无需调用“令牌”方法即可在asp网中获取访问令牌

时间:2016-02-20 08:54:44

标签: asp.net angularjs asp.net-web-api facebook-login access-token

我正在开发一个可以使用Asp.Net WebAPI通过社交网络登录的网站。 在我的网站,客户端部分我使用Facebook登录SDK,按照Facebook网站上的说明,并获得我的facebook帐户的帐户。 我编写了一个服务(Angular服务)并调用服务器以使用Facebook用户ID登录我的网站。

function loginExternal(LoginProvider, ProviderKey)
    {
        var data = {
            'LoginProvider':LoginProvider,
            'ProviderKey':ProviderKey
        }
        return $http({
            method:'POST',
            url:url,
            data:data
        });
    }

在服务器中,我在AccountController.cs中编写了一个新方法,该方法将接收来自客户端的请求,检查帐户并返回该帐户的访问令牌。

  

// POST api / Account / LoginExternal 

//POST api/Account/LoginExternal
            [AllowAnonymous]
            [Route("LoginExternal")]
            public async Task<IHttpActionResult> LoginExternal(UserLoginInfoViewModel model)
            {
                ApplicationUser user = await UserManager.FindAsync(new UserLoginInfo(model.LoginProvider,
                   model.ProviderKey));

                bool hasRegistered = user != null;

                if (hasRegistered)//has the account in database
                {
                    Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);

                    ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(UserManager,
                       OAuthDefaults.AuthenticationType);
                    ClaimsIdentity cookieIdentity = await user.GenerateUserIdentityAsync(UserManager,
                        CookieAuthenticationDefaults.AuthenticationType);

                    AuthenticationProperties properties = ApplicationOAuthProvider.CreateProperties(user);

                    Authentication.SignIn(properties, oAuthIdentity, cookieIdentity);
                }
                else //dont have the account database - not implemented
                {
                }
                return Ok();
            }

此时,我可以检查该帐户是否存在于数据库中。但是,我不知道如何在此方法中返回与此帐户对应的access_token?之前,当我想登录本地帐户时,我必须致电服务器

  

本地主机:8080 /令牌

并通过帐户名和密码,响应将返回access_token。但是我怎么能用这种方法呢?

1 个答案:

答案 0 :(得分:0)

我想我找到了解决方案。请看看我的答案。 :)

   //POST api/Account/LoginExternal
        [AllowAnonymous]
        [Route("LoginExternal")]
        public async Task<IHttpActionResult> LoginExternal(UserLoginInfoViewModel model)
        {
            ApplicationUser user = await UserManager.FindAsync(new UserLoginInfo(model.LoginProvider,
               model.ProviderKey));

            bool hasRegistered = user != null;

            if (hasRegistered)//has the account in database
            {
                Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);

                ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(UserManager,
                   OAuthDefaults.AuthenticationType);
                ClaimsIdentity cookieIdentity = await user.GenerateUserIdentityAsync(UserManager,
                    CookieAuthenticationDefaults.AuthenticationType);

                AuthenticationProperties properties = ApplicationOAuthProvider.CreateProperties(user);
                //Create an access_token with expire time 14 days
                AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, new AuthenticationProperties());
                DateTime currentUtc = DateTime.UtcNow;
                ticket.Properties.IssuedUtc = currentUtc;
                ticket.Properties.ExpiresUtc = currentUtc.Add(TimeSpan.FromDays(14));
                string accessToken = Startup.OAuthOptions.AccessTokenFormat.Protect(ticket);

                Authentication.SignIn(properties, oAuthIdentity, cookieIdentity);
                return Ok(accessToken);//Return Access_token to client
            }
            else //dont have the account database - not implemented
            {

            }

        }
相关问题
最新问题