昨天爲自己的網站實現了QQ登陸的功能,雖然,沒有進行綁定,但是在技術層面上來說,已經瞭解了一點騰訊開放平臺的協議.
具體什麼是OAUTH,請您GG一下吧...
關於騰訊的開放平臺,最主要的就是參數一定不能多,能有的要有,不能有的一定不能有.不然提交過去,就會提示什麼什麼錯了.
最關鍵的就是簽名的方式,下面就是我的簽名的代碼
1 /// <summary>
2 /// 每一步不同的生成簽名的方式
3 /// </summary>
4 /// <returns></returns>
5 protected virtual String BuildSignature(String SignatureHost)
6 {
7 String PostMethodString = "GET&";
8 StringBuilder ParamString = new StringBuilder();
9 this.CurrentStepParameters
10 .OrderBy(c => c.Key.ToString())
11 .ToList()
12 .ForEach(c =>
13 {
14 if (c.Key != OAuthParameterName.oauth_signature &&
15 c.Key != OAuthParameterName.timestamp)
16 {
17 if (ParamString.Length > 0)
18 {
19 ParamString.Append("&");
20 }
21 var p = c.Value;
22 ParamString.Append(p.OAuthOringinaName);
23 ParamString.Append("=");
24 ParamString.Append(p.Value);
25 }
26 }
27 );
28 StringBuilder SignData = new StringBuilder();
29 SignData.Append(PostMethodString);
30 SignData.Append(OAuthHelper.UrlEncode(SignatureHost));
31 SignData.Append("&");
32 SignData.Append(OAuthHelper.UrlEncode(ParamString.ToString()));
33
34 //密鑰
35 String SecretKey = String.Format("{0}&{1}", this.AppKey, this.AuthorizedTokenKey);
36 String SignContent = SignData.ToString();
37 String Signature = Convert.ToBase64String(OAuthHelper.HMACSHA1Code(SignContent, SecretKey));
38 return Signature;
39 }
2 /// 每一步不同的生成簽名的方式
3 /// </summary>
4 /// <returns></returns>
5 protected virtual String BuildSignature(String SignatureHost)
6 {
7 String PostMethodString = "GET&";
8 StringBuilder ParamString = new StringBuilder();
9 this.CurrentStepParameters
10 .OrderBy(c => c.Key.ToString())
11 .ToList()
12 .ForEach(c =>
13 {
14 if (c.Key != OAuthParameterName.oauth_signature &&
15 c.Key != OAuthParameterName.timestamp)
16 {
17 if (ParamString.Length > 0)
18 {
19 ParamString.Append("&");
20 }
21 var p = c.Value;
22 ParamString.Append(p.OAuthOringinaName);
23 ParamString.Append("=");
24 ParamString.Append(p.Value);
25 }
26 }
27 );
28 StringBuilder SignData = new StringBuilder();
29 SignData.Append(PostMethodString);
30 SignData.Append(OAuthHelper.UrlEncode(SignatureHost));
31 SignData.Append("&");
32 SignData.Append(OAuthHelper.UrlEncode(ParamString.ToString()));
33
34 //密鑰
35 String SecretKey = String.Format("{0}&{1}", this.AppKey, this.AuthorizedTokenKey);
36 String SignContent = SignData.ToString();
37 String Signature = Convert.ToBase64String(OAuthHelper.HMACSHA1Code(SignContent, SecretKey));
38 return Signature;
39 }
這裏的CurrentStepParameters是在構造方式裏進行賦值,或者其它地方,簽名裏最關鍵的,就是oauth_signature和timestamp這兩個參數,要記得去掉,在這裏,我選擇了過濾.
因爲有的時候,CurrentStepParameters這個字典從querystring來生成的話會簡單點還有能複用.
在所有參數中,有幾個是經常會用到的.
所以,在此我建立了一個通用參數生成方法
1 protected virtual void AddCommonParameters()
2 {
3 if (this.CurrentStepParameters != null)
4 {
5 //增加通用參數
6 this.CurrentStepParameters.AddParam(OAuthParameterName.oauth_consumer_key, this.AppID);
7 this.CurrentStepParameters.AddParam(OAuthParameterName.oauth_nonce, DateTime.UtcNow.Ticks.ToString());
8 this.CurrentStepParameters.AddParam(OAuthParameterName.oauth_timestamp, OAuthHelper.GenerateTimestamp());
9 this.CurrentStepParameters.AddParam(OAuthParameterName.oauth_version, "1.0");
10 this.CurrentStepParameters.AddParam(OAuthParameterName.oauth_signature_method, "HMAC-SHA1");
11 this.CurrentStepParameters.AddParam(OAuthParameterName.oauth_client_ip, "1");
12
13 if (this.CurrentStepParameters.ContainsKey(OAuthParameterName.oauth_token_secret))
14 {
15 this.AuthorizedTokenKey = CurrentStepParameters[OAuthParameterName.oauth_token_secret].Value;
16 }
17
18 if (this.CurrentStepParameters.ContainsKey(OAuthParameterName.oauth_signature))
19 {
20 CurrentStepParameters.Remove(OAuthParameterName.oauth_signature);
21 }
22
23 if (this.CurrentStepParameters.ContainsKey(OAuthParameterName.timestamp))
24 {
25 CurrentStepParameters.Remove(OAuthParameterName.timestamp);
26 }
27 }
28 }
2 {
3 if (this.CurrentStepParameters != null)
4 {
5 //增加通用參數
6 this.CurrentStepParameters.AddParam(OAuthParameterName.oauth_consumer_key, this.AppID);
7 this.CurrentStepParameters.AddParam(OAuthParameterName.oauth_nonce, DateTime.UtcNow.Ticks.ToString());
8 this.CurrentStepParameters.AddParam(OAuthParameterName.oauth_timestamp, OAuthHelper.GenerateTimestamp());
9 this.CurrentStepParameters.AddParam(OAuthParameterName.oauth_version, "1.0");
10 this.CurrentStepParameters.AddParam(OAuthParameterName.oauth_signature_method, "HMAC-SHA1");
11 this.CurrentStepParameters.AddParam(OAuthParameterName.oauth_client_ip, "1");
12
13 if (this.CurrentStepParameters.ContainsKey(OAuthParameterName.oauth_token_secret))
14 {
15 this.AuthorizedTokenKey = CurrentStepParameters[OAuthParameterName.oauth_token_secret].Value;
16 }
17
18 if (this.CurrentStepParameters.ContainsKey(OAuthParameterName.oauth_signature))
19 {
20 CurrentStepParameters.Remove(OAuthParameterName.oauth_signature);
21 }
22
23 if (this.CurrentStepParameters.ContainsKey(OAuthParameterName.timestamp))
24 {
25 CurrentStepParameters.Remove(OAuthParameterName.timestamp);
26 }
27 }
28 }
下面是一個測試地址 :http://www.changshu.so/Tencent , 之後等完成綁定後,地址會刪除
組件下載地址 : http://files.cnblogs.com/sam251/CSCMS.Secrity.OAuth.rar
後續還有綁定的需要自己去實現了.如果能有通用的方式,我會定時更新,另外,其它OAUTH,比如SINA的,正在研究.
本程序裏的OAuthHelper.GenerateTimestamp());
原文地址:http://www.cnblogs.com/sam251/archive/2011/09/15/oauth_tencent.html
