天涯登陆

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using TuShuo.Entities;
using System.Text;

using System.Security.Cryptography;
using System.Net;
using System.IO;

namespace CiCeng.TuSHuo.Controllers
{
    [OutputCache(Duration = 10)]
    public class HomeController : Controller
    {
        #region 天涯登陆



        OAuthBase oAuth = new OAuthBase();
        string apiKey = "eec726c9d1229f362572ea2fc714bd5405190424c";//申请的App Key
        string apiKeySecret = "81627367756ca2df73dd14502d25ba4b";//申请的App Secret
        string requestTokenUri = "http://open.tianya.cn/oauth/request_token.php";
        string AUTHORIZE = "http://open.tianya.cn/oauth/authorize.php";
        string ACCESS_TOKEN = "http://open.tianya.cn/oauth/access_token.php";
        string ACCESS_User = "http://open.tianya.cn/api/user/info.php";

        public ActionResult TianyaLogin()
        {
            Uri uri = new Uri(requestTokenUri);
            string nonce = oAuth.GenerateNonce();//获取随机生成的字符串,防止攻击
            string timeStamp = oAuth.GenerateTimeStamp();//发起请求的时间戳
            string normalizeUrl, normalizedRequestParameters;
            // 签名
            string sig = oAuth.GenerateSignature(uri, apiKey, apiKeySecret, string.Empty, string.Empty, "GET", timeStamp, nonce, string.Empty, out normalizeUrl, out normalizedRequestParameters);
            sig = HttpUtility.UrlEncode(sig);
            //构造请求Request Token的url
            StringBuilder sb = new StringBuilder(uri.ToString());
            sb.AppendFormat("?oauth_consumer_key={0}&", apiKey);
            sb.AppendFormat("oauth_nonce={0}&", nonce);
            sb.AppendFormat("oauth_signature={0}&", sig);
            sb.AppendFormat("oauth_signature_method={0}&", "HMAC-SHA1");
            sb.AppendFormat("oauth_timestamp={0}&", timeStamp);
            sb.AppendFormat("oauth_version={0}", "1.0");
            //请求Request Token
            HttpWebRequest request = (HttpWebRequest)WebRequest.Create(sb.ToString());
            HttpWebResponse response = (HttpWebResponse)request.GetResponse();
            StreamReader stream = new StreamReader(response.GetResponseStream(), System.Text.Encoding.UTF8);
            string responseBody = stream.ReadToEnd();
            stream.Close();
            response.Close();
            int intOTS = responseBody.IndexOf("oauth_token=");
            int intOTSS = responseBody.IndexOf("&oauth_token_secret=");
            Session["oauth_token"] = responseBody.Substring(intOTS + 12, intOTSS - (intOTS + 12));
            string oauth_token_secret = responseBody.Substring((intOTSS + 20), responseBody.Length - (intOTSS + 20));
            oauth_token_secret = oauth_token_secret.Substring(0, oauth_token_secret.IndexOf('&'));//Session["oauth_token_secret"] = 
            return Redirect(AUTHORIZE + "?oauth_token=" + Session["oauth_token"] + "&consumer_key=" + apiKey + "&oauth_callback=" + HttpUtility.UrlEncode(Request.UrlReferrer.ToString() + "?oauth_token_secret=" + oauth_token_secret));


            //return View();
        }
        public ActionResult Login()
        {
            if (!string.IsNullOrEmpty(Request["oauth_verifier"]))
            {
                string oauth_verifier = Request["oauth_verifier"].ToString();
                string requestToken = Request["oauth_token"].ToString();
                string oauth_token_secret = Request["oauth_token_secret"].ToString();
                Uri uri = new Uri(ACCESS_TOKEN);
                string nonce = oAuth.GenerateNonce();
                string timeStamp = oAuth.GenerateTimeStamp();
                string normalizeUrl, normalizedRequestParameters;
                // 签名
                string sig = oAuth.GenerateSignature(
                uri,
                apiKey,
                apiKeySecret,
                requestToken,
                oauth_token_secret,//Session["oauth_token_secret"].ToString(),
                "Get",
                timeStamp,
                nonce,
                oauth_verifier,
                out normalizeUrl,
                out normalizedRequestParameters);
                sig = oAuth.UrlEncode(sig);
                //构造请求Access Token的url
                StringBuilder sb = new StringBuilder(uri.ToString());
                sb.AppendFormat("?oauth_consumer_key={0}&", apiKey);
                sb.AppendFormat("oauth_nonce={0}&", nonce);
                sb.AppendFormat("oauth_timestamp={0}&", timeStamp);
                sb.AppendFormat("oauth_signature_method={0}&", "HMAC-SHA1");
                sb.AppendFormat("oauth_version={0}&", "1.0");
                sb.AppendFormat("oauth_signature={0}&", sig);
                sb.AppendFormat("oauth_token={0}&", requestToken);
                sb.AppendFormat("oauth_verifier={0}", oauth_verifier);
                //请求Access Token
                HttpWebRequest request = (HttpWebRequest)WebRequest.Create(sb.ToString());
                HttpWebResponse response = (HttpWebResponse)request.GetResponse();
                StreamReader stream = new StreamReader(response.GetResponseStream(), System.Text.Encoding.UTF8);
                string responseBody = stream.ReadToEnd();
                stream.Close();
                response.Close();
                int intOTS = responseBody.IndexOf("oauth_token=");
                int intOTSS = responseBody.IndexOf("&oauth_token_secret=");
                string oauth_token  = responseBody.Substring(intOTS + 12, intOTSS - (intOTS + 12));
                oauth_token_secret = responseBody.Substring(responseBody.LastIndexOf('=')+1);

                ViewBag.Content = GetContent(oauth_token, oauth_token_secret);
                
            }
            return View();
        }

        private string GetContent(string requestToken, string oauth_token_secret)
        {
            Uri uri = new Uri(ACCESS_User);
            string nonce = oAuth.GenerateNonce();
            string timeStamp = oAuth.GenerateTimeStamp();
            StringBuilder sb = new StringBuilder(uri.ToString());
            sb.AppendFormat("?appkey={0}&", apiKey);
            sb.AppendFormat("oauth_token={0}&", requestToken);
            sb.AppendFormat("oauth_token_secret={0}&", oauth_token_secret);
            sb.AppendFormat("timestamp={0}", timeStamp);
            string tempKey = timeStamp + apiKey + requestToken + oauth_token_secret + apiKeySecret;
            tempKey = oAuth.GetMD5Hash(tempKey);
            sb.AppendFormat("&tempkey={0}", tempKey.ToUpper());
            HttpWebRequest request = (HttpWebRequest)WebRequest.Create(sb.ToString());
            HttpWebResponse response = (HttpWebResponse)request.GetResponse();
            StreamReader stream = new StreamReader(response.GetResponseStream(), System.Text.Encoding.UTF8);
            string responseBody = stream.ReadToEnd();
            stream.Close();
            response.Close();
            return responseBody;
        }

        #endregion
    }


    public class OAuthBase
    {
        /// <summary>
        /// Provides a predefined set of algorithms that are supported officially by the protocol
        /// </summary>
        public enum SignatureTypes
        {
            HMACSHA1,
            PLAINTEXT,
            RSASHA1
        }


        /// <summary>
        /// Provides an internal structure to sort the query parameter
        /// </summary>
        protected class QueryParameter
        {
            private string name = null;
            private string value = null;


            public QueryParameter(string name, string value)
            {
                this.name = name;
                this.value = value;
            }


            public string Name
            {
                get { return name; }
            }


            public string Value
            {
                get { return value; }
            }
        }


        /// <summary>
        /// Comparer class used to perform the sorting of the query parameters
        /// </summary>
        protected class QueryParameterComparer : IComparer<QueryParameter>
        {


            #region IComparer<QueryParameter> Members


            public int Compare(QueryParameter x, QueryParameter y)
            {
                if (x.Name == y.Name)
                {
                    return string.Compare(x.Value, y.Value);
                }
                else
                {
                    return string.Compare(x.Name, y.Name);
                }
            }
            #endregion
        }
        #region param
        
        protected const string OAuthVersion = "1.0";
        protected const string OAuthParameterPrefix = "oauth_";
        //
        // List of know and used oauth parameters' names
        //        
        protected const string OAuthConsumerKeyKey = "oauth_consumer_key";
        protected const string OAuthCallbackKey = "oauth_callback";
        protected const string OAuthVersionKey = "oauth_version";
        protected const string OAuthSignatureMethodKey = "oauth_signature_method";
        protected const string OAuthSignatureKey = "oauth_signature";
        protected const string OAuthVerifier = "oauth_verifier";
        protected const string OAuthTimestampKey = "oauth_timestamp";
        protected const string OAuthNonceKey = "oauth_nonce";
        protected const string OAuthTokenKey = "oauth_token";
        protected const string OAuthTokenSecretKey = "oauth_token_secret";
        protected const string HMACSHA1SignatureType = "HMAC-SHA1";
        protected const string PlainTextSignatureType = "PLAINTEXT";
        protected const string RSASHA1SignatureType = "RSA-SHA1";
        #endregion

