private void ConfigureOAuth(IAppBuilder app)
        {
            app.UseExternalSignInCookie(Microsoft.AspNet.Identity.DefaultAuthenticationTypes.ExternalCookie);
            OAuthBearerOptions = new OAuthBearerAuthenticationOptions();

            OAuthAuthorizationServerOptions oAuthServerOptions = new OAuthAuthorizationServerOptions()
            {
                AllowInsecureHttp = true,
                TokenEndpointPath = new PathString("/token"),
                AccessTokenExpireTimeSpan = TimeSpan.FromDays(1),
                Provider = new SimpleAuthorizationServerProvider(new AccountRepository())
            };

            GoogleAuthOptions = new GoogleOAuth2AuthenticationOptions()
            {
                ClientId = "592613624399-a3gr6vveaocnptgvv6738rmnk0pb5cev.apps.googleusercontent.com",
                ClientSecret = "FqNKKib_BP7dsNYBoJa8NwUC",
                Provider = new GoogleAuthProvider()
            };
            app.UseGoogleAuthentication(GoogleAuthOptions);

            FacebookAuthOptions = new FacebookAuthenticationOptions()
            {
                AppId = "806191272841558",
                AppSecret = "1a8241e9d46c4a5e393ae51f265a3489",
                Provider = new FacebookAuthProvider()
            };
            app.UseFacebookAuthentication(FacebookAuthOptions);

            // Token Generation
            app.UseOAuthAuthorizationServer(oAuthServerOptions);
            app.UseOAuthBearerAuthentication(OAuthBearerOptions);
        }
Example #2
1
        public void ConfigureOAuth(IAppBuilder app)
        {
            //use a cookie to temporarily store information about a user logging in with a third party login provider
              app.UseExternalSignInCookie(Microsoft.AspNet.Identity.DefaultAuthenticationTypes.ExternalCookie);
              OAuthBearerOptions = new OAuthBearerAuthenticationOptions();

              OAuthAuthorizationServerOptions oAuthServerOptions = new OAuthAuthorizationServerOptions()
              {
            AllowInsecureHttp = true,
            TokenEndpointPath = new PathString("/token"),
            AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(30),
            Provider = new SimpleAuthorizationServerProvider(),
            RefreshTokenProvider = new SimpleRefreshTokenProvider()
              };

              // Token Generation
              app.UseOAuthAuthorizationServer(oAuthServerOptions);
              app.UseOAuthBearerAuthentication(OAuthBearerOptions);

              //Configure Facebook External Login
              //FacebookAuthOptions = new FacebookAuthenticationOptions()
              //{
              //  AppId = "841670309262660",
              //  AppSecret = "8b4eba3df30d4aa95427fa9c90372462",
              //  Provider = new FacebookAuthProvider(),
              //  Scope = { "user_about_me", "user_friends", "email", "read_friendlists", "publish_stream", "user_birthday", "user_location" }
              //};

              //app.UseFacebookAuthentication(FacebookAuthOptions);
        }
        public void ConfigureAuth(IAppBuilder app)
        {            
            app.CreatePerOwinContext<IdentityUserManager>(IdentityUserManager.Create);

            app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);

            PublicClientId = "self";
            OAuthOptions = new OAuthAuthorizationServerOptions
            {
                TokenEndpointPath = new PathString("/OAuth/Token"),
                Provider = new ApplicationOAuthProvider(PublicClientId),
                AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"),
                AccessTokenExpireTimeSpan = TimeSpan.FromDays(5),                
                AllowInsecureHttp = true
            };

            app.UseOAuthBearerTokens(OAuthOptions);            
            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());

