基于 Owin 令牌的身份验证

Question

我创建了一个 asp.net web api 应用程序。我已经实现了 OAuth 承载令牌生成。访问令牌生成良好。我正在使用邮递员在本地进行测试。问题是当我为另一个用户生成令牌时，授权被拒绝。

这是我的 AuthorizationServerProvaider

公共类 APIAuthorizationServerProvaider : OAuthAuthorizationServerProvider {

    private readonly string _publicClientId;

    public APIAuthorizationServerProvaider(string publicClientId)
    {
        if (publicClientId == null)
        {
            throw new ArgumentNullException("publicClientId");
        }

        _publicClientId = publicClientId;
    }
    public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
    {
        if (context.ClientId == null)
            context.Validated();

        return Task.FromResult<object>(null);
    }

    public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
    {
        AuthRepository authRepository = new AuthRepository();
        bool Valid = authRepository.ValidateUser(context.UserName,
context.Password);
        if (Valid)
        {
            var userName = authRepository.GetUsername(context.UserName);
            var id = authRepository.GetID(context.UserName);
            var claims = new List<Claim>()
            {
                new Claim(ClaimTypes.Name, userName),
                new Claim("Id", id.ToString()),
            };
            var data = new Dictionary<string, string>
            {
                { "userName", userName },
                { "id", id.ToString() },
            };
            var properties = new AuthenticationProperties(data);
            ClaimsIdentity oAuthIdentity = new ClaimsIdentity(claims,
                    Startup.OAuthOptions.AuthenticationType);
            var ticket = new AuthenticationTicket(oAuthIdentity, properties);
            context.Validated(ticket);
        }

        else
        {
            context.SetError("invalid_grant", "The user name or password is incorrect.");
            return;
        }
    }
    public override Task ValidateClientRedirectUri
    (OAuthValidateClientRedirectUriContext context)
    {
        if (context.ClientId == _publicClientId)
        {
            Uri expectedRootUri = new Uri(context.Request.Uri, "/");

            if (expectedRootUri.AbsoluteUri == context.RedirectUri)
            {
                context.Validated();
            }
        }

        return Task.FromResult<object>(null);
    }

    public override Task TokenEndpoint(OAuthTokenEndpointContext context)
    {
        foreach (KeyValuePair<string, string> property in context.Properties.Dictionary)
        {
            context.AdditionalResponseParameters.Add(property.Key, property.Value);
        }
        return Task.FromResult<object>(null);
    }

    public override Task GrantRefreshToken(OAuthGrantRefreshTokenContext context)
    {
        var newIdentity = new ClaimsIdentity(context.Ticket.Identity);

        var newTicket = new AuthenticationTicket(newIdentity, context.Ticket.Properties);
        context.Validated(newTicket);

        return Task.FromResult<object>(null);
    }

    public interface IAuthenticationTokenProvider
    {
        void Create(AuthenticationTokenCreateContext context);
        Task CreateAsync(AuthenticationTokenCreateContext context);
        void Receive(AuthenticationTokenReceiveContext context);
        Task ReceiveAsync(AuthenticationTokenReceiveContext context);
    }

} 

Start.cs

公开课启动 {

    public void Configuration(IAppBuilder app)
    {
        ConfigureOAuth(app);
        var config = new HttpConfiguration();
        WebApiConfig.Register(config);
        app.UseWebApi(config);
    }
    public static OAuthAuthorizationServerOptions OAuthOptions { get; private set; }
    public static string PublicClientId { get; private set; }
    public const string TokenEndpointPath = "/api/token";
    public void ConfigureOAuth(IAppBuilder app)
    {
        app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll);
        
        PublicClientId = "self";
       OAuthOptions = new OAuthAuthorizationServerOptions
        {
            AllowInsecureHttp = true,
            TokenEndpointPath = new PathString(TokenEndpointPath),
           AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(10),
            Provider = new APIAuthorizationServerProvaider(PublicClientId),
           RefreshTokenProvider = new OAuthCustomRefreshTokenProvider(),
           AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie
       };
        app.UseOAuthAuthorizationServer(OAuthOptions);
        app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
       
        
    }
}