消息签名是不正确的

消息签名是不正确的

本文介绍了DotNetOpenAuth - 消息签名是不正确的的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

有already已经解决了这一问题一个计算器职位。但是,它不能帮助我。

There is already a StackOverflow post that has addressed this issue. However, it couldn't help me.

所以,我写了使用DotNetOpenAuth一个OpenID登录实施和我不断获取消息的签名是不正确的。

So, I have written an OpenID login implementation using DotNetOpenAuth and I keep on getting "Message signature was incorrect".

有趣的是,这是从PC我在我家发生。在我的工作,我的不可以得到这个错误,它好的工作。

The funny thing is that this is happening from a PC I have at my home. At my work I'm not getting this error and it is working ok.

我试着在web.config中添加

I've tried to add in the web.config

<trust level="Full" />
<httpRuntime maxQueryStringLength="20000" />

另外,我已经添加了空参数,而实例化OpenIdRelyingParty

Also, I've added the null parameter while instantiating the OpenIdRelyingParty

新OpenIdRelyingParty(空)

最后,我在路由器和PC打开了443端口。

Lastly, I've opened the 443 port in the router and PC.

的关键因素是,这是不从PC我在家工作。然而,它从PC我在工作的工作。两者有相同的确切code。

The key factor is that this is not working from the PC I have at home. However, it is working from the PC I have at work. Both have the same exact code.

推荐答案

当您对一个OAuth提供者的请求,框架生成签名。这个签名是不同的价值观,包括您所请求的URL的哈希值。然后,该提供不一样的,进行比较。如果供应商建立哈希是不一样的,你已经通过oauth_signature查询字符串参数中提供的,该请求不被视为有效,你得到这个错误。

When you make a request to an OAuth provider, the framework generates a signature. This signature is a hash of different values, including the URL that you are requesting. The provider then does the same and performs a comparison. If the hash that the provider builds is not the same as the one you've provided via the oauth_signature query string parameter, the request is not considered valid, and you get this error.

我遇到了一个类似的问题时,我的客户端应用程序签名,这是沿着api.foo.com/oauth东西线的URL。服务器有这样的重写网址前foo.com/api/oauth~~V的的URL重写的提供者有机会处理任何事情。由于客户端的URL和由提供者所处理的网址是不同的,这导致不同的签名,因此,该错误。

I ran into a similar issue when my client application was signing an URL that was something along the lines of api.foo.com/oauth. The server had an URL rewriter that rewrote the URL to foo.com/api/oauth before the provider had a chance to process anything. Since the client URL and the URL that was processed by the provider were different, this caused different signatures, hence the error.

这篇关于DotNetOpenAuth - 消息签名是不正确的的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

09-02 00:56