[英]Store owin oauth bearer token
I am creating a simple authentication server using the default owin oauth server.我正在使用默认的 owin oauth 服务器创建一个简单的身份验证服务器。 After supplying the correct credentials a bearer token is generated and returned to the client.
提供正确的凭证后,会生成一个不记名令牌并将其返回给客户端。 I used among others this tutorial by Taiseer
我使用了Taiseer的这个教程
I would like to store the token in a database before the token is send to the client.我想在将令牌发送到客户端之前将令牌存储在数据库中。 Maybe I completely overlooked it, but where can I get the token before it is send?
也许我完全忽略了它,但是在发送令牌之前我可以从哪里获得令牌? As far as I know the token is generated after the ticket is validated in the GrantResourceOwnerCredentials method.
据我所知,令牌是在 GrantResourceOwnerCredentials 方法中验证票证后生成的。 I am guessing the token is stored in the context.
我猜令牌存储在上下文中。 How can I get it out?
我怎样才能把它弄出来?
Startup.cs启动文件
private void ConfigureAuthServer(IAppBuilder app) {
// Configure the application for OAuth based flow
var oAuthServerOptions = new OAuthAuthorizationServerOptions {
//For Dev enviroment only (on production should be AllowInsecureHttp = false)
AllowInsecureHttp = true,
TokenEndpointPath = new PathString("/oauth/token"),
Provider = new ApplicationOAuthProvider(),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(14)
};
// Enable the application to use bearer tokens to authenticate users
app.UseOAuthAuthorizationServer(oAuthServerOptions);
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
}
ApplicationOAuthProvider ApplicationOAuthProvider
public override Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) {
//Dummy check here
if (context.UserName != context.Password) {
context.SetError("invalid_grant", "The user name or password is incorrect");
return Task.FromResult<object>(null);
}
var claims = new List<Claim> {
new Claim(ClaimTypes.NameIdentifier, context.UserName),
new Claim(ClaimTypes.Name, context.UserName)
};
var oAuthIdentity = new ClaimsIdentity(claims, OAuthDefaults.AuthenticationType);
AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, new AuthenticationProperties());
context.Validated(ticket);
return Task.FromResult<object>(null);
}
public override Task TokenEndpoint(OAuthTokenEndpointContext context) {
foreach (KeyValuePair<string, string> property in context.Properties.Dictionary) {
context.AdditionalResponseParameters.Add(property.Key, property.Value);
}
return Task.FromResult<object>(null);
}
Note: for those who wonder why I want to store the tokens.. it is a requirement I have to fulfill.注意:对于那些想知道我为什么要存储令牌的人..这是我必须满足的要求。
To fetch the token before it is sent to the client you must override TokenEndpointResponse
:要在将令牌发送到客户端之前获取令牌,您必须覆盖
TokenEndpointResponse
:
public override Task TokenEndpointResponse(OAuthTokenEndpointResponseContext context)
{
return base.TokenEndpointResponse(context);
}
the context
object has a property AccessToken
which will contains the representation of the token as a string. context
对象有一个属性AccessToken
,它将包含作为字符串的令牌表示。
OAuthTokenEndpointResponseContext
contains a dictionary of objects OAuthTokenEndpointResponseContext
包含一个对象字典IDictionary<string, object>
in AdditionalResponseParameters
which allows us to find all the claims for the indentity. AdditionalResponseParameters
IDictionary<string, object>
允许我们找到该身份的所有声明。
If we wanted to fetch the expiration of the token we would find the claim .expires
in the dictionary:如果我们想获取令牌的到期时间,我们会在字典中找到声明
.expires
:
context.AdditionalResponseParameters[".expires"]
There's a github repository if someone is interested to play with a simple integration of client and server interaction.如果有人有兴趣玩客户端和服务器交互的简单集成,那么有一个 github存储库。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.