[英]MVC Frontend Identity JWT Token from custom Authentication server
I am have been stumbling around the web for the past day trying to figure out how I can attach an MVC ASP.NET 4.5 app to an authentication server that I created using examples posted on bitoftech.net ( http://bitoftech.net/2015/01/21/asp-net-identity-2-with-asp-net-web-api-2-accounts-management/ ) 在过去的一天里,我一直在网上徘徊,试图弄清楚如何将MVC ASP.NET 4.5应用程序附加到使用在bitoftech.net( http://bitoftech.net/ 2015/01/21 / asp-net-identity-2-with-asp-net-web-api-2-accounts-management / )
Now the authentication/webapi server itself is running well, I had to make some mods to get this working in MySQL but all in all it is working and protecting the webapi endpoints, so excellent on that part. 现在身份验证/ webapi服务器本身运行良好,我必须制作一些mod才能使其在MySQL中正常工作,但总的来说它正在运行并保护webapi端点,因此在这一方面非常出色。
But for the life of me I cannot figure out how to get an MVC app to simply use this token endpoint to consume tokens and authenticate users. 但是对于我一生,我无法弄清楚如何使MVC应用程序简单地使用此令牌终结点来使用令牌并验证用户身份。
I can make a call to the token api as part of a login form and receive the token, but I have no idea on how I am suppose to consume that token for use in the MVC app. 我可以在登录表单中调用令牌api并接收令牌,但是我不知道如何使用该令牌以在MVC应用程序中使用。 Also I think I have it all wrong as I think the OWIN middleware should be the one calling the authentication server.
我也认为这是错误的,因为我认为OWIN中间件应该是调用身份验证服务器的中间件。 But in saying that, I don't want the user to be navigated to the authentication server for the login either.
但是,我也不想将用户导航到身份验证服务器进行登录。
This is a bit confusing, I am very new to this type of authentication, and it seems the more I read the more I get confused, maybe because of all the different examples out there, all for slightly different approaches and some very outdated examples. 这有点令人困惑,对于这种身份验证我还是很陌生,似乎我读得越多,我就越困惑,这可能是因为那里有所有不同的示例,都是针对略有不同的方法和一些非常过时的示例。
So if anyone can point me to an example of what it is I am trying to achieve of make one up and post I would be very grateful. 因此,如果有人可以举一个例子说明我正在努力实现的目标,我将不胜感激。
Regards Jason Coley 问候杰森·科利
This is the code that my accountservice uses to call the identity server 这是我的accountservice用来调用身份服务器的代码
var client = new OAuth2Client(new Uri(oathBaseUrl()));
TokenResponse token = await client.RequestResourceOwnerPasswordAsync(model.Email, model.Password);
I have used the Thinktecture.IdentityModel.Client here to simplify this process. 我在这里使用了Thinktecture.IdentityModel.Client来简化此过程。
I have also used this method below which does give me the access-token correctly. 我还在下面使用了此方法,该方法的确为我提供了正确的访问令牌。
using (var client = new HttpClient(new HttpClientHandler ))
{
client.BaseAddress = new Uri(oathBaseUrl());
client.DefaultRequestHeaders.Accept.Clear();
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
var values = new Dictionary<string, string>
{
{ OAuth2Constants.GrantType, OAuth2Constants.Password },
{ OAuth2Constants.UserName, model.Email },
{ OAuth2Constants.Password, model.Password }
};
var form = new FormUrlEncodedContent(values);
var response = client.PostAsync("", form).Result;
if (response.IsSuccessStatusCode)
{
response.EnsureSuccessStatusCode();
var tokenResponse = response.Content.ReadAsStringAsync().Result;
var json = JObject.Parse(tokenResponse);
var jwt = json["access_token"].ToString();
The simplest thing to do would be to pass the token value into a httponly cookie and use that in your app in the normal way to identify the user. 最简单的方法是将令牌值传递到httponly cookie中,然后以正常方式在应用程序中使用它来识别用户。 If you post the code where you get the token I can probably expand;
如果将代码发布到获得令牌的位置,我可能可以扩展; there are libraries to handle this for you
有图书馆为您处理
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.