使用带有ASP.Net标识的Autofac将ApplicationUserManager传递给ApplicationOAuthProvider

时间:2014-10-14 22:07:02

标签: asp.net-web-api dependency-injection inversion-of-control autofac asp.net-identity-2

我正在使用ASP.Net Identity,并希望通过以下文章将ApplicationUserManager服务添加到我的所有自定义控制器:How to plug my Autofac container into ASP. NET Identity 2.1

这在我的控制器中完美运行,但是当我尝试通过在我的API上调用localhost:xxxx / token来创建令牌时。下面是调用的方法,但context.OwinContext.GetUserManager返回null。

我尝试将ApplicationUserManager注入ApplicationOAuthProvider,但无法成功。你能指点我正确的方向吗?

编辑:10/15

好的,所以我已经进一步了,但我仍然陷入困境。我能够使用以下内容初始化类:

    var x = new DatabaseContext();
    var store = new UserStore<ApplicationUser>(x);
    var options = new IdentityFactoryOptions<ApplicationUserManager>()
    {
        DataProtectionProvider = new Microsoft.Owin.Security.DataProtection.DpapiDataProtectionProvider("ApplicationName")
    };

    builder.Register<DatabaseContext>(c => x);
    builder.Register<UserStore<ApplicationUser>>(c => store).AsImplementedInterfaces();
    builder.Register<IdentityFactoryOptions<ApplicationUserManager>>(c => options);
    builder.RegisterType<ApplicationUserManager>();

    builder.Register<ApplicationOAuthProvider>(c => new ApplicationOAuthProvider("self", new ApplicationUserManager(store, options))).As<IOAuthAuthorizationServerProvider>();

这允许我将ApplicationUserManager传递给我的ApplicationOAuthProvider构造函数。在Startup.Auth配置中,我使用以下内容初始化Provider:

OAuthOptions = new OAuthAuthorizationServerOptions
        {
            TokenEndpointPath = new PathString("/Token"),
            Provider = (IOAuthAuthorizationServerProvider)GlobalConfiguration.Configuration.DependencyResolver.GetService(typeof(IOAuthAuthorizationServerProvider)),
            AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"),
            AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
            AllowInsecureHttp = true
        };

这让我更接近解决方案,但仍有两个问题。

第一种是当我在API上调用/ token时userManager.FindAsync(context.UserName, context.Password)返回空值,但userManager.FindByEmailAsync(context.UserName)返回正确的用户。我最初的想法是密码错误,但我确定它与我注册的密码相同。

第二个问题,如果我在我的AccountController上调用register,然后调用/ token,我得到一个无法访问已处置的对象。对象名称:&#39; UserStore&#39; 错误。所以我认为这意味着我没有在我的Bootstrapper文件中正确初始化ApplicationOAuthProvider

非常感谢任何指导。谢谢!

1 个答案:

答案 0 :(得分:2)

我终于找到了解决方案 第一个解决方案: 第一:更改你的bootstrap autofac类 你应该添加singleInstance();避免按请求依赖性错误 [没有标记匹配的范围'AutofacWebRequest'] 

   builder.RegisterType<DatabaseContext>().AsSelf().SingleInstance();
   builder.Register<IdentityFactoryOptions<ApplicationUserManager>>(c => new IdentityFactoryOptions<ApplicationUserManager>() { DataProtectionProvider = new DpapiDataProtectionProvider("your app name") });
   builder.RegisterType<ApplicationUserManager>().AsSelf().SingleInstance();
   // to resolve applicationUserManager  
   builder.Register(c=>new ApplicationOAuthProvider(c.Resolve<ApplicationUserManager>())).AsImplementedInterfaces().SingleInstance();
   builder.Register(c => new UserStore<ApplicationUser>(c.Resolve<DatabaseContext>())).AsImplementedInterfaces().SingleInstance();
   builder.Register(c => HttpContext.Current.GetOwinContext().Authentication).As<IAuthenticationManager>();

第二:在Startup.cs中 将删除GlobalConfiguration.configuration.DependencyResolver,因为它总是给null。所以我将使用autofac容器解析器,但应该从lifetimescope使用它,这个容器从你的bootstrap autofac配置方法返回

OAuthOptions = new OAuthAuthorizationServerOptions
    {
        TokenEndpointPath = new PathString("/Token"),
        Provider = container.BeginLifetimeScope().Resolve<IOAuthAuthorizationServerProvider>(),
        AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"),
        AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
        AllowInsecureHttp = true
    };

第三:在你的 ApplicationOAuthProvider 类中添加构造函数,将applicationUserManager作为参数

这解决了我在搜索两天后的null错误,无法找到答案,希望有所帮助。

第二个解决方案:因为 SingleInstance()不适合企业应用程序,因此您可以对所有registerTypes使用 InstancePerRequest(); 

   builder.RegisterType<DatabaseContext>().AsSelf().InstancePerRequest();
   builder.Register<IdentityFactoryOptions<ApplicationUserManager>>(c => new IdentityFactoryOptions<ApplicationUserManager>() { DataProtectionProvider = new DpapiDataProtectionProvider("your app name") });
   builder.RegisterType<ApplicationUserManager>().AsSelf().InstancePerRequest();
   // to resolve applicationUserManager  
   builder.Register(c=>new ApplicationOAuthProvider(c.Resolve<ApplicationUserManager>())).AsImplementedInterfaces().InstancePerRequest();
   builder.Register(c => new UserStore<ApplicationUser>(c.Resolve<DatabaseContext>())).AsImplementedInterfaces().InstancePerRequest();
   builder.Register(c => HttpContext.Current.GetOwinContext().Authentication).As<IAuthenticationManager>();

在Startup.cs 

 OAuthOptions = new OAuthAuthorizationServerOptions
    {
        TokenEndpointPath = new PathString("/Token"),
       // will instantiate new one to avoid Single Instance for resolving
       Provider = new CustomOAuthProvider(new ApplicationUserManager(new UserStore<Entities.ApplicationUser>(new DataContext()),
        AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"),
        AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
        AllowInsecureHttp = true
    };

CustomOAuthProvider类 

using Microsoft.AspNet.Identity.Owin;
using Microsoft.Owin.Security;
using Microsoft.Owin.Security.OAuth;
using System.Security.Claims;
using System.Threading.Tasks;

public class CustomOAuthProvider:OAuthAuthorizationServerProvider
{
    private ApplicationUserManager _appUserManager;
    public CustomOAuthProvider(ApplicationUserManager appUserManager)
    {
        this._appUserManager = appUserManager;
    }



    public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
    {
        var allowedOrigin = "*";

        context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin });


        var userManager = new ApplicationUserManager(new    Microsoft.AspNet.Identity.EntityFramework.UserStore<AppUser>(new      Data.DataContext()),new IdentityFactoryOptions<ApplicationUserManager>(),new Data.Repositories.SettingRepository(new Data.Infrastructure.DbFactory()));

       AppUser user = await userManager.FindAsync(context.UserName, context.Password);

        if (user == null)
        {
            context.SetError("invalid_grant", "Invalid username or password.");
            return;
        }
        if (!user.IsActive)
        {
            context.SetError("invalid_activation", "Inactive account, contact support.");
            return;
        }

        if (!user.EmailConfirmed)
        {
            context.SetError("invalid_grant", "User did not confirm email.");
            return;
        }


        ClaimsIdentity oAuthIdentity = await userManager.GenerateUserIdentityAsync(user, "JWT");

        AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, null);
        context.Validated(ticket);

    }


    public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
    {
        if (context.ClientId == null)
        {
            context.Validated();

        }

        return Task.FromResult<object>(null);
    }



}
相关问题
最新问题