Web API和MVC中的Azure移动服务令牌验证
[英]Azure Mobile Services token validation in Web API and MVC
问题描述
I have a Xamarin mobile app that uses the Azure Mobile Services SDK to authenticate a user against social providers. 
我有一个Xamarin移动应用程序,该应用程序使用Azure移动服务SDK来针对社交提供程序对用户进行身份验证。 I get the token and attach it to http request hitting my Web API ASP.NET application (that I'm deploying as an Azure Cloud Service) as a bearer token. 我获得了令牌并将其附加到http请求,该请求打到我的Web API ASP.NET应用程序(我正在将其部署为Azure云服务)作为承载令牌。
I need to validate the bearer token and get a ClaimsIdentity to work with in my ApiController. 我需要验证承载令牌并获得ClaimsIdentity以在我的ApiController中使用。 Do I need to use the Mobile Service .NET Backend nuget packages for this? 我是否需要为此使用移动服务.NET后端nuget包? How can I? 我怎样才能?
EDIT: 编辑:
Created an empty ASP.NET application Added a Web API controller
创建一个空的ASP.NET应用程序添加了一个Web API控制器 Installed Mobile Services .NET Backend nuget package
已安装的Mobile Services .NET Backend nuget程序包 Set appsettings values for keys MS_MobileServiceName, MS_MasterKey, MS_ApplicationKey from values in Azure Management Console
从Azure管理控制台中的值设置键MS_MobileServiceName,MS_MasterKey,MS_ApplicationKey的appsettings值 Set [AuthorizeLevel(AuthorizationLevel.User)] on my HttpGet operation in my ApiController
在我的ApiController的HttpGet操作上设置[AuthorizeLevel(AuthorizationLevel.User)] Cast User to ServiceUser
将用户转换为ServiceUser Create http request with bearer token from Google Auth thru Azure Mobile Service SDK
通过Azure移动服务SDK从Google Auth创建带有承载令牌的http请求 User is null!
用户为空!
1 个解决方案
解决方案1
0 2014-10-29 02:31:57
Use attributes such as 使用诸如
[AuthorizeLevel(AuthorizationLevel.Anonymous)]
[AuthorizeLevel(AuthorizationLevel.User)]
On the methods in your API to validate depending on which role you want. 在API中要验证的方法取决于所需角色。
Then use 然后使用
var currentUser = User as ServiceUser;
to get the current user in the method, if the AuthorizationLevel is not Anonymous. 如果AuthorizationLevel不是Anonymous,则在方法中获取当前用户。
And setup your AppSettings as necessary. 并根据需要设置您的AppSettings。 Change the MasterKey and ApplicationKey if you are testing the MobileService on localhost. 如果要在本地主机上测试MobileService,请更改MasterKey和ApplicationKey。
<appSettings>
<!-- Use these settings for local development. After publishing to
Mobile Services, these settings will be overridden by the values specified
in the portal. -->
<add key="MS_MobileServiceName" value="[NAME HERE]" />
<add key="MS_MasterKey" value="[INSERT HERE]" />
<add key="MS_ApplicationKey" value="[INSERT HERE]" />
<add key="MS_MicrosoftClientID" value="Overridden by portal settings" />
<add key="MS_MicrosoftClientSecret" value="Overridden by portal settings" />
<add key="MS_FacebookAppID" value="Overridden by portal settings" />
<add key="MS_FacebookAppSecret" value="Overridden by portal settings" />
<add key="MS_GoogleClientID" value="Overridden by portal settings" />
<add key="MS_GoogleClientSecret" value="Overridden by portal settings" />
<add key="MS_TwitterConsumerKey" value="Overridden by portal settings" />
<add key="MS_TwitterConsumerSecret" value="Overridden by portal settings" />
<add key="MS_AadClientID" value="Overridden by portal settings" />
<add key="MS_AadTenants" value="Overridden by portal settings" />
<!-- When using this setting, be sure to also set the Notification Hubs connection
string named "MS_NotificationHubConnectionString". -->
<add key="MS_NotificationHubName" value="Overridden by portal settings" />
<add key="Microsoft.ServiceBus.ConnectionString" value="Endpoint=sb://[your namespace].servicebus.windows.net;SharedSecretIssuer=owner;SharedSecretValue=[your secret]" />
</appSettings>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.