            //app.UseGoogleAuthentication(new GoogleOAuth2AuthenticationOptions()
            //{
            //    ClientId = "852925537385-9t4d8fg869kpi1dlm58v77277b70lc6e.apps.googleusercontent.com",
            //    ClientSecret = "078iMDZvE2JKYZc8-a5TeEey",
            //    Provider = new GoogleAuthProvider()
            //});
        }
Example #4
0
        public void ConfigureAuth(IAppBuilder app, HttpConfiguration config)
        {
            var userStore = config.DependencyResolver.GetService(typeof(IUserStore<ApplicationUser, Guid>)) as IUserStore<ApplicationUser, Guid>;
            var roleStore = config.DependencyResolver.GetService(typeof(IRoleStore<ApplicationRole, Guid>)) as IRoleStore<ApplicationRole, Guid>;

            UserManager = new UserManager<ApplicationUser, Guid>(userStore);
            RoleManager = new RoleManager<ApplicationRole, Guid>(roleStore);

            CompanyRepository = config.DependencyResolver.GetService(typeof(ICompanyRepository)) as ICompanyRepository;
            WidgetDefinitionRepository = config.DependencyResolver.GetService(typeof(IWidgetDefinitionRepository)) as IWidgetDefinitionRepository;

            var oAuthServerOptions = new OAuthAuthorizationServerOptions()
            {
                AllowInsecureHttp = true,
                TokenEndpointPath = new PathString("/api/v1/token"),
                AccessTokenExpireTimeSpan = TimeSpan.FromDays(1),
                Provider = new SimpleAuthorizationServerProvider(UserManager)
            };

            // Adds OAuth server (token generation)
            app.UseOAuthAuthorizationServer(oAuthServerOptions);

            // Adds bearer token processing to pipeline (token consumption)
            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());

            Seed();
        }
Example #5
0
        public void Configuration(IAppBuilder app)
        {
            app.UseOAuthBearerAuthentication(AccountController.OAuthBearerOptions);

            app.UseCookieAuthentication(new CookieAuthenticationOptions
            {
                AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
                LoginPath = new PathString("/Account/Login")
            });

            app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);

            if (IsTrue("ExternalAuth.Facebook.IsEnabled"))
            {
                app.UseFacebookAuthentication(CreateFacebookAuthOptions());
            }

            if (IsTrue("ExternalAuth.Twitter.IsEnabled"))
            {
                app.UseTwitterAuthentication(CreateTwitterAuthOptions());
            }

            if (IsTrue("ExternalAuth.Google.IsEnabled"))
            {
                app.UseGoogleAuthentication(CreateGoogleAuthOptions());
            }
        }
Example #6
0
        public void ConfigureOAuth(IAppBuilder app, IUserProvider userProvider)
        {
            var oAuthServerOptions = new OAuthAuthorizationServerOptions()
            {
                AllowInsecureHttp = true,
                TokenEndpointPath = new PathString("/api/v1/token"),
                AccessTokenExpireTimeSpan = TimeSpan.FromDays(7),
                Provider = new SimpleAuthorizationServerProvider(userProvider)
            };


            app.Use(async (context, next) =>
            {
                if (context.Request.QueryString.HasValue)
                {
                    if (string.IsNullOrWhiteSpace(context.Request.Headers.Get("Authorization")))
                    {
                        var queryString = HttpUtility.ParseQueryString(context.Request.QueryString.Value);
                        string token = queryString.Get("access_token");

                        if (!string.IsNullOrWhiteSpace(token))
                        {
                            context.Request.Headers.Add("Authorization", new[] { string.Format("Bearer {0}", token) });
                        }
                    }
                }

                await next.Invoke();
            });

            // Token Generation
            app.UseOAuthAuthorizationServer(oAuthServerOptions);
            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
        }
        public void ConfigureOAuth(IAppBuilder app, HttpConfiguration config)
        {
            UserManagerFactory = () =>
            {
                try
                {
                    var userRepository = config.DependencyResolver.GetService(typeof(IUserRepository));
                    var userManager =
                        new ApplicationUserManager(userRepository as IUserRepository);
                    return userManager;
                }
                catch (Exception)
                {
                    return null;
                }
            };

            app.CreatePerOwinContext(UserManagerFactory);

            var oAuthServerOptions = new OAuthAuthorizationServerOptions()
            {
                AllowInsecureHttp = true,
                TokenEndpointPath = new PathString("/token"),
                AccessTokenExpireTimeSpan = TimeSpan.FromDays(1),
                Provider = new SimpleAuthorizationProvider()
            };

            app.UseOAuthAuthorizationServer(oAuthServerOptions);

