天涯登陆
using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Web.Mvc; using TuShuo.Entities; using System.Text; using System.Security.Cryptography; using System.Net; using System.IO; namespace CiCeng.TuSHuo.Controllers { [OutputCache(Duration = 10)] public class HomeController : Controller { #region 天涯登陆 OAuthBase oAuth = new OAuthBase(); string apiKey = "eec726c9d1229f362572ea2fc714bd5405190424c";//申请的App Key string apiKeySecret = "81627367756ca2df73dd14502d25ba4b";//申请的App Secret string requestTokenUri = "http://open.tianya.cn/oauth/request_token.php"; string AUTHORIZE = "http://open.tianya.cn/oauth/authorize.php"; string ACCESS_TOKEN = "http://open.tianya.cn/oauth/access_token.php"; string ACCESS_User = "http://open.tianya.cn/api/user/info.php"; public ActionResult TianyaLogin() { Uri uri = new Uri(requestTokenUri); string nonce = oAuth.GenerateNonce();//获取随机生成的字符串,防止攻击 string timeStamp = oAuth.GenerateTimeStamp();//发起请求的时间戳 string normalizeUrl, normalizedRequestParameters; // 签名 string sig = oAuth.GenerateSignature(uri, apiKey, apiKeySecret, string.Empty, string.Empty, "GET", timeStamp, nonce, string.Empty, out normalizeUrl, out normalizedRequestParameters); sig = HttpUtility.UrlEncode(sig); //构造请求Request Token的url StringBuilder sb = new StringBuilder(uri.ToString()); sb.AppendFormat("?oauth_consumer_key={0}&", apiKey); sb.AppendFormat("oauth_nonce={0}&", nonce); sb.AppendFormat("oauth_signature={0}&", sig); sb.AppendFormat("oauth_signature_method={0}&", "HMAC-SHA1"); sb.AppendFormat("oauth_timestamp={0}&", timeStamp); sb.AppendFormat("oauth_version={0}", "1.0"); //请求Request Token HttpWebRequest request = (HttpWebRequest)WebRequest.Create(sb.ToString()); HttpWebResponse response = (HttpWebResponse)request.GetResponse(); StreamReader stream = new StreamReader(response.GetResponseStream(), System.Text.Encoding.UTF8); string responseBody = stream.ReadToEnd(); stream.Close(); response.Close(); int intOTS = responseBody.IndexOf("oauth_token="); int intOTSS = responseBody.IndexOf("&oauth_token_secret="); Session["oauth_token"] = responseBody.Substring(intOTS + 12, intOTSS - (intOTS + 12)); string oauth_token_secret = responseBody.Substring((intOTSS + 20), responseBody.Length - (intOTSS + 20)); oauth_token_secret = oauth_token_secret.Substring(0, oauth_token_secret.IndexOf('&'));//Session["oauth_token_secret"] = return Redirect(AUTHORIZE + "?oauth_token=" + Session["oauth_token"] + "&consumer_key=" + apiKey + "&oauth_callback=" + HttpUtility.UrlEncode(Request.UrlReferrer.ToString() + "?oauth_token_secret=" + oauth_token_secret)); //return View(); } public ActionResult Login() { if (!string.IsNullOrEmpty(Request["oauth_verifier"])) { string oauth_verifier = Request["oauth_verifier"].ToString(); string requestToken = Request["oauth_token"].ToString(); string oauth_token_secret = Request["oauth_token_secret"].ToString(); Uri uri = new Uri(ACCESS_TOKEN); string nonce = oAuth.GenerateNonce(); string timeStamp = oAuth.GenerateTimeStamp(); string normalizeUrl, normalizedRequestParameters; // 签名 string sig = oAuth.GenerateSignature( uri, apiKey, apiKeySecret, requestToken, oauth_token_secret,//Session["oauth_token_secret"].ToString(), "Get", timeStamp, nonce, oauth_verifier, out normalizeUrl, out normalizedRequestParameters); sig = oAuth.UrlEncode(sig); //构造请求Access Token的url StringBuilder sb = new StringBuilder(uri.ToString()); sb.AppendFormat("?oauth_consumer_key={0}&", apiKey); sb.AppendFormat("oauth_nonce={0}&", nonce); sb.AppendFormat("oauth_timestamp={0}&", timeStamp); sb.AppendFormat("oauth_signature_method={0}&", "HMAC-SHA1"); sb.AppendFormat("oauth_version={0}&", "1.0"); sb.AppendFormat("oauth_signature={0}&", sig); sb.AppendFormat("oauth_token={0}&", requestToken); sb.AppendFormat("oauth_verifier={0}", oauth_verifier); //请求Access Token HttpWebRequest