最近由于公司的需求特别多,而且还不是一个项目的需求,几个数据库几个VS来回切换。难免搞混搞乱,忘记。于是自己用WPF做了一个小工具:AgileToDo,一个待办列表。本来使用sqlce来做本地的存储。但是在这个云时代,搞本地存储显然不能拿出手。于是我决定给它集成有道云笔记,使用有道云笔记的的OPEN API来实现云端的存储。http://note.youdao.com/open/apidoc.html
有道云笔记的API使用OAuth的方式对第三方应用进行授权。OAuth的介绍就不多说了,说的人也挺多了,自己查资料吧。要使用它的API,我们需要授权。本来想完全有自己去实现一下这个过程的,不过看了授权的整个过程发现还是很复杂的,不花点时间估计还真搞不出来。于是用nuget搜一下发现了DotNetOpenAuth,而且这个类库的排名是很靠前的,想必是个神器。
这里简单说一下DotNetOpenAuth,据我简单了解,DotNetOpenAuth主要是分了2部分的功能。一部分类库是作为消费者,访问第三方OAUTH服务,请求授权,比如我现在要做的事,访问有道云笔记的OAUTH服务。还有一部分类库是用做服务方,实现OAUTH服务提供方的功能,可以使你的用户系统支持OAUTH,供第三方消费者来使用。要深入了解的请直接去下载源码,而且里面包含了很多sample,有web的有desktop的,访问google,twitter的例子等等等。我的代码当然也是参考了这些sample。
经过一晚上的折腾,终于用.NET实现了有道云笔记的授权。废话不多说,上代码吧。
1.添加DotNetOpenAuth的引用
2.YDAuthBaseInfo类
代码语言:javascript复制 /// <summary>
/// OAUTH授权所需的一些基础信息
/// </summary>
public class YDAuthBaseInfo
{
public static readonly string OwnerId = "";
public static readonly string ConsumerName = "";
public static readonly string ConsumerKey = "";//开发者申请的KEY
public static readonly string ConsumerSecret = "";//开发者申请的Secret
public static readonly string BaseUrl = "http://sandbox.note.youdao.com";//测试沙箱基础url
public static readonly ServiceProviderDescription ServiceDescription = null;//OAUTH服务提供方信息
static YDAuthBaseInfo()
{
OwnerId = "kklldog";
ConsumerName = "AgileToDo";
ConsumerKey = "xxxx";
ConsumerSecret = "xxxx";
ServiceDescription = new ServiceProviderDescription
{
RequestTokenEndpoint = new MessageReceivingEndpoint(YDAuthBaseInfo.BaseUrl "/oauth/request_token",
HttpDeliveryMethods.AuthorizationHeaderRequest | HttpDeliveryMethods.GetRequest),
UserAuthorizationEndpoint = new MessageReceivingEndpoint(YDAuthBaseInfo.BaseUrl "/oauth/authorize",
HttpDeliveryMethods.AuthorizationHeaderRequest | HttpDeliveryMethods.GetRequest),
AccessTokenEndpoint = new MessageReceivingEndpoint(YDAuthBaseInfo.BaseUrl "/oauth/access_token",
HttpDeliveryMethods.AuthorizationHeaderRequest | HttpDeliveryMethods.GetRequest),
TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() },
};
}
}3.YDTokenManager 类
代码语言:javascript复制 /// <summary>
/// TokenManager 令牌管理
/// </summary>
public class YDTokenManager : IConsumerTokenManager
{
private Dictionary<string, string> _tokensAndSecrets = new Dictionary<string, string>();
private TokenType _tokenType;
/// <summary>
/// Initializes a new instance of the <see cref="YDTokenManager"/> class.
/// </summary>
/// <param name="consumerKey">The consumer key.</param>
/// <param name="consumerSecret">The consumer secret.</param>
public YDTokenManager(string consumerKey, string consumerSecret)
{
if (string.IsNullOrEmpty(consumerKey))
{
throw new ArgumentNullException("consumerKey");
}
this.ConsumerKey = consumerKey;
this.ConsumerSecret = consumerSecret;
}
/// <summary>
/// Gets the consumer key.
/// </summary>
/// <value>The consumer key.</value>
public string ConsumerKey { get; private set; }
/// <summary>
/// Gets the consumer secret.
/// </summary>
/// <value>The consumer secret.</value>
public string ConsumerSecret { get; private set; }
#region ITokenManager Members
public string GetTokenSecret(string token)
{
return this._tokensAndSecrets[token];
}
public void StoreNewRequestToken(UnauthorizedTokenRequest request, ITokenSecretContainingMessage response)
{
this._tokensAndSecrets[response.Token] = response.TokenSecret;
_tokenType = TokenType.RequestToken;
}
public void ExpireRequestTokenAndStoreNewAccessToken(string consumerKey, string requestToken, string accessToken, string accessTokenSecret)
{
this._tokensAndSecrets.Remove(requestToken);
this._tokensAndSecrets[accessToken] = accessTokenSecret;
_tokenType = TokenType.AccessToken;
}
/// <summary>
/// Classifies a token as a request token or an access token.
/// </summary>
/// <param name="token">The token to classify.</param>
/// <returns>Request or Access token, or invalid if the token is not recognized.</returns>
public TokenType GetTokenType(string token)
{
return _tokenType;
}
#endregion
}4.YDWebConsumer类
代码语言:javascript复制 /// <summary>
/// 有道OPEN AUTH的web端消费者实现
/// </summary>
public class YDWebConsumer:WebConsumer
{
public YDWebConsumer(ServiceProviderDescription serviceProvider, IConsumerTokenManager tokenManager)
: base(serviceProvider, tokenManager)
{
}
/// <summary>
/// 请求授权
/// </summary>
/// <param name="consumer"></param>
public static void RequestAuthorization(YDWebConsumer consumer)
{
if (consumer == null)
{
throw new ArgumentNullException("YDWebConsumer");
}
Uri callback = GetCallbackUrlFromContext();
var request = consumer.PrepareRequestUserAuthorization(callback, null, null);
consumer.Channel.Send(request);
}
/// <summary>
/// 获取CALLBACKURL
/// </summary>
/// <returns></returns>
internal static Uri GetCallbackUrlFromContext()
{
Uri callback = MessagingUtilities.GetRequestUrlFromContext().StripQueryArgumentsWithPrefix("oauth_");
return callback;
}
}5.有了这些我们就可以去请求授权了。让我们来试试,新建一个ASP.NET项目,在Default.aspx下修改代码
代码语言:javascript复制<%@ Page Title="主页" Language="C#" MasterPageFile="~/Site.master" AutoEventWireup="true"
CodeBehind="Default.aspx.cs" Inherits="YDOpenAPI._Default" %>
<asp:Content ID="HeaderContent" runat="server" ContentPlaceHolderID="HeadContent">
</asp:Content>
<asp:Content ID="BodyContent" runat="server" ContentPlaceHolderID="MainContent">
<h2>
欢迎使用 ASP.NET!
</h2>
<asp:Label runat="server" ID="lbl"></asp:Label>
</asp:Content> protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
var youDao = new YDWebConsumer(YDAuthBaseInfo.ServiceDescription, this.TokenManager);
// 是否已经授权 var accessTokenResponse = youDao.ProcessUserAuthorization();
if (accessTokenResponse != null)
{
this.AccessToken = accessTokenResponse.AccessToken;
this.lbl.Text ="Token:" this.AccessToken " Screct:" this.TokenManager.GetTokenSecret(this.AccessToken);
}
else if (this.AccessToken == null)
{
YDWebConsumer.RequestAuthorization(youDao);
}
}
}//TokenManager
private YDTokenManager TokenManager
{
get
{
var tokenManager = (YDTokenManager)Session["tokenManager"];
if (tokenManager == null)
{
string consumerKey = YDOpenAPI4N.YDAuthBaseInfo.ConsumerKey;
string consumerSecret = YDOpenAPI4N.YDAuthBaseInfo.ConsumerSecret;
if (!string.IsNullOrEmpty(consumerKey))
{
tokenManager = new YDTokenManager(consumerKey, consumerSecret);
Session["tokenManager"] = tokenManager;
}
}
return tokenManager;
}
}跑一下是不是成功了。
有了AccessToken跟AccessSecret我们就可以去访问有道云笔记的操作API了:创建,删除,修改笔记了。这部分接下来我也会实现。
希望对于需要了解OAUTH跟DOTNETOPENAUTH的同学能有帮助。