            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
        }
Example #8
0
        public void Configuration(IAppBuilder app)
        {
            app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll);

            // token consumption
            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());

            var container = SimpleInjectorConfig.Register();
            var config = new HttpConfiguration
            {
                DependencyResolver = new SimpleInjectorWebApiDependencyResolver(container)
            };
            WebApiConfig.Register(config);
            app.UseWebApi(config);

            Func<IUserService> userServiceFactory = () => container.GetInstance<IUserService>();
            app.UseOAuthAuthorizationServer(new OAuthAuthorizationServerOptions
            {
                // for demo purposes
                AllowInsecureHttp = true,

                TokenEndpointPath = new PathString("/token"),
                AccessTokenExpireTimeSpan = TimeSpan.FromHours(8),

                Provider = new AuthorizationServerProvider(userServiceFactory)
            });
        }
Example #9
0
        public void ConfigureAuth(IAppBuilder app)
        {
            OAuthAuthorizationServerOptions OAuthServerOptions = new OAuthAuthorizationServerOptions()
            {
                AuthenticationType = Constant.GrantTypes.AuthenticationType,
                AllowInsecureHttp = true,
                TokenEndpointPath = new PathString(WebConfig.TokenPath),
                AccessTokenExpireTimeSpan = TimeSpan.FromSeconds(int.Parse(WebConfig.AccessTokenExpireTimeSpan)),
                Provider = new OAuth2AuthorizationServerProvider(),
                RefreshTokenProvider = new OAuth2RefreshTokenProvider()
            };
            //AuthenticationType :认证类型
            //AllowInsecureHttp : 如果允许客户端的 return_uri 参数不是 HTTPS 地址, 则设置为 true
            //TokenEndpointPath : 客户端应用可以直接访问并得到访问令牌的地址, 必须以前倒斜杠 "/" 开始, 例如: /Token
            //AccessTokenExpireTimeSpan :Token过期时间
            //Provider : 应用程序提供和 OAuth 认证中间件交互的 IOAuthAuthorizationServerProvider 实例, 通常可以使用默认的
            //OAuthAuthorizationServerProvider , 并设置委托函数即可
            //RefreshTokenProvider :刷新令牌, 如果这个属性没有设置, 则不能从 /Token 刷新令牌

            // 令牌生成
            app.UseOAuthAuthorizationServer(OAuthServerOptions);

            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());

            //跨域处理
            app.UseCors(CorsOptions.AllowAll);
        }
Example #10
0
        public void ConfigureOAuth(IAppBuilder app)
        {
            app.UseExternalSignInCookie(Microsoft.AspNet.Identity.DefaultAuthenticationTypes.ExternalCookie);
            OAuthBearerOptions = new OAuthBearerAuthenticationOptions();
            OAuthAuthorizationServerOptions OAuthServerOptions = new OAuthAuthorizationServerOptions()
            {
                AllowInsecureHttp = true,
                TokenEndpointPath = new PathString("/token"),
                AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(30),
                Provider = new SimpleAuthorizationServerProvider(),
                RefreshTokenProvider = new SimpleRefreshTokenProvider()
            };

            // Token Generation
            app.UseOAuthAuthorizationServer(OAuthServerOptions);
            app.UseOAuthBearerAuthentication(OAuthBearerOptions);
            //Configure Google External Login
            googleAuthOptions = new GoogleOAuth2AuthenticationOptions()
            {
                ClientId = "936007638974-2ko9tqdmv3ifomlblhlrnninkdoe9bkt.apps.googleusercontent.com",
                ClientSecret = "4_GR4_4JPnglWQOnSnwOZzlV",
                Provider = new GoogleAuthProvider()
            };
            app.UseGoogleAuthentication(googleAuthOptions);
        }
        private void ConfigureOAuth(IAppBuilder app) {
            var oAuthServerOptions = new OAuthAuthorizationServerOptions {
                AllowInsecureHttp = true,
                TokenEndpointPath = new PathString("/api/account/token"),
                AccessTokenExpireTimeSpan = TimeSpan.FromDays(1),
                Provider = new AuthorizationServerProvider()
            };

            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
            app.UseOAuthAuthorizationServer(oAuthServerOptions);

            app.Use(async (context, next) =>
            {
                var request = context.Request;
                var response = context.Response;
                if (request.Path.StartsWithSegments(oAuthServerOptions.TokenEndpointPath)) {
                    var origin = request.Headers.Get("Origin");
                    if (!string.IsNullOrEmpty(origin)) {
                        response.Headers.Set("Access-Control-Allow-Origin", origin);
                    }
                    if (request.Method == "OPTIONS") {
                        response.StatusCode = 200;
                        response.Headers.AppendCommaSeparatedValues("Access-Control-Allow-Methods", "GET", "POST");
                        response.Headers.AppendCommaSeparatedValues("Access-Control-Allow-Headers", "authorization", "content-type");
                        return;
                    }
                }
                await next();
            });
        }
Example #12
0
        // For more information on configuring authentication, please visit http://go.microsoft.com/fwlink/?LinkId=301864
        public void ConfigureAuth(IAppBuilder app)
        {
            // Configure the db context and user manager to use a single instance per request
            app.CreatePerOwinContext(ApplicationDbContext.Create);
            app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);

            // Enable the application to use a cookie to store information for the signed in user
            // and to use a cookie to temporarily store information about a user logging in with a third party login provider
            app.UseCookieAuthentication(new CookieAuthenticationOptions());
            app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);

            // Configure the application for OAuth based flow
            PublicClientId = "self";
            OAuthOptions = new OAuthAuthorizationServerOptions
            {
                TokenEndpointPath = new PathString("/Token"),
                Provider = new ApplicationOAuthProvider(PublicClientId),
                AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"),
                AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
                // In production mode set AllowInsecureHttp = false
                AllowInsecureHttp = true
            };
            // Token Generation
            app.UseOAuthAuthorizationServer(OAuthOptions);
            OAuthBearerOptions = new OAuthBearerAuthenticationOptions();
            app.UseOAuthBearerAuthentication(OAuthBearerOptions);

            facebookAuthOptions = new FacebookAuthenticationOptions
            {
                AppId = "1543886725935090",
                AppSecret = "63ab7a49e991177caf72e3ec8f2247cc",
                Provider = new FacebookAuthProvider()
            };
            app.UseFacebookAuthentication(facebookAuthOptions);
        }
        public static void ConfigureOAuthTokenGeneration(IAppBuilder app)
        {
            // configure database context and user manager to use a single instance per request
            app.CreatePerOwinContext(ngk.DataLayer.EFDbContext.AuthorizationContext.Create);
            app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);

            app.CreatePerOwinContext<ApplicationRoleManager>(ApplicationRoleManager.Create);

            var token = new CustomJwtFormat("ngKBaseAngular");

            OAuthAuthorizationServerOptions OAuthServerOptions = new OAuthAuthorizationServerOptions()
            {
                // production should not allow insecure http
                AllowInsecureHttp = true,
                TokenEndpointPath = new PathString("/token"),
                AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(20),
                Provider = new Providers.CustomOAuthProvider(),
                RefreshTokenProvider = new Providers.RefreshTokenProvider(),
                AccessTokenFormat = token
            };

