我正在尝试设置一个简单的Oauth2登录身份验证.但是我停留在抛出以下异常的回调:
[ProtocolException: Unexpected OAuth authorization response received with callback and client state that does not match an expected value.] DotNetOpenAuth.Messaging.ErrorUtilities.VerifyProtocol(Boolean condition,String unformattedMessage,Object[] args) +426 DotNetOpenAuth.OAuth2.WebServerClient.ProcessUserAuthorization(HttpRequestBase request) +771
在here讨论了完全相同的问题
在我的例子中,SessionID保持不变,但DotNetOpenAuth.WebServerClient.XSRF-Session cookie在回调时更改了它的值.
执行:
public void Authorize(HttpRequest request)
{
string callbackString = request.Url.AbsoluteUri;
Uri callbackUri = new Uri(callbackString);;
IAuthorizationState authorization = nimbleClient.ProcessUserAuthorization();
if (authorization == null)
{
// Kick off authorization request
nimbleClient.RequestUserAuthorization(returnTo: callbackUri);
}
else
{
//Get AccesToken
Uri.EscapeDataString(authorization.AccessToken);
}
解决方法
您是否已将Cookie声明为常量,如下所示:
private const string XsrfCookieName = "DotNetOpenAuth.WebServerClient.XSRF-Session"
这有助于在回调时保持该值.
