OWIN external login token

Question

OWIN external login token

I use owin for my application, Web Api2 for working with data and MVC5 for viewing.

     static Startup()
    {
        PublicClientId = "self";

        UserManagerFactory = () => new UserManager<User, int>(new UserRepository());
        OAuthOptions = new OAuthAuthorizationServerOptions
        {
            TokenEndpointPath = new PathString("/Account/Token"),
            AuthorizeEndpointPath = new PathString("/Account/ExternalLogin"),
            Provider = new ApplicationOAuthProvider(PublicClientId, UserManagerFactory),
            RefreshTokenProvider = new SimpleRefreshTokenProvider(),
            AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(59),
            AllowInsecureHttp = true,
        };

    }

When does a user log in via / Token? username = x & password = x & grant_type = password , does it generate a carrier token with a GUID update for the future update token / Token? grant_type = refresh_token , everything works okey.

Facebook .., , Facebook ( ..), GUID, , /Token? username & password, , Scope , , .

?

enter image description here

+4

c# asp.net owin

Andrian Durlestean 03 . '14 9:18

2

:

accesstoken.
- , : Startup.OAuthOptions.RefreshTokenFormat Startup.OAuthOptions.AccessTokenFormat
- decryptionstage
getexternallogin, : OAuthAuthorizationServerProvider

public override Task AuthorizationEndpointResponse(OAuthAuthorizationEndpointResponseContext context)
{
            var refreshToken = context.OwinContext.Authentication.AuthenticationResponseGrant.Properties.Dictionary["refresh_token"];

        if (!string.IsNullOrEmpty(refreshToken))
        {
            context.AdditionalResponseParameters.Add("refresh_token", refreshToken);
        }
        return base.AuthorizationEndpointResponse(context);
}

+1

Wouter Crooy 30 . '15 15:01

Andrian Durlestean · Accepted Answer · 2014-07-03T12:15:46+0000

garnt_type = password:

refresh, AuthroizationServer

     public class SimpleRefreshTokenProvider : IAuthenticationTokenProvider
    {
        private static ConcurrentDictionary<string, AuthenticationTicket> _refreshTokens =
            new ConcurrentDictionary<string, AuthenticationTicket>();

        public async Task CreateAsync(AuthenticationTokenCreateContext context)
        {.......}
        public async Task ReceiveAsync(AuthenticationTokenReceiveContext context)
        {.......}
    }

AccountController :

    public AccountController()
        : this(Startup.UserManagerFactory(), Startup.OAuthOptions.AccessTokenFormat)
    {
    }

    public AccountController(UserManager<User, int> userManager, ISecureDataFormat<AuthenticationTicket> accessTokenFormat)
    {
        UserManager = userManager;
        AccessTokenFormat = accessTokenFormat;
        UserManager.UserValidator = new CustomUserValidator<User>(UserManager);
    }

AuthenticationTokenCreateContext RefreshTokenProvider, Refresh Guid _refreshTokens, , refreshGuid, . Identity ExternalUser

        ClaimsIdentity oAuthIdentity = await UserManager.CreateIdentityAsync(user,
        OAuthDefaults.AuthenticationType);
        AuthenticationProperties properties = ApplicationOAuthProvider.CreateProperties(user.Id.ToString());
        oAuthIdentity.AddClaim(new Claim("TokenGuid", Guid.NewGuid().ToString()));
        var ticket = new AuthenticationTicket(oAuthIdentity, properties);
        await Startup.OAuthOptions.RefreshTokenProvider.CreateAsync(new AuthenticationTokenCreateContext(Request.GetOwinContext(), AccessTokenFormat, ticket));
        Authentication.SignIn(properties, oAuthIdentity);

, TokenGuid RefreshTokenProvider, GUID, /Token? grant_type = refresh_token.....

P.S. , .

OWIN external login token

More articles: