[英]OWIN Web API authorization in User Interface
我在MVC和Web API中准備用戶界面。 通過OWIN在Web API中的授權是正確的。 在登錄方法,你可以看到我只需登錄到Web API,我需要一些信息標記等。但有可能從進口網絡API這個autorization並添加這在MVC接口? 如果是,該怎么辦?
例如:mvcUI.User = WebAPI.User
*我也想使用[授權],在mvcUI中聲明
使用過的WebApiAuthorizationHelper代碼:
public static class WebApiAuthorizationHelper
{
public static string GetToken(string url, string userName, string password)
{
var pairs = new List<KeyValuePair<string, string>>
{
new KeyValuePair<string, string>( "grant_type", "password" ),
new KeyValuePair<string, string>( "username", userName ),
new KeyValuePair<string, string> ( "Password", password )
};
var content = new FormUrlEncodedContent(pairs);
ServicePointManager.ServerCertificateValidationCallback += (sender, cert, chain, sslPolicyErrors) => true;
using (var client = new HttpClient())
{
var response = client.PostAsync(url + "Token", content).Result;
return response.Content.ReadAsStringAsync().Result;
}
}
public static string CallApi(string url, string token)
{
ServicePointManager.ServerCertificateValidationCallback += (sender, cert, chain, sslPolicyErrors) => true;
using (var client = new HttpClient())
{
if (!string.IsNullOrWhiteSpace(token))
{
var t = JsonConvert.DeserializeObject<Token>(token);
client.DefaultRequestHeaders.Clear();
client.DefaultRequestHeaders.Add("Authorization", "Bearer " + t.access_token);
}
var response = client.GetAsync(url).Result;
return response.Content.ReadAsStringAsync().Result;
}
}
class Token
{
public string access_token { get; set; }
public string token_type { get; set; }
public int expires_in { get; set; }
public string userName { get; set; }
[JsonProperty(".issued")]
public string issued { get; set; }
[JsonProperty(".expires")]
public string expires { get; set; }
}
}
您可以在下面的代碼中添加令牌信息。
我的CustomIdentityService
public class CustomIdentityService
{
protected MyContext _context = new MyContext();
public Guid FooInfo(Guid IdentityUserID)
{
return con.fooTable.Where(x => x.IdentityUserID == IdentityUserID).
Select(us => new { us.fooData }).FirstOrDefault().fooData;
}
}
供應商/ ApplicationOAuthProvider.cs
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
CustomIdentityService _customIdentityService = new CustomIdentityService();
ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(userManager,OAuthDefaults.AuthenticationType);
ClaimsIdentity cookiesIdentity = await user.GenerateUserIdentityAsync(userManager,CookieAuthenticationDefaults.AuthenticationType);
//Add custom claims code
string fooInfo= _customIdentityService.FooInfo(user.Id));
oAuthIdentity.AddClaim(new Claim("fooInfo", fooInfo));
AuthenticationProperties properties = CreateProperties(user.UserName,fooInfo);
}
public static AuthenticationProperties CreateProperties(string userName,string fooInfo)
{
IDictionary<string, string> data = new Dictionary<string, string>
{
{ "fooInfo", fooInfo },
{ "userName", userName }
};
return new AuthenticationProperties(data);
}
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.