request = (HttpWebRequest)WebRequest.Create(sb.ToString()); HttpWebResponse response = (HttpWebResponse)request.GetResponse(); StreamReader stream = new StreamReader(response.GetResponseStream(), System.Text.Encoding.UTF8); string responseBody = stream.ReadToEnd(); stream.Close(); response.Close(); int intOTS = responseBody.IndexOf("oauth_token="); int intOTSS = responseBody.IndexOf("&oauth_token_secret="); string oauth_token = responseBody.Substring(intOTS + 12, intOTSS - (intOTS + 12)); oauth_token_secret = responseBody.Substring(responseBody.LastIndexOf('=')+1); ViewBag.Content = GetContent(oauth_token, oauth_token_secret); } return View(); } private string GetContent(string requestToken, string oauth_token_secret) { Uri uri = new Uri(ACCESS_User); string nonce = oAuth.GenerateNonce(); string timeStamp = oAuth.GenerateTimeStamp(); StringBuilder sb = new StringBuilder(uri.ToString()); sb.AppendFormat("?appkey={0}&", apiKey); sb.AppendFormat("oauth_token={0}&", requestToken); sb.AppendFormat("oauth_token_secret={0}&", oauth_token_secret); sb.AppendFormat("timestamp={0}", timeStamp); string tempKey = timeStamp + apiKey + requestToken + oauth_token_secret + apiKeySecret; tempKey = oAuth.GetMD5Hash(tempKey); sb.AppendFormat("&tempkey={0}", tempKey.ToUpper()); HttpWebRequest request = (HttpWebRequest)WebRequest.Create(sb.ToString()); HttpWebResponse response = (HttpWebResponse)request.GetResponse(); StreamReader stream = new StreamReader(response.GetResponseStream(), System.Text.Encoding.UTF8); string responseBody = stream.ReadToEnd(); stream.Close(); response.Close(); return responseBody; } #endregion } public class OAuthBase { /// <summary> /// Provides a predefined set of algorithms that are supported officially by the protocol /// </summary> public enum SignatureTypes { HMACSHA1, PLAINTEXT, RSASHA1 } /// <summary> /// Provides an internal structure to sort the query parameter /// </summary> protected class QueryParameter { private string name = null; private string value = null; public QueryParameter(string name, string value) { this.name = name; this.value = value; } public string Name { get { return name; } } public string Value { get { return value; } } } /// <summary> /// Comparer class used to perform the sorting of the query parameters /// </summary> protected class QueryParameterComparer : IComparer<QueryParameter> { #region IComparer<QueryParameter> Members public int Compare(QueryParameter x, QueryParameter y) { if (x.Name == y.Name) { return string.Compare(x.Value, y.Value); } else { return string.Compare(x.Name, y.Name); } } #endregion } #region param protected const string OAuthVersion = "1.0"; protected const string OAuthParameterPrefix = "oauth_"; // // List of know and used oauth parameters' names // protected const string OAuthConsumerKeyKey = "oauth_consumer_key"; protected const string OAuthCallbackKey = "oauth_callback"; protected const string OAuthVersionKey = "oauth_version"; protected const string OAuthSignatureMethodKey = "oauth_signature_method"; protected const string OAuthSignatureKey = "oauth_signature"; protected const string OAuthVerifier = "oauth_verifier"; protected const string OAuthTimestampKey = "oauth_timestamp"; protected const string OAuthNonceKey = "oauth_nonce"; protected const string OAuthTokenKey = "oauth_token"; protected const string OAuthTokenSecretKey = "oauth_token_secret"; protected const string HMACSHA1SignatureType = "HMAC-SHA1"; protected const string PlainTextSignatureType = "PLAINTEXT"; protected const string RSASHA1SignatureType = "RSA-SHA1"; #endregion protected Random random = new Random(); protected string unreservedChars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-_.