堆栈内存溢出
  简体   繁体   English

将ASP.NET Core WEB API令牌身份验证与OWIN / Katana OAuth 2.0授权服务器一起用作资源服务器

[英]Use ASP.NET Core WEB API token authentication as a resourceserver with OWIN/Katana OAuth 2.0 Authorization Server

 原文  2016-11-19 22:57:44       asp.net/ oauth/ asp.net-core/ owin-middleware

问题描述

Is it possible to use an ASP.NET Core web api service authentication with an OWIN/Katana OAuth 2.0 Authorization Server? 是否可以将ASP.NET Core Web API服务身份验证与OWIN / Katana OAuth 2.0授权服务器一起使用?

To use the default (Bearer) OAUTH2 access token in ASP.NET 4.5.x WEB API 2 this would be done by adding this: 要在ASP.NET 4.5.x WEB API 2中使用默认的(承载)OAUTH2访问令牌,可以通过添加以下代码来完成: 

public void ConfigureAuth(IAppBuilder app)
    {
        app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
    }

And by adding the machinekey to the web.config. 并通过将machinekey添加到web.config。

Is it possible and how to use accesstokens from OWIN/Katana OAuth 2.0 Authorization Server (The tokens are in TicketDataFormat, which is the default) with an ASP.NET Core web api? 是否可以通过ASP.NET Core Web API使用OWIN / Katana OAuth 2.0授权服务器的访问令牌(令牌位于TicketDataFormat,这是默认设置)?

2 个解决方案

解决方案1
 0  2016-12-12 20:58:29

If I remember correctly, there were changes to the token format in ASP.NET Core. 如果我没记错的话,ASP.NET Core中的令牌格式有所更改。 I have a sample of an ASP.NET Core resource server protected by a ported version of the Katana OAuth server. 我有一个受Katana OAuth服务器的移植版本保护的ASP.NET Core资源服务器示例。 Check out the sample code, it may be close enough to get you there. 查看示例代码,它可能已经足够接近您了。

https://github.com/XacronDevelopment/oauth-aspnet/blob/dev/samples/ResourceServer2/Startup.cs https://github.com/XacronDevelopment/oauth-aspnet/blob/dev/samples/ResourceServer2/Startup.cs

解决方案2
 0  2018-08-10 14:39:52

I had the same problem, and you need to modify the OAuthServer (to use DataProtector Compatibity or change the AccessTokenFormat to use JWT or other implementation) 我遇到了同样的问题,您需要修改OAuthServer(以使用DataProtector兼容性或将AccessTokenFormat更改为使用JWT或其他实现)

I developed the second option. 我开发了第二种选择。 You can check the JWT solution in https://github.com/aloji/JwtSecurity 您可以在https://github.com/aloji/JwtSecurity中检查JWT解决方案

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 托管OWIN KATANA访问令牌ASP.NET Web Api应用程序的步骤 - Steps to Host OWIN KATANA Access Token ASP.NET Web Api application 处理身份验证/授权:ASP.NET Core Web 应用程序 => ASP.NET Core Web API => SQL - Handling authentication/authorization: ASP.NET Core Web Application => ASP.NET Core Web API => SQL 如何使用OWIN / Katana保护ASP.NET MVC Web Api? - How do I secure an ASP.NET MVC Web Api using OWIN/Katana? 没有OWIN和AspNet.Identity的基于Asp.Net Web Api令牌的授权 - Asp.Net Web Api Token Based Authorization WITHOUT OWIN and AspNet.Identity 如何使用Asp.Net Web API 2中的Owin OAuth2修改令牌端点响应主体 - How to modify token endpoint response body with Owin OAuth2 in Asp.Net Web API 2 ASP.NET Web Api 2.0中的Owin自定义路由MIddleware - Owin Custom Routing MIddleware in ASP.NET Web Api 2.0 Asp.net Web Api令牌身份验证 - Asp.net Web Api Token Authentication ASP.NET Core Web API 身份验证 - ASP.NET Core Web API Authentication 在ASP.NET OWIN OpenIdConnect代码授权流程中通过基于令牌的身份验证替换Cookie - Replacing Cookie by Token based authentication in ASP.NET OWIN OpenIdConnect code authorization flow ASP.NET Web Api:如何使用URL参数传递访问令牌(oAuth 2.0)? - ASP.NET Web Api: How to pass an access token (oAuth 2.0) using URL parameter?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM