All geek questions in one place

App.UseOAuthBearerTokens with ASP.NET Identity 2.0 DbContext Middleware?

Edit: after progressing, I can narrow the scope of questions:

What changes should be made to startup.auth.cs and ApplicationOAuthProvider.cs in the VS2013 SPA template (using ASP.NET 1.0 identifier) ​​in order to transfer it to ASP.NET identifier 2.0?

Edit 2: I have further simplified this question. How can I use app.UseOAuthBearerTokens with ASP.NET Identity 2.0 middleware to retrieve DbContext?

        app.UseOAuthBearerTokens(new Microsoft.Owin.Security.OAuth.OAuthAuthorizationServerOptions()
            {
                //What goes here??
            });

(There is no example in this example.)

There are significant differences from V1.0 to V2.0alpha identification systems Asp.net. There is an example that shows how to use V2:

https://aspnet.codeplex.com/SourceControl/latest (see Samples-> Identification-> Change PK)

but this example is not MVC or SPA. In doing so, I have an application that was created from the VS2013 ASP.NET SPA application (which includes Identity 1.0). I tried to implement the code in the sample inside my MVC application, but I don’t understand which code from the SPA VS2013 template was removed in favor of the code from the sample.

The question is different, does anyone have any recommendations for implementing the alpha version of ASP.NET 2.0 in an ASP.NET MVC application? (Ideally, with steps for moving from the VS2013 MVC SPA template that uses the 1.0 identifier)

+2
source share
2

, - WEBAPI MVC Cookie, :

cookie ASP.NET Identity 2.0, .

, OWIN UseOAuthBearerAuthentication UseCookieAuthentication ( , Cookie auth , MVC) WEBAPI Cookies .

Startup.Auth.cs

OAuthBearerOptions = new OAuthBearerAuthenticationOptions();

//This will used the HTTP header: "Authorization" Value: "Bearer 1234123412341234asdfasdfasdfasdf"
app.UseOAuthBearerAuthentication(OAuthBearerOptions);
// Enable the application to use a cookie to store information for the signed in user
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
    AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
    LoginPath = new PathString("/Account/Login")
});

HostAuthenticationFilter , OWIN:

WebApiConfig.cs

config.SuppressDefaultHostAuthentication();
//This will used the HTTP header: "Authorization" Value: "Bearer 1234123412341234asdfasdfasdfasdf"
config.Filters.Add(new HostAuthenticationFilter("Bearer"));

:

var identity = new ClaimsIdentity(Startup.OAuthBearerOptions.AuthenticationType);
identity.AddClaim(new Claim(ClaimTypes.Name, user));
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, userIdentity.Id));
AuthenticationTicket ticket = new AuthenticationTicket(identity, new AuthenticationProperties());
var currentUtc = new SystemClock().UtcNow;
ticket.Properties.IssuedUtc = currentUtc;
ticket.Properties.ExpiresUtc = currentUtc.Add(TimeSpan.FromMinutes(30));
string AccessToken = Startup.OAuthBearerOptions.AccessTokenFormat.Protect(ticket);
return AccessToken;
+7

SPA UserManager , 2.0 Identity.

OAuthOptions = new OAuthAuthorizationServerOptions
            {
                TokenEndpointPath = new PathString("/Token"),
                Provider = new ApplicationOAuthProvider(PublicClientId, () => HttpContext.Current.GetOwinContext().Get<ApplicationUserManager>()),
                AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"),
                AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
                AllowInsecureHttp = false
            };

ApplicationOauthProvider, : https://gist.github.com/s093294/9076631 ( , )

, :

app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);


        OAuthOptions = new OAuthAuthorizationServerOptions
        {
            TokenEndpointPath = new PathString("/Token"),
            Provider = new ApplicationOAuthProvider<ApplicationUserManager,ApplicationUser,Guid>(PublicClientId),
            AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"),
            AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
            AllowInsecureHttp = false
        };
+3

Source: https://habr.com/ru/post/1540565/

More articles:


All Articles