        protected Random random = new Random();
        protected string unreservedChars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-_.~";
        /// <summary>
        /// Helper function to compute a hash value
        /// </summary>
        /// <param name="hashAlgorithm">The hashing algoirhtm used. If that algorithm needs some initialization, like HMAC and its derivatives, they should be initialized prior to passing it to this function</param>
        /// <param name="data">The data to hash</param>
        /// <returns>a Base64 string of the hash value</returns>
        private string ComputeHash(HashAlgorithm hashAlgorithm, string data)
        {
            if (hashAlgorithm == null)
            {
                throw new ArgumentNullException("hashAlgorithm");
            }
            if (string.IsNullOrEmpty(data))
            {
                throw new ArgumentNullException("data");
            }
            byte[] dataBuffer = System.Text.Encoding.ASCII.GetBytes(data);
            byte[] hashBytes = hashAlgorithm.ComputeHash(dataBuffer);
            return Convert.ToBase64String(hashBytes);
        }
        /// <summary>
        /// Internal function to cut out all non oauth query string parameters (all parameters not begining with "oauth_")
        /// </summary>
        /// <param name="parameters">The query string part of the Url</param>
        /// <returns>A list of QueryParameter each containing the parameter name and value</returns>
        private List<QueryParameter> GetQueryParameters(string parameters)
        {
            if (parameters.StartsWith("?"))
            {
                parameters = parameters.Remove(0, 1);
            }
            List<QueryParameter> result = new List<QueryParameter>();
            if (!string.IsNullOrEmpty(parameters))
            {
                string[] p = parameters.Split('&');
                foreach (string s in p)
                {
                    if (!string.IsNullOrEmpty(s) && !s.StartsWith(OAuthParameterPrefix))
                    {
                        if (s.IndexOf('=') > -1)
                        {
                            string[] temp = s.Split('=');
                            result.Add(new QueryParameter(temp[0], temp[1]));
                        }
                        else
                        {
                            result.Add(new QueryParameter(s, string.Empty));
                        }
                    }
                }
            }
            return result;
        }
        /// <summary>
        /// This is a different Url Encode implementation since the default .NET one outputs the percent encoding in lower case.
        /// While this is not a problem with the percent encoding spec, it is used in upper case throughout OAuth
        /// </summary>
        /// <param name="value">The value to Url encode</param>
        /// <returns>Returns a Url encoded string</returns>
        public string UrlEncode(string value)
        {
            StringBuilder result = new StringBuilder();
            foreach (char symbol in value)
            {
                if (unreservedChars.IndexOf(symbol) != -1)
                {
                    result.Append(symbol);
                }
                else
                {
                    result.Append('%' + String.Format("{0:X2}", (int)symbol));
                }
            }
            return result.ToString();
        }
        /// <summary>
        /// Normalizes the request parameters according to the spec
        /// </summary>
        /// <param name="parameters">The list of parameters already sorted</param>
        /// <returns>a string representing the normalized parameters</returns>
        protected string NormalizeRequestParameters(IList<QueryParameter> parameters)
        {
            StringBuilder sb = new StringBuilder();
            QueryParameter p = null;
            for (int i = 0; i < parameters.Count; i++)
            {
                p = parameters[i];
                sb.AppendFormat("{0}={1}", p.Name, p.Value);
                if (i < parameters.Count - 1)
                {
                    sb.Append("&");
                }
            }
            return sb.ToString();
        }


        /// <summary>
        /// Generate the signature base that is used to produce the signature
        /// </summary>
        /// <param name="url">The full url that needs to be signed including its non OAuth url parameters</param>
        /// <param name="consumerKey">The consumer key</param>        
        /// <param name="token">The token, if available. If not available pass null or an empty string</param>
        /// <param name="tokenSecret">The token secret, if available. If not available pass null or an empty string</param>
        /// <param name="httpMethod">The http method used. Must be a valid HTTP method verb (POST,GET,PUT, etc)</param>
        /// <param name="signatureType">The signature type. To use the default values use <see cref="OAuthBase.SignatureTypes">OAuthBase.SignatureTypes</see>.</param>
        /// <returns>The signature base</returns>
        public string GenerateSignatureBase(Uri url, string consumerKey, string token, string tokenSecret, string httpMethod, string timeStamp, string nonce, string verifier, string signatureType, out string normalizedUrl, out string normalizedRequestParameters)
        {
            if (token == null)
            {
                token = string.Empty;
            }


            if (tokenSecret == null)
            {
                tokenSecret = string.Empty;
            }


            if (string.IsNullOrEmpty(consumerKey))
            {
                throw new ArgumentNullException("consumerKey");
            }


            if (string.IsNullOrEmpty(httpMethod))
            {
                throw new ArgumentNullException("httpMethod");
            }


            if (string.IsNullOrEmpty(signatureType))
            {
                throw new ArgumentNullException("signatureType");
            }


            normalizedUrl = null;
            normalizedRequestParameters = null;


