpWebRequest)WebRequest.Create(oauthConfiguration.Setting.CheckUrl);
httpWebRequest.ContentType = "application/x-www-form-urlencoded";
httpWebRequest.Method = "POST";
httpWebRequest.Headers.Add("Authorization", GetAuthorizationHeader(oauthConfiguration.Setting.ClientId, oauthConfiguration.Setting.ClientSecret));
httpWebRequest.ContentLength = postdata.Length;
using (Stream postStream = httpWebRequest.GetRequestStream())
{
postStream.Write(postdata, 0, postdata.Length);
postStream.Flush();
postStream.Close();
}
var response = (HttpWebResponse)httpWebRequest.GetResponse();
var responseString = new StreamReader(response.GetResponseStream()).ReadToEnd();