            // OAuth 2.0 Bearer Access Token Generation
            app.UseOAuthAuthorizationServer(OAuthServerOptions);
            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
        }
Example #14
0
 // For more information on configuring authentication, please visit http://go.microsoft.com/fwlink/?LinkId=301864
 public void ConfigureAuth(IAppBuilder app)
 {
     app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions
     {
         Provider = new ClientOAuthBearerAuthenticationProvider()
     });
 }
Example #15
0
        private void ConfigureOAuth(IAppBuilder app)
        {
            //var serverOptions = new OAuthAuthorizationServerOptions()
            //{
            //    AuthenticationMode=Microsoft.Owin.Security.AuthenticationMode.Active,
            //    AllowInsecureHttp = true,
            //    TokenEndpointPath = new PathString("/token"),
            //    AccessTokenExpireTimeSpan = TimeSpan.FromDays(1),
            //    Provider = new CIRAuthorizationServerProvider()
            //};
            //app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());

            var implicitGrantServerOptions = new OAuthAuthorizationServerOptions
            {
                AuthorizeEndpointPath= new PathString("/token"),
                Provider= new CIRImplicitAuthorizationServerProvider(),
                AllowInsecureHttp = true,
                AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(100)
            };

            app.UseOAuthAuthorizationServer(implicitGrantServerOptions);
            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions
            {
                AuthenticationType="Bearer",
                AuthenticationMode = Microsoft.Owin.Security.AuthenticationMode.Active
            });
        }
Example #16
0
        public void ConfigureOAuth(IAppBuilder app)
        {
            app.UseCookieAuthentication(new CookieAuthenticationOptions
            {
                AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
                LoginPath = new PathString("/Login"),
                Provider = new CookieAuthenticationProvider()
                {
                    OnApplyRedirect = ctx =>
                    {
                        if (!IsApiRequest(ctx.Request))
                        {
                            ctx.Response.Redirect(ctx.RedirectUri);
                        }
                    }
                }
            });

            app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);

            //use a cookie to temporarily store information about a user logging in with a third party login provider
            app.UseExternalSignInCookie(Microsoft.AspNet.Identity.DefaultAuthenticationTypes.ExternalCookie);
            var OAuthBearerOptions = new OAuthBearerAuthenticationOptions();

            // Token Generation
            app.UseOAuthAuthorizationServer(NinjectResolver.CreateKernel.Value.Get<MyOAuthAuthorizationServerOptions>().GetOptions());
            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions { Provider = new ApplicationOAuthBearerAuthenticationProvider()});
        }
Example #17
0
        public void Configuration(IAppBuilder app)
        {
            SecurityConfig.Config();
            var oauthServerConfig = new Microsoft.Owin.Security.OAuth.OAuthAuthorizationServerOptions
            {
                AllowInsecureHttp = false,
                AccessTokenExpireTimeSpan = TimeSpan.FromHours(2),
                Provider = new AuthorizationServerProvider(),
                TokenEndpointPath = new PathString("/token")
            };
            app.UseOAuthAuthorizationServer(oauthServerConfig);

            var oauthConfig = new Microsoft.Owin.Security.OAuth.OAuthBearerAuthenticationOptions
            {
                AuthenticationMode = Microsoft.Owin.Security.AuthenticationMode.Active
                //AuthenticationType = "Bearer"
            };
            app.UseOAuthBearerAuthentication(oauthConfig);
            var config = new HttpConfiguration();
            WebApiConfig.Register(config);
            app.UseWebApi(config);
            GlobalHost.Configuration.ConnectionTimeout = TimeSpan.FromSeconds(1);
            GlobalHost.Configuration.LongPollDelay = TimeSpan.FromMilliseconds(5000);
            app.MapSignalR();
        }
Example #18
0
        // For more information on configuring authentication, please visit http://go.microsoft.com/fwlink/?LinkId=301864
        public void ConfigureAuth(IAppBuilder app)
        {


