堆栈内存溢出
  简体   繁体   English

如何在Web API C#中缓存授权访问令牌?

[英]How to do caching of Authorization access token in web api C#?

 原文  2017-07-10 13:52:19       c#/ api/ azure

问题描述

I have two project. 我有两个项目。 Project 1 is Php based web API which include OAuth and custom Authorization logic.Where Project 2 is C# REST API where each API should be authorized.To achieve this I am exposing Api from project 1 for Authorization, which is working perfect. 项目1是基于Php的Web API,其中包括OAuth和自定义的授权逻辑。 项目2是C#REST API,每个API都应得到授权。为此,我将Api从项目1中公开以进行授权,这是完美的。 By above flow for each request to Project 2 API's I have to authorize by hitting the Authorization API's of Project 1. Do we have any concept in C# or by using some caching technique so that I can check that each request is already validated or not .If not then I should call Authorization API.? 通过以上针对Project 2 API的每个请求的流程,我必须通过点击Project 1的Authorization API进行授权。 我们在C#中是否具有任何概念或使用某种缓存技术,以便可以检查每个请求是否已得到验证。如果没有,那么我应该调用授权API。 Input for Authorization API is " Bearer token " which will be sent by client application. 授权API的输入是“ 承载令牌 ”,它将由客户端应用程序发送。

Constraint :- I have to maintain two different projects and I have to reuse my auth provider API in another web api project. 约束 :-我必须维护两个不同的项目,并且必须在另一个Web api项目中重用我的身份验证提供程序API。 Thanks in advance. 提前致谢。

2 个解决方案

解决方案1
 0  2017-07-10 14:07:23

you can use redis or any popular out proc cache mgmt to store your token & can be used by both of project. 您可以使用redis或任何流行的out proc缓存mgmt来存储令牌,并且可以被两个项目使用。

https://redis.io/clients https://redis.io/clients

解决方案2
 0  2017-07-10 14:11:09

You can use separate auth server, for example: 您可以使用单独的身份验证服务器,例如:

https://identityserver.github.io/Documentation/ https://identityserver.github.io/Documentation/

And implement SSO(single-sign-on) functionality, if you needed. 并根据需要实施SSO(单点登录)功能。

Or you can implement your own authorization server, but strongly recommend you to use existing solutions. 或者,您可以实施自己的授权服务器,但强烈建议您使用现有的解决方案。

Look into this article: http://bitoftech.net/2014/09/24/decouple-owin-authorization-server-resource-server-oauth-2-0-web-api/ 查看这篇文章: http : //bitoftech.net/2014/09/24/decouple-owin-authorization-server-resource-server-oauth-2-0-web-api/

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Web API授权access_token验证 - Web API authorization access_token validation 如何在我的 Api 中访问授权令牌? - How do I access authorization token in my Api? 如何在C#中发布来自Filemaker API的授权令牌请求 - How to POST request for authorization token from filemaker API in c# 如何将Daemon或Server的Azure AD OAuth2访问令牌和刷新令牌转换为C#ASP.NET Web API - How do I get Azure AD OAuth2 Access Token and Refresh token for Daemon or Server to C# ASP.NET Web API Asp.net Web Api 2 - 如何从C#代码获取access_token - Asp.net Web Api 2 - how to get access_token from C# code 如何使用这些cURL命令调用REST Web API以获取访问令牌 - 在C#中 - How to call a REST Web API for access token with these cURL commands - in C# 使用Web API的C#自定义授权 - C# Custom authorization with Web API 如何在C#WEB API中返回JSON Web令牌? - How to return a JSON Web Token in a C# WEB API? 如何通过C#避免Google API访问代码或访问令牌 - How to avoid google API access code or access token by C# ASP.NET Web API 和 OpenID Connect:如何从授权码获取访问令牌 - ASP.NET Web API and OpenID Connect: how to get Access Token from Authorization Code
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM