Implementation of unified authentication interface for Sina, Tencent, and Netease Weibo oauth

According to the rise of Weibo in China, Weibo provides unified oauth

I started to think about a unified access interface. Then we can use the registered users of various portals to serve us.

As a result, end users do not need to register an account for every website. There is also a security issue.

From the initial interest to the concentrated architectureArticleI read it all.

From unknown to understanding, to understanding and then to making wheels by yourself.

Using the rest time, I finally wrote three Weibo interfaces for the four major portals in China.

Because the documents of Sohu have not been read, it is always a failure to authenticate in the general way. It will be completed after time.

Now, only Sina, Tencent, and Netease are certified successfully.

Next, first, there is a picture with the truth. This is my architecture diagram.

Project address http://weibooauth.codeplex.com /(Source codeDownload it here)
Interested personnel are welcome to study together. If you have any, register a codeplex account. Together with the development of liuju150@gmail.com
 

The oauth project has written several public interfaces:
Ioauthconfig: this interface is used to obtain the configuration information of Web. config.

Namespace oauth {public interface ioauthconfig {// <summary> // obtain the appkey /// </Summary> /// <returns> </returns> string getappkey (); /// <summary> /// obtain the appsecret /// </Summary> /// <returns> </returns> string getappsecret (); /// <summary> /// get the callback URL /// </Summary> /// <returns> </returns> URI getcallbackuri (); /// <summary> /// obtain the request type /// get, post, header /// </Summary> /// <returns> </returns> oauthenum. requesttype getrequesttype ();}}
 

Ioauthmode: The parameter interface for oauth authentication. There are many interfaces here.

Namespace oauth {public interface ioauthmode {// <summary> // get the callback address /// </Summary> /// <returns> </returns> oauthparameter getoauthcallback (); /// <summary> /// obtain the applied consumerkey /// </Summary> /// <returns> </returns> oauthparameter getoauthconsumerkey (); /// <summary> /// set a random string /// </Summary> /// <Param name = "oauthnoncd"> </param> void setoauthnonce (string oauthnoncestring); /// <summary> /// obtain the random string /// </Summary> /// <returns> </returns> oauthparameter getoauthnonce (); /// <summary> /// obtain the signature method /// </Summary> /// <returns> </returns> oauthparameter getoauthsignaturemethod (); /// <summary> /// set the timestamp /// </Summary> /// <Param name = "oauthtimestamp"> </param> void setoauthtimestamp (string oauthtimestampstring); /// <summary> /// get the timestamp /// </Summary> /// <returns> </returns> oauthparameter getoauthtimestamp (); /// <summary> /// get the oauth version /// </Summary> /// <returns> </returns> oauthparameter getoauthversion (); /// <summary> /// set the signature string /// </Summary> void setoauthsignature (string oauthsignaturestring ); /// <summary> /// obtain the signature string /// </Summary> /// <returns> </returns> oauthparameter getoauthsignature (); /// <summary> /// set oauthtoken /// </Summary> void setoauthtoken (oauthparameter oauthtoken ); /// <summary> /// get the oauthtoken /// </Summary> /// <returns> </returns> oauthparameter getoauthtoken (); /// <summary> /// set oauthtokensecret /// </Summary> void setoauthtokensecret (oauthparameter oauthtokensecret ); /// <summary> /// get oauthtokensecret /// </Summary> /// <returns> </returns> oauthparameter getoauthtokensecret (); /// <summary> /// set oauthverifier // </Summary> /// <Param name = "oauthverifier"> </param> void setoauthverifier (oauthparameter oauthverifier ); /// <summary> /// get oauthverifier /// </Summary> /// <returns> </returns> oauthparameter getoauthverifier (); /// <summary> /// obtain the API provider /// </Summary> /// <returns> </returns> oauthenum. oauthinterface getoauthinterface ();}}

Ioauthrequesturl

 
Namespace oauth {public interface ioauthrequesturl {// <summary> // obtain an unauthorized request token /// </Summary> /// <returns> </returns> URI getrequesttokenurl (); /// <summary> /// request the user to authorize the token /// </Summary> /// <returns> </returns> URI getrequestoauthtokenurl (); /// <summary >/// obtain the authorized access token /// </Summary> /// <returns> </returns> URI getrequestaccesstokenurl ();}}
 

Then each Weibo has implemented the following interfaces (you can see the image. Each Weibo has implemented these three interfaces)

Then oauthbase implements oauth.

Taking Sina for example, the oauth authentication goes through three steps.

First Request requesttoken

Get oauthtoken and oauthtokensecret

Step 2. Use oauthtoken for authentication to get oauthverifier

Step 3: Get the real oauthtoken and oauthtokensecret

Detailed implementation (SINA)

Step 1

Oauth_callback (callback address, urlencoding)

Oauth_consumer_key (consumer_key applied for on Sina)

Oauth_nonce (random string, I heard that Teng Xun is smaller than 32 bits. I use guid)

Oauth_signature_method (signature method, all HMAC-SHA1 now)

Oauth_timestamp (timestamp, integer value of till now)

Oauth_version (oauth version, Sina, Teng Xun is 1.0a, Netease is 1.0) (currently)

Generate a parameter string. The above parameter format is: parameter name 1 = parameter value 1 & parameter name 2 = parameter value 2, the same as URL. You know

Then string. format ("{0} & {1} & {2}", {1: Request Method get, post}, {2: request URL urlencode (http://api.t.sina.com.cn/oauth/request_token)}, {3: urlencode (parameter string )})

This is the basestring of the signature, and then use the appsecret + "&" you obtained as the key to generate a signature string for the signature.

Then generate the value of the signature string oauth_signature.

Then generate the request URL (get)

Http://api.t.sina.com.cn/oauth/request_token? Parameter Name 1 = parameter value 1 & parameter name 2 = parameter value 2

This is the same as generating the parameter string. You only need to add oauth_signature.

Here is the request URL.
Oauth_token = ce9cc416a9ad8f37feba547541f81ec9 & oauth_token_secret = a6966e6898480428574f04f768da1249

This completes the first step of requesttoken.

Step 2

Http://api.t.sina.com.cn/oauth/authorize? Oauth_token = ce9cc416a9ad8f37feba547541f81ec9
Open this underground for user authentication. The oauth_token here is the oauth_token value obtained in the first step.

The server returns oauth_token = ce9cc416a9ad8f37feba547541f81ec9 & oauth_verifier = 1234567

Step 3.

Add the parameters in step 1 to obtain
Oauth_token and oauth_verifier

Obtain the new signature string, and use appsecret + "&" + oauth_token_secret (obtained in the first step) as the key pair.

Then sign the signature (note that oauth_nonce and oauth_timestamp must be generated again)

Get the new oauth_signature

Then generate a URL for the request as in step 1.

Get the real oauth_token and oauth_token_secret

Then you can use this to call related interfaces.

Protected void imgbtnsina_click (Object sender, inclue) {sinaoauthmode oauthmode = new sinaoauthmode (); oauthbase base = new oauthbase (New sinaoauthrequesturl (), new sinaoauthconfig (), oauthmode ); oauthmode = (sinaoauthmode) base. requesttoken (); string res = string. format ("{0 }:{ 1} & {2 }:{ 3}", oauthmode. getoauthtoken (). parametername, oauthmode. getoauthtoken (). parametervalue, oauthmode. getoauthtokensecret (). parametername, oauthmode. getoauthtokensecret (). parametervalue); labmsg. TEXT = res; string requestoauthtokenurl = base. getaccesstokenurl (). tostring (); Session ["oauthmode"] = oauthmode; page. clientscript. registerstartupscript (GetType (), "w_callback", "<script language = \" javascript \ "type = \" text/JavaScript \ "> imgbtnclick ('" + requestoauthtokenurl + "') </SCRIPT> ");}
 

Click

Private void sinacallback () {sinaoauthmode mode = (sinaoauthmode) session ["oauthmode"]; mode. setoauthtoken (New oauthparameter ("oauth_token", request. querystring ["oauth_token"]); mode. setoauthverifier (New oauthparameter ("oauth_verifier", request. querystring ["oauth_verifier"]); oauthbase = new oauthbase (New sinaoauthrequesturl (), new sinaoauthconfig (), mode); mode = (sinaoauthmode) base. requestaccesstoken (); Session ["oauthmode"] = mode ;}
 

Callback page

<? XML version = "1.0"?> <Configuration> <configsections> <sectiongroup name = "sinasectiongroup"> <section name = "sinasection" type = "system. configuration. namevaluesectionhandler, system "/> </sectiongroup> <sectiongroup name =" qqsectiongroup "> <section name =" qqsection "type =" system. configuration. namevaluesectionhandler, system "/> </sectiongroup> <sectiongroup name =" wangyisectiongroup "> <section name =" wangyisection "type =" system. Configuration. namevaluesectionhandler, system "/> </sectiongroup> <sectiongroup name =" sohusectiongroup "> <section name =" sohusection "type =" system. configuration. namevaluesectionhandler, system "/> </sectiongroup> </configsections> <sinasectiongroup> <sinasection> <add key =" appkey "value = "************ * "/> <add key =" appsecret "value = "************************** "/> <add key =" callbackuri "value =" http: // loca Lhost/oauthweb/oauthcallback. aspx? Type = sina "/> <add key =" requesttype "value =" get "/> </sinasection> </sinasectiongroup> <qqsectiongroup> <qqsection> <add key =" appkey ""value =" ************* "/> <add key =" appsecret "value = "********** * *************** "/> <add key =" callbackuri "value =" http: // localhost/oauthweb/oauthcallback. aspx? Type = QQ "/> <add key =" requesttype "value =" get "/> </qqsection> </qqsectiongroup> <wangyisectiongroup> <wangyisection> <add key =" appkey "value =" ************* "/> <add key =" appsecret "value = "********** * *************** "/> <add key =" callbackuri "value =" http: // localhost/oauthweb/oauthcallback. aspx? Type = wangyi "/> <add key =" requesttype "value =" get "/> </wangyisection> </wangyisectiongroup> <sohusectiongroup> <sohusection> <add key =" appkey ""value =" ************* "/> <add key =" appsecret "value = "********** * *************** "/> <add key =" callbackuri "value =" http: // localhost/oauthweb/oauthcallback. aspx? Type = Sohu "/> <add key =" requesttype "value =" get "/> </sohusection> </sohusectiongroup> <system. web> <compilation DEBUG = "true" targetframework = "4.0"/> </system. web> </configuration>

Web. config