All geek questions in one place

Without using IdentityServer, I want to authenticate a WebApi application with another ASP.NET MVC application that has a user database

I have an Asp.Net MVC project that has users (for this I used Asp.Net Identity 2), and I have another Asp.Net WebApi service.

I want to provide WebApi authentication to provide access only for Asp.Net MVC users to get to the endpoints, and I don't want to use IdentityServer3 for this purpose.

Asp.Net MVC Startup.Auth.cs:

public void ConfigureAuth(IAppBuilder app)
{
    // Configure the db context, user manager and signin manager to use a single instance per request
    app.CreatePerOwinContext(ApplicationDbContext.Create);
    app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);
    app.CreatePerOwinContext<ApplicationSignInManager>(ApplicationSignInManager.Create);


    // Enable the application to use a cookie to store information for the signed in user
    // and to use a cookie to temporarily store information about a user logging in with a third party login provider
    // Configure the sign in cookie
    app.UseCookieAuthentication(new CookieAuthenticationOptions
    {
        AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
        LoginPath = new PathString("/Account/Login"),
        Provider = new CookieAuthenticationProvider
        {
            // Enables the application to validate the security stamp when the user logs in.
            // This is a security feature which is used when you change a password or add an external login to your account.  
            OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
                validateInterval: TimeSpan.FromMinutes(30),
                regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
        }
    });     

}

I think I should use a Bearar token and a JWT token, and I can use the Identityure Identity Model on the WebApi side for this, but I was looking to find a clear way that describes how to do this, but I did not find?

, , , SAML, JWT OAuth 2, ?

+6

:

Source: https://habr.com/ru/post/1016070/

More articles:


All Articles