从其他应用程序验证我们的“ Owin OAuth2承载令牌”
[英]Validate our “Owin OAuth2 Bearer Token” from other Application
问题描述
I successfully authenticate and obtain a Token from my Owin TokenEnpoint (Katana implementation), but when i then call let's say.. my Java Api I would like to validate the issued Token. 
我成功地从我的Owin TokenEnpoint(Katana实现)中进行了身份验证并获得了令牌,但是当我打电话时说..我的Java Api我想验证已发行的令牌。
So I would like to be able to call my Owin endpoint and just validate my Token, without authenticating again. 因此,我希望能够调用我的Owin端点并仅验证我的令牌,而无需再次进行身份验证。
Facebook or Google provide something like: Facebook或Google提供类似以下内容:
https://graph.facebook.com/debug_token?input_token= {0}&access_token={1} https://www.googleapis.com/oauth2/v1/tokeninfo?access_token= {0} https://graph.facebook.com/debug_token?input_token= {0}&access_token = {1} https://www.googleapis.com/oauth2/v1/tokeninfo?access_token= {0}
1 个解决方案
解决方案1
0 已采纳 2017-09-06 09:16:12
Just sharing some info on how I solved this.. 只是分享一些有关如何解决此问题的信息。
Just create a new endpoint in your Web.Api or you can even filter your context.Request.Path for your "/tokencheck/" path. 只需在Web.Api中创建一个新端点,或者甚至可以为“ / tokencheck /”路径过滤context.Request.Path。
then you can finally: 那么您最终可以:
context.DeserializeTicket(context.Token);
context.OwinContext.Environment["Properties"] = context.Ticket.Properties;
This question will help you develop a working solution: 这个问题将帮助您开发可行的解决方案:
Get IPrincipal from OAuth Bearer Token in OWIN 从OWIN中的OAuth承载令牌获取IPrincipal
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.