授权属性验证OAuth承载令牌

时间:2016-07-29 13:43:08

标签: asp.net asp.net-mvc oauth asp.net-mvc-5 bearer-token

我坚持使用OAuth令牌授权。我已经配置了OAuth,我有自己的OAuth服务器提供商。

配置代码:

print(leadrep)
##   Rank Share Issues
##3     3   2.1      3
##2     1   1.2      7
##21    2   1.8      4

服务器提供商:

use database

当我发送:db = client.db(database)到OAuth令牌端点undefined method 'db' for #<Mongo::Client:0x29473968 cluster=127.0.0.1:27017> (NoMethodError)时,它很好地创建了我的OAuth承载令牌。但是从这里开始,我不知道如何使用这个生成的令牌,存储它(如何获取它),以及如何使用ASP.NET MVC控制器上的 OAuthAuthorizationServerOptions OAuthServerOptions = new OAuthAuthorizationServerOptions() { AllowInsecureHttp = true, TokenEndpointPath = new PathString("/token"), AuthorizeEndpointPath = new PathString("/authorize"), AccessTokenExpireTimeSpan = TimeSpan.FromHours(1), Provider = new SimpleAuthorizationServerProvider() }; app.UseOAuthAuthorizationServer(OAuthServerOptions); app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions()); 属性进行成功验证。我只是想使用我生成的令牌,当我从一个视图转到另一个视图时,具有 public class SimpleAuthorizationServerProvider : OAuthAuthorizationServerProvider { public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context) { context.Validated(); } public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" }); using (AuthRepository _repo = new AuthRepository()) { IdentityUser user = await _repo.FindUser(context.UserName, context.Password); if (user == null) { context.SetError("invalid_grant", "The user name or password is incorrect."); return; } } var identity = new ClaimsIdentity(context.Options.AuthenticationType); identity.AddClaim(new Claim("sub", context.UserName)); identity.AddClaim(new Claim("role", "user")); context.Validated(identity); } } 属性,并成功通过它。我怎么能做到这一点?

2 个答案:

答案 0 :(得分:1)

在“ SimpleAuthorizationServerProvider”类中添加新的替代功能。

public override Task TokenEndpoint(OAuthTokenEndpointContext context)
        {
            foreach (KeyValuePair<string, string> property in context.Properties.Dictionary)
            {
                context.AdditionalResponseParameters.Add(property.Key, property.Value);
            }

            return Task.FromResult<object>(null);
        }

然后您可以在json对象中获取令牌。

答案 1 :(得分:0)

实施以下工作流程: