【发布时间】:2018-05-09 09:40:34
【问题描述】:
我有客户端提供的 .pem 文件,使用此文件我必须使用以下几点生成 client_secret 密钥 -
1.服务帐户具有来自提供的公私钥对的公钥 由客户提供。
2.时间戳格式为十进制字符串,表示时间 1970 年 1 月 1 日 00:00:00 GMT 之后的毫秒数。
3. 然后使用服务的私钥对时间戳进行签名/加密 与客户端关联的帐户和 Base 64 编码。
我已按照上述要求实现了代码,但 Web API 服务器返回以下错误 -
远程服务器返回错误:(400) Bad Request。 {"error":"invalid_grant","error_description":"无法验证。[clientId:"my key"]."}.
这是我生成 client_secret 密钥的函数 -
private string getsecretkey()
{
string privateKeyPath = @"C:\Users\vijay.birari.DGSL\Desktop\Temp\familysearchserviceaccount1.PEM";
StreamReader sr = new StreamReader(privateKeyPath);
PemReader pr = new PemReader(sr);
AsymmetricCipherKeyPair KeyPair = (AsymmetricCipherKeyPair)pr.ReadObject();
RSAParameters rsa = DotNetUtilities.ToRSAParameters((RsaPrivateCrtKeyParameters)KeyPair.Private);
//RsaKeyParameters publickey = (RsaKeyParameters)KeyPair.Public;
RsaKeyParameters privatekey = (RsaKeyParameters)KeyPair.Private;
// Timestamps code
TimeSpan ts = (DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc));
long millis = (long)ts.TotalMilliseconds;
string sTimestamp = Convert.ToString(millis);
byte[] Timstamp = Encoding.UTF8.GetBytes(sTimestamp);
IAsymmetricBlockCipher cipher = new OaepEncoding(new RsaEngine());
cipher.Init(true, privatekey);
byte[] bytesTimestampUtf8Encrypted = cipher.ProcessBlock(Timstamp, 0, Timstamp.Length);
string encode = Convert.ToBase64String(bytesTimestampUtf8Encrypted);
string secret = HttpUtility.UrlEncode(encode, UTF8Encoding.UTF8);
return secret;
}
在下面的代码中调用上面的函数-
字符串响应 = string.Empty;
try
{
StringBuilder sb = new StringBuilder("https://ident.familysearch.org/cis-web/oauth2/v3/token?");
sb.Append("grant_type=client_credentials&client_id=");
sb.Append(client_id);
sb.Append("&client_secret=");
// sb.Append("=");
sb.Append(getsecretkey());
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(sb.ToString());
request.Method = "POST";
// request.ContentType = "application/x-www-form-urlencoded";
// request.ContentType = "application/json";
using (HttpWebResponse response = (HttpWebResponse)request.GetResponse())
{
using (StreamReader sr = new StreamReader(response.GetResponseStream()))
{
respones = sr.ReadToEnd();
}
if (!string.IsNullOrEmpty(respones))
{
dynamic jsonResponse = JsonConvert.DeserializeObject(respones.ToString());
dynamic data = JObject.Parse(respones);
respones = data.access_token;
}
}
return webresponse;
}
}
catch (WebException wex)
{
if (wex.Response != null)
{
using (var errorResponse = (HttpWebResponse)wex.Response)
{
using (var reader = new StreamReader(errorResponse.GetResponseStream()))
{
respones = reader.ReadToEnd();
//TODO: use JSON.net to parse this string and look at the error message
}
}
}
return respones;
}
【问题讨论】:
标签: c# asp.net asp.net-mvc