找不到ApplicationOAuthProvider和HostAuthenticationFilter

时间:2015-04-15 23:18:04

标签: asp.net-web-api2

在WebApi 2授权的至少一些文章(即http://www.asp.net/web-api/overview/security/individual-accounts-in-web-api)中描述了它们的用法,但我找不到包含它们所需的参考资料。我确实引用了Microsoft.Owin / Owin.Security / Owin.Security.OAuth。

帮助?

2 个答案:

答案 0 :(得分:4)

我已通过安装Microsoft.AspNet.WebApi.Owin软件包解决了HostAuthenticationFilter问题。

请检查 How do I get System.Web.Http.Owin?

答案 1 :(得分:0)

默认情况下,它放置在您项目的根文件夹中的Providers/ApplicationOAuthProvider.cs
ApplicationOAuthProvider继承自OAuthAuthorizationServerProvider类。
这是实现:

public class ApplicationOAuthProvider : OAuthAuthorizationServerProvider
{
    private readonly string _publicClientId;

    public ApplicationOAuthProvider(string publicClientId)
    {
        //TODO: Pull from configuration
        if (publicClientId == null)
        {
            throw new ArgumentNullException(nameof(publicClientId));
        }

        _publicClientId = publicClientId;
    }

    public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
    {
        var userManager = context.OwinContext.GetUserManager();

        var user = await userManager.FindAsync(context.UserName, context.Password);

        if (user == null)
        {
            context.SetError("invalid_grant", "The user name or password is incorrect.");
            return;
        }

        ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(userManager,
            OAuthDefaults.AuthenticationType);
        ClaimsIdentity cookiesIdentity = await user.GenerateUserIdentityAsync(userManager,
            CookieAuthenticationDefaults.AuthenticationType);

        AuthenticationProperties properties = CreateProperties(user.UserName);
        AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, properties);
        context.Validated(ticket);
        context.Request.Context.Authentication.SignIn(cookiesIdentity);
    }

    public override Task TokenEndpoint(OAuthTokenEndpointContext context)
    {
        foreach (KeyValuePair<string, string> property in context.Properties.Dictionary)
        {
            context.AdditionalResponseParameters.Add(property.Key, property.Value);
        }

        return Task.FromResult(null);
    }

    public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
    {
        // Resource owner password credentials does not provide a client ID.
        if (context.ClientId == null)
        {
            context.Validated();
        }

        return Task.FromResult(null);
    }

    public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
    {
        if (context.ClientId == _publicClientId)
        {
            Uri expectedRootUri = new Uri(context.Request.Uri, "/");

            if (expectedRootUri.AbsoluteUri == context.RedirectUri)
            {
                context.Validated();
            }
        }

        return Task.FromResult(null);
    }

    public static AuthenticationProperties CreateProperties(string userName)
    {
        IDictionary<string, string> data = new Dictionary<string, string>
        {
            { "userName", userName }
        };
        return new AuthenticationProperties(data);
    }
}
相关问题
最新问题