How to check the carrier token in DotNetOpenAuth

Question

How to check the carrier token in DotNetOpenAuth

I am trying to find documentation for DotNetOpenAuth on how to do this.

I know that the client sends the carrier token, but how can I check it (except for checking it in the corresponding header). How can I confirm its validity or has it expired? Is there a hook to let DotNetOpenAuth do this for me? I do not see this.

Thanks.

+4

oauth oauth-2.0 dotnetopenauth

jeff.eynon Jun 13 '13 at 13:24

source share

1 answer

jeff.eynon · Accepted Answer · 2013-06-17T20:46:44+0000

So, I figured it out. Hope this helps anyone who finds this.

Part of this I was n00b for OAuth. I set up my authorization server just fine, but did not understand (at first) that ResourceServer is responsible for checking the token and confirming that access to the requested resource is still valid. Once I realized this, it was easy to find the ResourceServer class in DONA, and you can parse the BEARER marker with two lines of code:

ResourceServer server = new ResourceServer(new StandardAccessTokenAnalyzer(signingKey, encryptionKey)); AccessToken token = server.GetAccessToken();

The returned token will have the date it was released, and the user to whom it was issued, as well as any requests to the scope to check access.

Hope this helps someone like me who struggled with this!

How to check the carrier token in DotNetOpenAuth

More articles: