I created a Web API application with OAuth token authentication. This worked without problems when the token server was running in the same application as the service. However, I would like to move the authorization service to my application (VS project) and use it in several web API projects I'm working on. However, when I isolated the authorization logic in my own project, the original service no longer processes tokens created as valid. My question is: is it possible for one web API project to generate a token to validate another? Here is my OWIN startup code for both the auth service and the source service
Auth Service:
public void Configuration(IAppBuilder app) { // For more information on how to configure your application, visit http://go.microsoft.com/fwlink/?LinkID=316888 HttpConfiguration config = new HttpConfiguration(); ConfigureOAuth(app); WebApiConfig.Register(config); app.UseWebApi(config); app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll); } private void ConfigureOAuth(IAppBuilder app) { OAuthAuthorizationServerOptions OAuthServerOptions = new OAuthAuthorizationServerOptions() { AllowInsecureHttp = true, TokenEndpointPath = new PathString("/token"), AccessTokenExpireTimeSpan = TimeSpan.FromDays(1), Provider = new SimpleAuthorizationServerProvider() }; // Token Generation app.UseOAuthAuthorizationServer(OAuthServerOptions); app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions()); }
Original Service:
public void Configuration(IAppBuilder app) { ConfigureOAuth(app);
source share