In fact, there are only 4 steps in the program:
1. Obtain the Request token.
2. User authentication.
3. Obtain Access token.
4. Obtain user information.
In the process of handling OAuth authorization, I also encountered several common problems in the Sina Open Platform Forum. I will summarize them here and will talk about my ideas and solutions in the following explanation:
1. Callback problem when requesttoken.
2. 401 error.
3. 403 error.
4. 500 error.
5. Unauthorized error.
By the way, to call the Sina Weibo interface, you must apply for an application. After successfully applying for the application, you will get an App key number and App Secret number. We also need to request through these two parameters. Authorization, there is also OAuthBase available for download online, but you need to download the correct version. It is also available in my Demo. Our main authorization code is in the OAuthBase.cs file.
1. Get Request token:
Go directly to the code:
public void getRequestToken()
{
Uri uri = new Uri(requestTokenUri);
string nonce = oAuth.GenerateNonce();//Get a randomly generated string to prevent attacks
string timeStamp = oAuth.GenerateTimeStamp ();//Time stamp of initiating request
string normalizeUrl, normalizedRequestParameters;
//Signature
string sig = oAuth.GenerateSignature(uri, apiKey, apiKeySecret, string.Empty, string.Empty,
"GET", timeStamp, nonce, string.Empty, out normalizeUrl, out normalizedRequestParameters);
sig = HttpUtility.UrlEncode(sig );
//Construct the url of the Request Token
StringBuilder sb = new StringBuilder(uri.ToString());
sb.AppendFormat("? oauth_consumer_key={0}&", apiKey);
sb.AppendFormat("oauth_nonce={0}&", nonce);
sb.AppendFormat("oauth_signature={0 }&", sig);
sb.AppendFormat("oauth_signature_method={0}&", "HMAC-SHA1");
sb.AppendFormat("oauth_timestamp={0 }&", timeStamp);
sb.AppendFormat("oauth_version={0}", "1.0");
//Request Request Token
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(sb.ToString());
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
StreamReader stream = new StreamReader(response .GetResponseStream(), System.Text.Encoding.UTF8);
string responseBody = stream.ReadToEnd();
stream.Close();
response.Close();
int intOTS = responseBody.IndexOf("oauth_token=");
int intOTSS = responseBody.IndexOf("&oauth_token_secret=");
Session["oauth_token"] = responseBody.Substring(intOTS + 12, intOTSS - (intOTS + 12));
Session["oauth_token_secret"] = responseBody.Substring((intOTSS + 20) , responseBody.Length - (intOTSS + 20));
Response.Redirect(AUTHORIZE + "?oauth_token=" + Session["oauth_token"] + "&oauth_callback=" + Request.Url);
}
I encountered a 401 error and an address return error when requesting the Request token. The address return error is easier to solve. It is usually an address error, so I used Request.Url directly. , then the 401 error occurred. My mistake was in the signature. The initial OAuthBase file was downloaded incorrectly. Just download the latest one. There is also the oauth_version parameter in the request parameters. Many values ????are 1.0a, so it seems No, changing them all to 1.0 can avoid many mistakes.
2. User authentication:
After the Request token request is successful, the platform automatically jumps to the login page for user authentication. After the authentication is passed, the platform will return oauth_token and oauth_verifier to the specified Callback comes and saves the two parameters for requesting Access token. If the address is incorrect here, an error will be reported.
3. Obtain Access token:
The focus of this request is still on the signature. The oauth_token and oauth_verifier returned after user authentication must be signed together to be correct. Some OAuthBases do not have it. Adding the verifier to the signature made me very depressed at the time. If this was wrong, an unauthorized or 403 error would be reported. After the request is successful, you need to save the oauth_token and oauth_token_secret again. The following is the code:
public void getAccessToken(string requestToken, string oauth_verifier)
{
Uri uri = new Uri(ACCESS_TOKEN);
string nonce = oAuth.GenerateNonce();< /p>
string timeStamp = oAuth.GenerateTimeStamp();
string normalizeUrl, normalizedRequestParameters;
// Signature
string sig = oAuth.GenerateSignature (
uri,
apiKey,
apiKeySecret,
requestToken,
Session["oauth_token_secret"] .ToString(),
"Get",
timeStamp,
nonce,
oauth_verifier,
out normalizeUrl,
out normalizedRequestParameters);
sig = oAuth.UrlEncode(sig);
//Construct the url to request Access Token
< p>StringBuilder sb = new StringBuilder(uri.ToString());sb.AppendFormat("?oauth_consumer_key={0}&", apiKey);
sb.AppendFormat( "oauth_nonce={0}&", nonce);
sb.AppendFormat("oauth_timestamp={0}&", timeStamp);
sb.AppendFormat("oauth_signature_method={ 0}&", "HMAC-SHA1");
sb.AppendFormat("oauth_version={0}&", "1.0");
sb.AppendFormat("oauth_signature ={0}&", sig);
sb.AppendFormat("oauth_token={0}&", requestToken);
sb.AppendFormat("oauth_verifier={0} ", oauth_verifier);
//Request Access Token
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(sb.ToString());
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
StreamReader stream = new StreamReader(response.GetResponseStream(), System.Text.Encoding.UTF8);
string responseBody = stream. ReadToEnd();
stream.Close();
response.Close();
int intOTS = responseBody.IndexOf("oauth_token=");
int intOTSS = responseBody.IndexOf("&oauth_token_secret=");
int intUser = responseBody.IndexOf("&user_id=");
Session[" oauth_token"] = responseBody.Substring(intOTS + 12, intOTSS - (intOTS + 12));
Session["oauth_token_secret"] = responseBody.Substring((intOTSS + 20), intUser - (intOTSS + 20));
Session["User_Id"] = responseBody.Substring((intUser + 9), responseBody.Length - (intUser + 9));
verify_credentials();
}
4. Obtain login user information:
The steps are simple and the same as the above request methods. The main thing is to add oauth_token and oauth_token_secret to the signature. The following is the code:
public void verify_credentials()
{
Uri uri = new Uri("url");
string nonce = oAuth.GenerateNonce();
string timeStamp = oAuth.GenerateTimeStamp();
string normalizeUrl, normalizedRequestParameters;
// Signature
string sig = oAuth.GenerateSignature(
uri,
apiKey,
apiKeySecret,
Session["oauth_token"] .ToString(),
Session["oauth_token_secret"].ToString(),
"Get",
timeStamp,
nonce,
string.Empty,
out normalizeUrl,
out normalizedRequestParameters);
sig = HttpUtility.UrlEncode(sig);
StringBuilder sb = new StringBuilder(uri.ToString());
sb.AppendFormat("?oauth_consumer_key={0}&", apiKey);
sb.AppendFormat("oauth_nonce={0}&", nonce);
sb.AppendFormat("oauth_timestamp={0}&", timeStamp);
sb.AppendFormat ("oauth_signature_method={0}&", "HMAC-SHA1");
sb.AppendFormat("oauth_version={0}&", "1.0");
sb .AppendFormat("oauth_signature={0}&", sig);
sb.AppendFormat("oauth_token={0}&", Session["oauth_token"].ToString());
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(sb.ToString());
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
StreamReader stream = new StreamReader(response.GetResponseStream(), System.Text.Encoding.UTF8);
string responseBody = stream.ReadToEnd();
stream.Close();
response.Close();
Session["responseBody"] = responseBody;
}
Here you can get the user's personal information , then the OAuth authorization will be successful. In fact, the steps are relatively simple. The main thing to pay attention to is the signature. If the signature is incorrect, it will definitely fail. There are also some details, such as address, version number, and request method. Just be careful. Avoid, due to time reasons, what I will talk about here is relatively simple. I hope everyone can communicate with each other. Here is the Demo: SinaOAuth
Reprinted for reference only, the copyright belongs to the original author. I wish you a happy life, please accept it if you are satisfied