~"; /// <summary> /// Helper function to compute a hash value /// </summary> /// <param name="hashAlgorithm">The hashing algoirhtm used. If that algorithm needs some initialization, like HMAC and its derivatives, they should be initialized prior to passing it to this function</param> /// <param name="data">The data to hash</param> /// <returns>a Base64 string of the hash value</returns> private string ComputeHash(HashAlgorithm hashAlgorithm, string data) { if (hashAlgorithm == null) { throw new ArgumentNullException("hashAlgorithm"); } if (string.IsNullOrEmpty(data)) { throw new ArgumentNullException("data"); } byte[] dataBuffer = System.Text.Encoding.ASCII.GetBytes(data); byte[] hashBytes = hashAlgorithm.ComputeHash(dataBuffer); return Convert.ToBase64String(hashBytes); } /// <summary> /// Internal function to cut out all non oauth query string parameters (all parameters not begining with "oauth_") /// </summary> /// <param name="parameters">The query string part of the Url</param> /// <returns>A list of QueryParameter each containing the parameter name and value</returns> private List<QueryParameter> GetQueryParameters(string parameters) { if (parameters.StartsWith("?")) { parameters = parameters.Remove(0, 1); } List<QueryParameter> result = new List<QueryParameter>(); if (!string.IsNullOrEmpty(parameters)) { string[] p = parameters.Split('&'); foreach (string s in p) { if (!string.IsNullOrEmpty(s) && !s.StartsWith(OAuthParameterPrefix)) { if (s.IndexOf('=') > -1) { string[] temp = s.Split('='); result.Add(new QueryParameter(temp[0], temp[1])); } else { result.Add(new QueryParameter(s, string.Empty)); } } } } return result; } /// <summary> /// This is a different Url Encode implementation since the default .NET one outputs the percent encoding in lower case. /// While this is not a problem with the percent encoding spec, it is used in upper case throughout OAuth /// </summary> /// <param name="value">The value to Url encode</param> /// <returns>Returns a Url encoded string</returns> public string UrlEncode(string value) { StringBuilder result = new StringBuilder(); foreach (char symbol in value) { if (unreservedChars.IndexOf(symbol) != -1) { result.Append(symbol); } else { result.Append('%' + String.Format("{0:X2}", (int)symbol)); } } return result.ToString(); } /// <summary> /// Normalizes the request parameters according to the spec /// </summary> /// <param name="parameters">The list of parameters already sorted</param> /// <returns>a string representing the normalized parameters</returns> protected string NormalizeRequestParameters(IList<QueryParameter> parameters) { StringBuilder sb = new StringBuilder(); QueryParameter p = null; for (int i = 0; i < parameters.Count; i++) { p = parameters[i]; sb.AppendFormat("{0}={1}", p.Name, p.Value); if (i < parameters.Count - 1) { sb.Append("&"); } } return sb.ToString(); } /// <summary> /// Generate the signature base that is used to produce the signature /// </summary> /// <param name="url">The full url that needs to be signed including its non OAuth url parameters</param> /// <param name="consumerKey">The consumer key</param> /// <param name="token">The token, if available. If not available pass null or an empty string</param> /// <param name="tokenSecret">The token secret, if available. If not available pass null or an empty string</param> /// <param name="httpMethod">The http method used. Must be a valid HTTP method verb (POST,GET,PUT, etc)</param> /// <param name="signatureType">The signature type. To use the default values use <see cref="OAuthBase.SignatureTypes">OAuthBase.SignatureTypes</see>.</param> /// <returns>The signature base</returns> public string GenerateSignatureBase(Uri url, string consumerKey, string token, string tokenSecret, string httpMethod, string timeStamp, string nonce, string verifier, string signatureType, out string normalizedUrl, out string normalizedRequestParameters) { if (token == null) { token = string.Empty; } if (tokenSecret == null) { tokenSecret = string.Empty; } if (string.IsNullOrEmpty(consumerKey)) { throw new ArgumentNullException("consumerKey"); } if (string.IsNullOrEmpty(httpMethod)) { throw new ArgumentNullException("httpMethod"); } if (string.IsNullOrEmpty(signatureType)) { throw new ArgumentNullException("signatureType"); } normalizedUrl = null; normalizedRequestParameters = null; List<QueryParameter> parameters = GetQueryParameters(url.Query); parameters.Add(new QueryParameter(OAuthVersionKey, OAuthVersion)); parameters.Add(new QueryParameter(OAuthNonceKey, nonce)); parameters.Add(new QueryParameter(OAuthTimestampKey, timeStamp)); parameters.Add(new QueryParameter(OAuthSignatureMethodKey, signatureType)); parameters.Add(new QueryParameter(OAuthConsumerKeyKey, consumerKey)); if (!string.IsNullOrEmpty(token)) { parameters.Add(new QueryParameter(OAuthTokenKey, token)); } if (!string.IsNullOrEmpty(verifier)) { parameters.Add(new QueryParameter(OAuthVerifier, verifier)); } parameters.Sort(new QueryParameterComparer()); normalizedUrl = string.Format("{0}://{1}", url.Scheme, url.Host); if (!((url.Scheme == "http" && url.Port == 80) || (url.Scheme == "https" && url.Port == 443))) { normalizedUrl += ":" + url.Port; } normalizedUrl += url.AbsolutePath; normalizedRequestParameters = NormalizeRequestParameters(parameters); StringBuilder signatureBase = new StringBuilder(); signatureBase.AppendFormat("{0}&", httpMethod.ToUpper()); signatureBase.AppendFormat("{0}&", UrlEncode(normalizedUrl)); signatureBase.AppendFormat("{0}", UrlEncode(normalizedRequestParameters)); return signatureBase.ToString(); } /// <summary> /// Generate the signature value based on the given signature base and hash algorithm /// </summary> /// <param name="signatureBase">The signature based as produced by the GenerateSignatureBase method or by any other means</param> /// <param name="hash">The hash algorithm used to perform the hashing. If the hashing algorithm requires initialization or a key it should be set prior to calling this method</param> /// <returns>A base64 string of the hash value</returns> public string GenerateSignatureUsingHash(string signatureBase, HashAlgorithm hash) { return ComputeHash(hash, signatureBase); } /// <summary> /// Generates a signature using the HMAC-SHA1 algorithm /// </summary> /// <param name="url">The full url that needs to be signed including its non OAuth url parameters</param> /// <param name="consumerKey">The consumer key</param> /// <param name="consumerSecret">The consumer seceret</param> /// <param name="token">The token, if available. If not available pass null or an empty string</param> /// <param name="tokenSecret">The token secret, if available. If not available pass null or an empty string</param> /// <param name="httpMethod">The http method used. Must be a valid HTTP method verb (POST,GET,PUT, etc)</param> /// <returns>A base64 string of the hash value</returns> public string GenerateSignature(Uri url, string consumerKey, string consumerSecret, string token, string tokenSecret, string httpMethod, string timeStamp, string nonce, string verifier, out string normalizedUrl, out string normalizedRequestParameters) { return GenerateSignature(url, consumerKey, consumerSecret, token, tokenSecret, httpMethod, timeStamp, nonce, verifier, SignatureTypes.HMACSHA1, out normalizedUrl, out normalizedRequestParameters); } /// <summary> /// Generates a signature using the specified signatureType /// </summary> /// <param name="url">The full url that needs to be signed including its non OAuth url parameters</param> /// <param name="consumerKey">The consumer key</param> /// <param name="consumerSecret">The consumer seceret</param> /// <param name="token">The token, if available. If not available pass null or an empty string</param> /// <param name="tokenSecret">The token secret, if available. If not available pass null or an empty string</param> /// <param name="httpMethod">The http method used. Must be a valid HTTP method verb (POST,GET,PUT, etc)</param> /// <param name="signatureType">The type of signature to use</param> /// <returns>A base64 string of the hash value</returns> public string GenerateSignature(Uri url, string consumerKey, string consumerSecret, string token, string tokenSecret, string httpMethod, string timeStamp, string nonce, string verifier, SignatureTypes signatureType, out string normalizedUrl, out string normalizedRequestParameters) { normalizedUrl = null; normalizedRequestParameters = null; switch (signatureType) { case SignatureTypes.PLAINTEXT: return HttpUtility.UrlEncode(string.Format("{0}&{1}", consumerSecret, tokenSecret)); case SignatureTypes.HMACSHA1: string signatureBase = GenerateSignatureBase(url, consumerKey, token, tokenSecret, httpMethod, timeStamp, nonce, verifier, HMACSHA1SignatureType, out normalizedUrl, out normalizedRequestParameters); HMACSHA1 hmacsha1 = new HMACSHA1(); hmacsha1.Key = Encoding.ASCII.GetBytes(string.Format("{0}&{1}", UrlEncode(consumerSecret), string.IsNullOrEmpty(tokenSecret) ? "" : UrlEncode(tokenSecret))); return GenerateSignatureUsingHash(signatureBase, hmacsha1); case SignatureTypes.RSASHA1: throw new NotImplementedException(); default: throw new ArgumentException("Unknown signature type", "signatureType"); } } /// <summary> /// Generate the timestamp for the signature /// </summary> /// <returns></returns> public virtual string GenerateTimeStamp() { // Default implementation of UNIX time of the current UTC time TimeSpan ts = DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0, 0); return Convert.ToInt64(ts.TotalSeconds).ToString(); } /// <summary> /// Generate a nonce /// </summary> /// <returns></returns> public virtual string GenerateNonce() { // Just a simple implementation of a random number between 123400 and 9999999 return random.Next(123400, 9999999).ToString(); } public string GetMD5Hash(string input) { string returnStr = string.Empty; //MD5 md5 = new MD5CryptoServiceProvider(); //byte[] res = md5.ComputeHash(Encoding.UTF8.GetBytes(input), 0, input.Length); //char[] temp = new char[res.Length]; //System.Array.Copy(res, temp, res.Length); //return new String(temp); //MD5 md5 = new MD5CryptoServiceProvider(); //byte[] res = md5.ComputeHash(Encoding.UTF8.GetBytes(input), 0, input.Length); //for (int i = 0; i < res.Length; i++) //{ // returnStr += res[i].ToString("x").PadLeft(2, '0'); //} //return returnStr;
//MD5 md5 = MD5.Create();
//byte[] s = md5.ComputeHash(Encoding.Default.GetBytes(input)); // 加密后是一个字节类型的数组
//for (int i = 0; i < s.Length; i++) // 通过使用循环,将字节类型的数组转换为字符串,此字符串是常规字符格式化所得
//{
// // 将得到的字符串使用十六进制类型格式。格式后的字符是小写的字母,如果使用大写(X)则格式后的字符是大写字符
// returnStr = returnStr + s[i].ToString("x");
//}
MD5 md5 = new MD5CryptoServiceProvider();
byte[] output = md5.ComputeHash(Encoding.Default.GetBytes(input));
returnStr = BitConverter.ToString(output).Replace("-", "");
return returnStr;
} } }
<a href="/Home/TianyaLogin"><img src="http://open.tianya.cn/static/wiki/tylogin24.png" /></a>
可以使用如下的解析方法:
UserInfo = JsonHelper.JsonToObject<PassportTianya>(userInfo); context.User = new PassportUser(); context.User.UserId = UserInfo.UserID; context.User.UserName = UserInfo.UserName;
返回信息如下 :
{"user":{"user_id":803868404,"user_name":"ciotogur","register_date":"2113-03-08","head":"http:\/\/tx.tianyaui.com\/logo\/man\/80388404","sex":"\u7537","isvip":0,"birthday":"1983-02-03","province":"\u56db\u5ddd","location":"\u4e50\u5c71\u5e02","describe":"","hometown":null}}
出处:http://bober.cnblogs.com/
CARE健康网: http://www.aicareyou.com/
本文版权归作者和博客园共有,欢迎转载,但未经作者同意必须保留此段声明,且在文章页面明显位置给出原文连接,否则保留追究法律责任的权利。