OAuth Bearer token implementation using C#
Question
I am very new to OAuth. my requirement is to host a Rest based service url which can only be accessed by providing a bearer token. Also, I do not want the user to go though any Login page, just pass on the Bearer token and start using the resource Url.
- How can I generate a bearer token which I can distribute to the client so that they can make Http request using the Authorization header as --> Authorization: Bearer . Can I simply cook up a random character set and distribute it to the clients?
- If a bearer token is provided and the client is setting the header property, how will I handle it in server side code... as in like how do I authorize. Do I have to write code like (which I think not, but at the same time not sure what to do.. how do I authorize the client)
if (bearertoken != null) {
if(bearertoken == "abc") {
//do the operation and return http status code 200
}
else {
//return failure
}
}
Plz help!!!
Thanks, M
1 answers
solution1
2 2016-10-11 20:14:02
You shouldn't really be trying to roll your own solution given there are plenty of open source and commercial OIDC/OAuth packages out there. I have been using Identity Server 3 ( https://github.com/IdentityServer/IdentityServer3 ) which is open source, relatively easy to set up, is well supported with an active community, and comes with a ton of samples which you can use to get up to speed on OIDC/OAuth. If you are in the .NET Core world there is Identity Server 4 ( https://github.com/IdentityServer/IdentityServer4 ).
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.