c# - Identity 2.0 Web API generate token for client -


i developing asp.net web api application. need authenticate users login , password , return string token in response. need have attribute [authorize] working.

i tried investigate, how using bearertoken mechanism, without success. please provide working code example.

you need configure authorization server (in case authorization server , resource server) issue access tokens , consume them. can done using owin middle-ware defining , end point should sent user credentials (resource owner flow) grant_type = password. validate credentials , provide access token tied expire date configure.

public class startup {     public void configuration(iappbuilder app)     {         configureoauth(app);         //rest of code here;     }      public void configureoauth(iappbuilder app)     {         oauthauthorizationserveroptions oauthserveroptions = new oauthauthorizationserveroptions()         {             allowinsecurehttp = true,             tokenendpointpath = new pathstring("/token"),             accesstokenexpiretimespan = timespan.fromdays(1),             provider = new simpleauthorizationserverprovider()         };          // token generation         app.useoauthauthorizationserver(oauthserveroptions);         // token consumption         app.useoauthbearerauthentication(new oauthbearerauthenticationoptions());      } }

now need define class named simpleauthorizationserverprovider , validate credentials in method grantresourceownercredentials code below:

public class simpleauthorizationserverprovider : oauthauthorizationserverprovider {     public override async task validateclientauthentication(oauthvalidateclientauthenticationcontext context)     {         context.validated();     }      public override async task grantresourceownercredentials(oauthgrantresourceownercredentialscontext context)     {          context.owincontext.response.headers.add("access-control-allow-origin", new[] { "*" });          using (authrepository _repo = new authrepository())         {             identityuser user = await _repo.finduser(context.username, context.password);              if (user == null)             {                 context.seterror("invalid_grant", "the user name or password incorrect.");                 return;             }         }          var identity = new claimsidentity(context.options.authenticationtype);         identity.addclaim(new claim("sub", context.username));         identity.addclaim(new claim("role", "user"));          context.validated(identity);      } }

i highly recommend read post here have understanding components installing , how flow works.


Comments

Post a Comment

Popular posts from this blog

php - Submit Form Data without Reloading page -

i know question has been asked , answered bunch of times life of me can not solution work on code. believe if redo code, work properly, , in retrospect time i've spent on issue should have redone code...but beyond deadline , have working prototype up... can advise how update multiple forms on single page without reloading page? horrible @ php , complete noob js/jquery/ajax @ best. html/php in single file , believe causing me problems/is largest obstacle @ getting ajax form processing work. basically, want users to: select teams multiple dropdowns in form group 1 (league champs) , on update update db newly selected team without reloadding page. edit team scores per match , on score submit/update, update db new scores. for each requirement there multiple forms (1 each leagues, 1 each per match) have set class on each form id. everything works via php, form submission reloads page each time submitted , not ideal. i have tried ajax code here http://scotch.io/tutoria...
Read more

linux - Rails running on virtual machine in Windows -

the reason why want switch ubuntu people said gems works better on linux on windows. i don't want macbook pro rails development since love windows , cannot stand lack of apps mac. moreover, people saying ubuntu "better" mac: http://www.reddit.com/r/ubuntu/comments/1bgj1s/are_there_advantages_of_ubuntu_over_os_x_for/ does virtual box work enough doesn't have lag @ all? using i7-3517u cpu 8gb memory. need program in environment lag-free , not sluggish. or there alternatives recommend? i unsure permission settings or complicated stuffs regarding terminal. i'll using terminal develop. i'm still quite new here development in linux. please kind me >< thanks. @holyxiaoxin pretty sure should asking on superuser instead. nevertheless, suggest install ubuntu in partition instead of running virtual machine. here's guide https://help.ubuntu.com/community/windowsdualboot also, yes. developing in virtual machine accurate, @ end experiment w...
Read more