堆栈内存溢出
  简体   繁体   English

OAuth 2.0如何验证令牌的到期日期

[英]OAuth 2.0 How to validate token expiration date

 原文  2017-06-28 11:48:45       asp.net-mvc/ asp.net-web-api/ oauth-2.0/ access-token

问题描述

I am using MVC Web API inside MVC project. 我在MVC项目中使用MVC Web API。 I used SimpleAuthorizationServerProvider to generate the token. 我使用SimpleAuthorizationServerProvider生成令牌。 and I used AuthorizeForAPI custom Attribute to valid the token. 并且我使用AuthorizeForAPI自定义属性来验证令牌。 Everything is working great. 一切都很好。 My question is how to validate token expiration date so if the the token has expired i will send a message from server tells the user that your token has been expired 我的问题是如何验证令牌的到期日期,以便令牌是否已过期,我将从服务器发送一条消息,通知用户您的令牌已过期

This how i generate the token 这是我生成令牌的方式 

public class SimpleAuthorizationServerProvider : OAuthAuthorizationServerProvider
{
    public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
    {
        context.Validated();
    }

    public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
    {

        context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });

        var userManager = context.OwinContext.GetUserManager<ApplicationUserManager>();

        ApplicationUser user = await userManager.FindAsync(context.UserName, context.Password);

        if (user == null)
            {
                context.SetError("invalid_grant", "The user name or password is incorrect.");
                return;
            }


        var identity = new ClaimsIdentity(context.Options.AuthenticationType);
        identity.AddClaim(new Claim("sub", context.UserName));
        identity.AddClaim(new Claim("role", "user"));

        context.Validated(identity);

    }


    public override Task TokenEndpoint(OAuthTokenEndpointContext context)
    {
        foreach (KeyValuePair<string, string> property in context.Properties.Dictionary)
        {
            context.AdditionalResponseParameters.Add(property.Key, property.Value);
        }

        return Task.FromResult<object>(null);
    }
}

And this how i valid the token 这就是我如何验证令牌的方式 

public class AuthorizeForAPI : AuthorizeAttribute
{

    public override void OnAuthorization(HttpActionContext actionContext)
    {
        string AccessTokenFromRequest = "";
        if (actionContext.Request.Headers.Authorization != null)
        {
            // get the access token
            AccessTokenFromRequest = actionContext.Request.Headers.Authorization.Parameter;

            var user = HttpContext.Current.User.Identity;
            if (!user.IsAuthenticated)
            {
                actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized, "Unauthorized user");

            }
        }
    }
}

} }

1 个解决方案

解决方案1
 -1  2017-07-03 08:01:09

using 使用 

 AccessTokenExpireTimeSpan = TimeSpan.FromDays(22), //22 day before expired

you can change it for minute , hours , etc in "timespan.from(this)" 您可以在“ timespan.from(this)”中将其更改为分钟,小时等。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 OAuth 2.0如何验证令牌的到期日期 - OAuth 2.0 How to validate token expiration date MVC应用中的Google OAuth访问令牌到期? - Google OAuth access token expiration in MVC app? 如何设置 MVC 请求以使用 Oauth 2.0 访问令牌? - How to setup MVC requests to use Oauth 2.0 access token? 如何设置UserTokenProvider令牌过期 - How to set the UserTokenProvider token expiration 强制认证令牌过期 - Force expiration of authentication token 令牌到期ASP网络 - Token expiration asp net IdentityServer MVC 令牌到期 - IdentityServer MVC Token Expiration 如何在 Asp.Net MVC 中使用 gmail API 和 Z54699D9A7E6DF4EDBBEZ0 - how to get date wise email faster using gmail API in Asp.Net MVC with OAuth Token 如何验证日期 - How to validate date OIDC、OAuth2.0 和 OAuth 客户端应用程序和资源服务器没有不同时访问令牌的作用 - OIDC, OAuth2.0 and role of access token when OAuth client application and resource server are not different
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM