使用Owin的Twitter外部登录提供HTTP 403(禁止)
ASP.NET MVC 5项目。
Owin版本4.0.0.0
Startup.Auth
app.UseTwitterAuthentication( consumerKey: "somekey", consumerSecret: "someSecretKey"); ExternalLogin方法中发生exception
例外:响应状态代码不表示成功:403(禁止)。
以下是回调url
仅供参考:网站是真实的,并且工作没有问题,Twitter登录在几周前工作,但是现在,突然,开始失败,出现上一个错误。
堆栈跟踪
[HttpRequestException: Response status code does not indicate success: 403 (Forbidden).] System.Net.Http.HttpResponseMessage.EnsureSuccessStatusCode() +121834 Microsoft.Owin.Security.Twitter.d__23.MoveNext() +2387 System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31 System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60 Microsoft.Owin.Security.Twitter.d__12.MoveNext() +1091 System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31 System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60 Microsoft.Owin.Security.Infrastructure.d__b.MoveNext() +376 System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31 System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60 Microsoft.Owin.Security.Infrastructure.d__8.MoveNext() +475 System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31 System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60 Microsoft.Owin.Security.Infrastructure.d__5.MoveNext() +215 System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31 System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60 Microsoft.Owin.Security.Infrastructure.d__0.MoveNext() +968 System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31 System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60 Microsoft.Owin.Security.Infrastructure.d__0.MoveNext() +768 System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31 System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60 Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.d__5.MoveNext() +197 System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31 System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60 Microsoft.Owin.Security.Infrastructure.d__0.MoveNext() +768 System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31 System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60 Microsoft.Owin.Security.Infrastructure.d__0.MoveNext() +768 System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31 System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60 Microsoft.Owin.Security.Infrastructure.d__0.MoveNext() +768 System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31 System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60 Microsoft.Owin.Security.Infrastructure.d__0.MoveNext() +768 System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31 System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60 Microsoft.Owin.Security.Infrastructure.d__0.MoveNext() +768 System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31 System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60 Microsoft.Owin.Security.Infrastructure.d__0.MoveNext() +768 System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31 System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60 Microsoft.Owin.Security.Infrastructure.d__0.MoveNext() +768 System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31 System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60 Microsoft.AspNet.Identity.Owin.d__0.MoveNext() +448 System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31 System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60 Microsoft.AspNet.Identity.Owin.d__0.MoveNext() +448 System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31 System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60 Microsoft.AspNet.Identity.Owin.d__0.MoveNext() +448 System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31 System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60 Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.d__5.MoveNext() +197 System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31 System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60 Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.d__2.MoveNext() +184 System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31 Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.StageAsyncResult.End(IAsyncResult ar) +117 System.Web.c__DisplayClass11_0.b__0() +41 System.Web.AsyncEventExecutionStep.InvokeEndHandler(IAsyncResult ar) +151 System.Web.AsyncEventExecutionStep.OnAsyncEventCompletion(IAsyncResult ar) +156
我们在过去一两周内遇到过类似的问题,发现Twitter虽然之前没有validation回调url,但已经开始检查它。
Twitter的登录流程如下:
- 客户端呼叫您的后端。
- 后端使用回调URL,密钥等调用Twitter API。
- Twitter发布登录URL。
- 由于挑战,后端会将客户端重定向到登录URL。
- 客户端在Twitter上登录(并授权应用程序)
- Twitter重定向到回调url(通常是
https://www.example.com/signin-twitter除非您指定其他callbackPath) - 后端收到Twitter令牌。
回调URLvalidation发生在#2,如果失败,将返回403给客户端。
我在你的图像中注意到你的callbackPath是/twittersignin但是你没有在ASP.NET端配置它,所以ASP.NET正在使用/signin-twitter 。 您应该在Twitter上更新您的回调URL(通过开发人员门户网站)以反映这一点。
- 通过HttpClient使用外部REST Web服务的存储库模式示例?
- DDD域模型复杂validation
- 未找到Visual Studio 2015上的ASP.NET 5 addMvc方法
- MVC 6 Controller中的ControllerContext和ViewEngines属性在哪里?
- MVC相当于Webforms“UrlAuthorizationModule.CheckUrlAccessForPrincipal”
- 将模型传递给Html.Action
- 使用Razor的FormsAuthentication无效
- 在ASP.NET中使用dependency injection和工厂模式传递服务
- ASP.NET MVC中的配置约定