            List<QueryParameter> parameters = GetQueryParameters(url.Query);
            parameters.Add(new QueryParameter(OAuthVersionKey, OAuthVersion));
            parameters.Add(new QueryParameter(OAuthNonceKey, nonce));
            parameters.Add(new QueryParameter(OAuthTimestampKey, timeStamp));
            parameters.Add(new QueryParameter(OAuthSignatureMethodKey, signatureType));
            parameters.Add(new QueryParameter(OAuthConsumerKeyKey, consumerKey));


            if (!string.IsNullOrEmpty(token))
            {
                parameters.Add(new QueryParameter(OAuthTokenKey, token));
            }
            if (!string.IsNullOrEmpty(verifier))
            {
                parameters.Add(new QueryParameter(OAuthVerifier, verifier));
            }
            parameters.Sort(new QueryParameterComparer());
            normalizedUrl = string.Format("{0}://{1}", url.Scheme, url.Host);
            if (!((url.Scheme == "http" && url.Port == 80) || (url.Scheme == "https" && url.Port == 443)))
            {
                normalizedUrl += ":" + url.Port;
            }
            normalizedUrl += url.AbsolutePath;
            normalizedRequestParameters = NormalizeRequestParameters(parameters);


            StringBuilder signatureBase = new StringBuilder();
            signatureBase.AppendFormat("{0}&", httpMethod.ToUpper());
            signatureBase.AppendFormat("{0}&", UrlEncode(normalizedUrl));
            signatureBase.AppendFormat("{0}", UrlEncode(normalizedRequestParameters));


            return signatureBase.ToString();
        }


        /// <summary>
        /// Generate the signature value based on the given signature base and hash algorithm
        /// </summary>
        /// <param name="signatureBase">The signature based as produced by the GenerateSignatureBase method or by any other means</param>
        /// <param name="hash">The hash algorithm used to perform the hashing. If the hashing algorithm requires initialization or a key it should be set prior to calling this method</param>
        /// <returns>A base64 string of the hash value</returns>
        public string GenerateSignatureUsingHash(string signatureBase, HashAlgorithm hash)
        {
            return ComputeHash(hash, signatureBase);
        }


        /// <summary>
        /// Generates a signature using the HMAC-SHA1 algorithm
        /// </summary>        
        /// <param name="url">The full url that needs to be signed including its non OAuth url parameters</param>
        /// <param name="consumerKey">The consumer key</param>
        /// <param name="consumerSecret">The consumer seceret</param>
        /// <param name="token">The token, if available. If not available pass null or an empty string</param>
        /// <param name="tokenSecret">The token secret, if available. If not available pass null or an empty string</param>
        /// <param name="httpMethod">The http method used. Must be a valid HTTP method verb (POST,GET,PUT, etc)</param>
        /// <returns>A base64 string of the hash value</returns>
        public string GenerateSignature(Uri url, string consumerKey, string consumerSecret, string token, string tokenSecret, string httpMethod, string timeStamp, string nonce, string verifier, out string normalizedUrl, out string normalizedRequestParameters)
        {
            return GenerateSignature(url, consumerKey, consumerSecret, token, tokenSecret, httpMethod, timeStamp, nonce, verifier, SignatureTypes.HMACSHA1, out normalizedUrl, out normalizedRequestParameters);
        }


        /// <summary>
        /// Generates a signature using the specified signatureType 
        /// </summary>        
        /// <param name="url">The full url that needs to be signed including its non OAuth url parameters</param>
        /// <param name="consumerKey">The consumer key</param>
        /// <param name="consumerSecret">The consumer seceret</param>
        /// <param name="token">The token, if available. If not available pass null or an empty string</param>
        /// <param name="tokenSecret">The token secret, if available. If not available pass null or an empty string</param>
        /// <param name="httpMethod">The http method used. Must be a valid HTTP method verb (POST,GET,PUT, etc)</param>
        /// <param name="signatureType">The type of signature to use</param>
        /// <returns>A base64 string of the hash value</returns>
        public string GenerateSignature(Uri url, string consumerKey, string consumerSecret, string token, string tokenSecret, string httpMethod, string timeStamp, string nonce, string verifier, SignatureTypes signatureType, out string normalizedUrl, out string normalizedRequestParameters)
        {
            normalizedUrl = null;
            normalizedRequestParameters = null;


            switch (signatureType)
            {
                case SignatureTypes.PLAINTEXT:
                    return HttpUtility.UrlEncode(string.Format("{0}&{1}", consumerSecret, tokenSecret));
                case SignatureTypes.HMACSHA1:
                    string signatureBase = GenerateSignatureBase(url, consumerKey, token, tokenSecret, httpMethod, timeStamp, nonce, verifier, HMACSHA1SignatureType, out normalizedUrl, out normalizedRequestParameters);


                    HMACSHA1 hmacsha1 = new HMACSHA1();
                    hmacsha1.Key = Encoding.ASCII.GetBytes(string.Format("{0}&{1}", UrlEncode(consumerSecret), string.IsNullOrEmpty(tokenSecret) ? "" : UrlEncode(tokenSecret)));


                    return GenerateSignatureUsingHash(signatureBase, hmacsha1);
                case SignatureTypes.RSASHA1:
                    throw new NotImplementedException();
                default:
                    throw new ArgumentException("Unknown signature type", "signatureType");
            }
        }


        /// <summary>
        /// Generate the timestamp for the signature        
        /// </summary>
        /// <returns></returns>
        public virtual string GenerateTimeStamp()
        {
            // Default implementation of UNIX time of the current UTC time
            TimeSpan ts = DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0, 0);
            return Convert.ToInt64(ts.TotalSeconds).ToString();
        }


        /// <summary>
        /// Generate a nonce
        /// </summary>
        /// <returns></returns>
        public virtual string GenerateNonce()
        {
            // Just a simple implementation of a random number between 123400 and 9999999
            return random.Next(123400, 9999999).ToString();
        }

        public  string GetMD5Hash(string input)
        {
            string returnStr = string.Empty;
            //MD5 md5 = new MD5CryptoServiceProvider();
            //byte[] res = md5.ComputeHash(Encoding.UTF8.GetBytes(input), 0, input.Length);
            //char[] temp = new char[res.Length];
            //System.Array.Copy(res, temp, res.Length);
            //return new String(temp);

            //MD5 md5 = new MD5CryptoServiceProvider();
            //byte[] res = md5.ComputeHash(Encoding.UTF8.GetBytes(input), 0, input.Length);
            //for (int i = 0; i < res.Length; i++)
            //{
            //    returnStr += res[i].ToString("x").PadLeft(2, '0');
            //}
            //return returnStr;

//MD5 md5 = MD5.Create();
//byte[] s = md5.ComputeHash(Encoding.Default.GetBytes(input)); // 加密后是一个字节类型的数组
//for (int i = 0; i < s.Length; i++) // 通过使用循环,将字节类型的数组转换为字符串,此字符串是常规字符格式化所得
//{
// // 将得到的字符串使用十六进制类型格式。格式后的字符是小写的字母,如果使用大写(X)则格式后的字符是大写字符
// returnStr = returnStr + s[i].ToString("x");
//}


MD5 md5 = new MD5CryptoServiceProvider();
byte[] output = md5.ComputeHash(Encoding.Default.GetBytes(input));
returnStr = BitConverter.ToString(output).Replace("-", "");

return returnStr;

        } 
    }
}

  


<a href="/Home/TianyaLogin"><img src="http://open.tianya.cn/static/wiki/tylogin24.png" /></a>

 

可以使用如下的解析方法:

UserInfo = JsonHelper.JsonToObject<PassportTianya>(userInfo);
                context.User = new PassportUser();
                context.User.UserId = UserInfo.UserID;
                context.User.UserName = UserInfo.UserName;

  返回信息如下 :

 

{"user":{"user_id":803868404,"user_name":"ciotogur","register_date":"2113-03-08","head":"http:\/\/tx.tianyaui.com\/logo\/man\/80388404","sex":"\u7537","isvip":0,"birthday":"1983-02-03","province":"\u56db\u5ddd","location":"\u4e50\u5c71\u5e02","describe":"","hometown":null}}

posted @ 2013-05-13 17:42  Care健康  阅读(315)  评论(0编辑  收藏  举报
版权
作者:Bober Song

出处:http://bober.cnblogs.com

Care健康:http://www.aicareyou.com

推荐空间:华夏名网

本文首发博客园,版权归作者跟博客园共有。

转载必须保留本段声明,并在页面显著位置给出本文链接,否则保留追究法律责任的权利。