使用ASP.NET WebAPI实现OAuth

时间:2016-02-05 10:47:48

标签: asp.net-web-api oauth

你好朋友我想问你,任何人都有一个例子在ASP.Net web api中集成oAuth而不集成任何软件包或实体框架 ??我搜索了很多但是找到使用nuget包和其他包的各种方式,但我需要使用简单的第三方调用的方式,因为我需要.net以及java api的授权。任何人都可以帮助我。

提前致谢...

1 个答案:

答案 0 :(得分:1)

是的,你可以这样做,我在我的web api中使用web api 2项目中的oAuth实现了这个。

首先,配置一个带有oauth的asp.net项目,因为我们将把一些文件带入web api项目。

以下是步骤: 1)在web api中,添加一个名为“IdentityConfig.cs”的新类文件。

该类将具有:ApplicationUser,ApplicationUserManager,ApplicationSignInManager和ApplicationDbContext类。

2)确保上面的这些类在您的api名称空间下,以便可以通过所有控制器访问它。

// Configure the application user manager which is used in this api.
    public class ApplicationUser : IdentityUser
    {

        #region custom properties

        public string Name { get; set; }
        public int? ZipCode { get; set; }
        public long? CountryId { get; set; }
        public bool IsDeleted { get; set; }
        public bool EmailConfirmed { get; set; }
        public DateTime CreatedDate { get; set; }
        public long UserId { get; set; }

        #endregion

        public async Task<ClaimsIdentity> GenerateUserIdentityAsync(UserManager<ApplicationUser> manager)
        {
            // Note the authenticationType must match the one defined in CookieAuthenticationOptions.AuthenticationType
            var userIdentity = await manager.CreateIdentityAsync(this, DefaultAuthenticationTypes.ApplicationCookie);
            // Add custom user claims here
            return userIdentity;
        }
    }
    public class ApplicationUserManager : UserManager<ApplicationUser>
    {
        public ApplicationUserManager(IUserStore<ApplicationUser> store)
            : base(store)
        {
        }

        public static ApplicationUserManager Create(IdentityFactoryOptions<ApplicationUserManager> options, IOwinContext context)
        {
            var manager = new ApplicationUserManager(new UserStore<ApplicationUser>(context.Get<ApplicationDbContext>()));
            // Configure validation logic for usernames
            manager.UserValidator = new UserValidator<ApplicationUser>(manager)
            {
                AllowOnlyAlphanumericUserNames = false,
                RequireUniqueEmail = true
            };

            // Configure validation logic for passwords
            manager.PasswordValidator = new PasswordValidator
            {
                RequiredLength = 6,
                RequireNonLetterOrDigit = false,
                RequireDigit = false,
                RequireLowercase = true,
                RequireUppercase = false,
            };

            // Configure user lockout defaults
            manager.UserLockoutEnabledByDefault = true;
            manager.DefaultAccountLockoutTimeSpan = TimeSpan.FromMinutes(5);
            manager.MaxFailedAccessAttemptsBeforeLockout = 5;

            // Register two factor authentication providers. This application uses Phone and Emails as a step of receiving a code for verifying the user
            // You can write your own provider and plug it in here.
            manager.RegisterTwoFactorProvider("Phone Code", new PhoneNumberTokenProvider<ApplicationUser>
            {
                MessageFormat = "Your security code is {0}"
            });
            manager.RegisterTwoFactorProvider("Email Code", new EmailTokenProvider<ApplicationUser>
            {
                Subject = "Security Code",
                BodyFormat = "Your security code is {0}"
            });
            manager.EmailService = new EmailService();
            //manager.SmsService = new SmsService();
            var dataProtectionProvider = options.DataProtectionProvider;
            if (dataProtectionProvider != null)
            {
                manager.UserTokenProvider =
                    new DataProtectorTokenProvider<ApplicationUser>(dataProtectionProvider.Create("ASP.NET Identity"));
            }
            return manager;
        }
    }

    // Configure the application sign-in manager which is used in this api.
    public class ApplicationSignInManager : SignInManager<ApplicationUser, string>
    {
        public ApplicationSignInManager(ApplicationUserManager userManager, IAuthenticationManager authenticationManager)
            : base(userManager, authenticationManager)
        {
        }

        public override Task<ClaimsIdentity> CreateUserIdentityAsync(ApplicationUser user)
        {
            return user.GenerateUserIdentityAsync((ApplicationUserManager)UserManager);
        }

        public static ApplicationSignInManager Create(IdentityFactoryOptions<ApplicationSignInManager> options, IOwinContext context)
        {
            return new ApplicationSignInManager(context.GetUserManager<ApplicationUserManager>(), context.Authentication);
        }
    }
    public class ApplicationDbContext : IdentityDbContext<ApplicationUser>
    {
        public ApplicationDbContext()
            : base("DBCONNECTIONKEY", throwIfV1Schema: false)
        {
        }

        public static ApplicationDbContext Create()
        {
            return new ApplicationDbContext();
        }



    }

注意:DBCONNECTIONKEY是web.config

中连接字符串的键

3)将Startup.cs文件添加到web api的根目录。从asp.net中的现有逻辑中复制逻辑。随意根据web api项目中的需要调整配置上下文属性。

4)使用这些类中的对象来登录用户,并使用asp.net web app中的管理器应用程序用户对象。

这就是全部:)

希望这有帮助。

相关问题
最新问题