            // app.CreatePerOwinContext<UserManager>(() => new UserManager(new UserStore()));
            // app.CreatePerOwinContext<Custom.Identity.RoleManager>(() => new Custom.Identity.RoleManager(new Custom.Identity.RoleStore()));
            //app.CreatePerOwinContext<SignInService>((options, context) => new SignInService(context.GetUserManager<UserManager>(), context.Authentication));

            app.UseExternalSignInCookie(Microsoft.AspNet.Identity.DefaultAuthenticationTypes.ExternalCookie);
            OAuthBearerOptions = new OAuthBearerAuthenticationOptions();


            var OAuthOptions = new OAuthAuthorizationServerOptions
            {
                TokenEndpointPath = new PathString("/Token"),
                Provider = new Api.Socioboard.App_Start.ApplicationOAuthServerProvider("self"),
                AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),

                // Only do this for demo!!
                AllowInsecureHttp = true
            };
            // Token Generation
            app.UseOAuthAuthorizationServer(OAuthOptions);
            app.UseOAuthBearerAuthentication(OAuthBearerOptions);

        }
Example #19
0
        public void ConfigureOAuth(IAppBuilder app)
        {
            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());

            app.UseOAuthAuthorizationServer(new OAuthAuthorizationServerOptions()
            {
                AllowInsecureHttp = true,
                TokenEndpointPath = new PathString("/token"),
                AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(30),
                Provider = new OAuthAuthorizationServerProvider
                {
                    OnValidateClientAuthentication = async c=>c.Validated(),
                    OnGrantResourceOwnerCredentials = async c =>
                    {
                        using (var repo = new AuthRepository())
                        {
                            var user = await repo.FindUser(c.UserName, c.Password);
                            if (user == null)
                            {
                                c.Rejected();
                                throw new ApiException("User not existed or wrong password.");
                            }
                        }
                        var identity = new ClaimsIdentity(c.Options.AuthenticationType);
                        identity.AddClaims(new[] {new Claim(ClaimTypes.Name, c.UserName), new Claim(ClaimTypes.Role, "user")});
                        if (string.Equals(c.UserName, AppConfig.Manager, StringComparison.InvariantCultureIgnoreCase))
                            identity.AddClaims(new[] {new Claim(ClaimTypes.Name, c.UserName), new Claim(ClaimTypes.Role, "manager")});
                        c.Validated(identity);
                    }
                },
            });
        }
 private void ConfigureOAuth(IAppBuilder app)
 {
     //Token Consumption
     app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions
     {
     });
 }
Example #21
0
        public void ConfigureOAuth(IAppBuilder app)
        {
            // Configure authentication
            // The object below represents options for authentication
            // The default options are good for now so we're not going to change anything
            var authenticationOptions = new OAuthBearerAuthenticationOptions();

            // Tell the app to use OAuthBearerAuthentication, passing in the authenticationOptions that we just instantiated
            app.UseOAuthBearerAuthentication(authenticationOptions);

            // Configure authorization
            // We do want to customize is how authorization works in our system
            // Same pattern as above, we're making options and then pass those options to the application
            var authorizationOptions = new OAuthAuthorizationServerOptions
            {
                // We are going to configure 4 properties here to customize authorization

                // We don't have https set up (secure set up)
                // So just for testing purposes, we're going to allow insecure http
                AllowInsecureHttp = true,

                // Because we're not writing a controller that accepts information (that's taken care of by ASP.Net.Identity)
                // We need to tell ASP.Net.Identity what route is; where is my user going to post to grab a token
                // We're telling it the endpoint path is a new path string and you have to hit /api/token to grab a token
                TokenEndpointPath = new PathString("/api/token"),

                // The token is only good for 1 day
                AccessTokenExpireTimeSpan = TimeSpan.FromDays(1),

                // ASP.Net.Identity now wants to know where's the class that you wrote to intercept the events I'm going to throw at you
                Provider = new PropertyManagerAuthorizationServerProvider()
            };

            app.UseOAuthAuthorizationServer(authorizationOptions);
        }
        /// <summary>
        /// Se realiza la configuración de autorización
        /// </summary>
        /// <param name="app"></param>
        public void ConfigureOAuth(IAppBuilder app)
        {
            OAuthAuthorizationServerOptions OAuthServerOptions = new OAuthAuthorizationServerOptions()
            {
                AllowInsecureHttp = true,
                TokenEndpointPath = new PathString("/token"),
                AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(30),
                Provider = new SimpleAuthorizationServerProvider(),
                RefreshTokenProvider = new SimpleRefreshTokenProvider()
            };

            // Token Generation
            app.UseOAuthAuthorizationServer(OAuthServerOptions);
            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
            app.UseExternalSignInCookie(Microsoft.AspNet.Identity.DefaultAuthenticationTypes.ExternalCookie);
            OAuthBearerOptions = new OAuthBearerAuthenticationOptions();

            googleAuthOptions = new GoogleOAuth2AuthenticationOptions()
            {
                ClientId = "185157178718-8qc15td8nefjssrai2md8eiodr151m8u.apps.googleusercontent.com",
                ClientSecret = "tmnYb6S99BJPWVbv45Ha8Mf-",
                Provider = new GoogleAuthProvider()
            };
            app.UseGoogleAuthentication(googleAuthOptions);

        }
Example #23
0
 public void Configuration(IAppBuilder app)
 {
     app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions
     {
         AccessTokenFormat = new JwtFormat(AppConstants.Audience, new X509CertificateSecurityTokenProvider("AS", GetSigningCertificate()))
     });
 }
Example #24
0
        public void Configuration(IAppBuilder app)
        {
            var config = new HttpConfiguration();
            ConfigureFilters(app, config);
            ConfigureWebApi(app, config);

            var container = ConfigureDI(app, config);

            app.UseAutofacWebApi(config);
            app.UseAutofacMiddleware(container);

            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions()
            {
                Provider = container.Resolve<IOAuthBearerAuthenticationProvider>()
            });

            app.UseOAuthAuthorizationServer(new OAuthAuthorizationServerOptions()
            {
                AllowInsecureHttp = true,
                TokenEndpointPath = new PathString("/api/auth/token"),
                AccessTokenExpireTimeSpan = TimeSpan.FromDays(7),
                Provider = container.Resolve<IOAuthAuthorizationServerProvider>()
            });

            app.UseWebApi(config);
        }
Example #25
0
        public void ConfigureOAuth(IAppBuilder app)
        {
            OAuthAuthorizationServerOptions OAuthServerOptions = new OAuthAuthorizationServerOptions()
            {

                AllowInsecureHttp = true,
                TokenEndpointPath = new PathString("/token"),
                AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(30),
                Provider = new SimpleAuthorizationServerProvider(),
                RefreshTokenProvider = new SimpleRefreshTokenProvider()
            };

            // Token Generation
            app.UseOAuthAuthorizationServer(OAuthServerOptions);
            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());

            //Configure Google External Login
            googleAuthOptions = new GoogleOAuth2AuthenticationOptions()
            {
                ClientId = "90666907944-o02ijc0nes4e6u26b7jmk7b6sr8dclr9.apps.googleusercontent.com",
                ClientSecret = "VwuUWkX4wCTn2UssEX4vfCP6",
                Provider = new GoogleAuthProvider()
            };
            app.UseGoogleAuthentication(googleAuthOptions);

            //Configure Facebook External Login
            facebookAuthOptions = new FacebookAuthenticationOptions()
            {
                AppId = "146338829036652",
                AppSecret = "4c24328bfaa6d1801a98e72d91c3c600",
                Provider = new FacebookAuthProvider()
            };
            app.UseFacebookAuthentication(facebookAuthOptions);
        }
Example #26
0
        public void ConfigureAuth(IAppBuilder app)
        {
            var config = new HttpConfiguration();

            // TODO: figure out how to get client certificates
            // config.MessageHandlers.Add(new CertificateHandler());
            config.MessageHandlers.Add(new ValidateRequestHandler());

            OAuthBearerOptions = new OAuthAuthorizationServerOptions();
            app.UseOAuthAuthorizationServer(OAuthBearerOptions);

            OAuthBearerAuthenticationOptions = new OAuthBearerAuthenticationOptions();
            app.UseOAuthBearerAuthentication(OAuthBearerAuthenticationOptions);

            bool loadAssemblies = false;
            if (bool.TryParse(ConfigurationManager.AppSettings["LoadAssemblyForTest"], out loadAssemblies))
            {
                config.Services.Replace(typeof(IAssembliesResolver), new AssemblyResolver());
            }

            config.MapHttpAttributeRoutes();
            config.Routes.MapHttpRoute(
                name: "DefaultApi",
                routeTemplate: "{controller}/{id}",
                defaults: new { id = RouteParameter.Optional }
            );

            config.SuppressDefaultHostAuthentication();
            config.Filters.Add(new HostAuthenticationFilter("Bearer"));

            app.UseWebApi(config);
        }
Example #27
0
        /// <summary>
        /// Configurations the specified application.
        /// </summary>
        /// <param name="app">The application.</param>
        public void Configuration(IAppBuilder app)
        {
            var container = UnityConfig.GetConfiguredContainer();
            var authCore = container.Resolve<AuthorizationResource>();

            app.UseOAuthBearerAuthentication(authCore.CreateOAuthBearerAuthenticationOptions());
        }
Example #28
0
        public void Configuration(IAppBuilder app)
        {
            var logger = new Logger();
            var container = CreateUnityContainer(logger);
            logger.Info("Starting Israel Hiking Server.");
            var config = new HttpConfiguration();
            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions
            {
                AccessTokenProvider = new OsmAccessTokenProvider(
                    container.Resolve<IHttpGatewayFactory>(),
                    container.Resolve<LruCache<string, TokenAndSecret>>(),
                    logger)
            });
            WebApiConfig.Register(config);

            config.Formatters.JsonFormatter.SupportedMediaTypes.Add(new MediaTypeHeaderValue("text/html"));
            config.Formatters.JsonFormatter.SerializerSettings.ReferenceLoopHandling = Newtonsoft.Json.ReferenceLoopHandling.Ignore;
            config.Formatters.JsonFormatter.SerializerSettings.PreserveReferencesHandling = Newtonsoft.Json.PreserveReferencesHandling.None;
            config.Formatters.JsonFormatter.SerializerSettings.Converters.Add(new CoordinateConverter());
            config.Formatters.JsonFormatter.SerializerSettings.Converters.Add(new GeometryConverter());
            config.Formatters.JsonFormatter.SerializerSettings.Converters.Add(new FeatureCollectionConverter());
            config.Formatters.JsonFormatter.SerializerSettings.Converters.Add(new FeatureConverter());
            config.Formatters.JsonFormatter.SerializerSettings.Converters.Add(new AttributesTableConverter());
            config.Formatters.JsonFormatter.SerializerSettings.Converters.Add(new ICRSObjectConverter());
            config.Formatters.JsonFormatter.SerializerSettings.Converters.Add(new GeometryArrayConverter());
            config.Formatters.JsonFormatter.SerializerSettings.Converters.Add(new EnvelopeConverter());

            config.Services.Add(typeof(IExceptionLogger), logger);
            config.DependencyResolver = new UnityResolver(container);
            InitializeServices(container);
            app.UseWebApi(config);
            logger.Info("Israel Hiking Server is up and running.");
        }
Example #29
0
        // What is OAuth????
        //OAuth is an open standard for authorization. OAuth provides client applications
        //a 'secure delegated access' to server resources on behalf of a resource owner.
        //It specifies a process for resource owners to authorize third-party access to their
        //server resources without sharing their credentials.
        public void ConfigureOAuth(IAppBuilder app)
        {
            //Here we’ve created new instance from class “OAuthAuthorizationServerOptions”
            //and set its option as the below:

            //1.
            //The path for generating tokens will be as :”http://localhost:port/token”.
            //We’ll see how we will issue HTTP POST request to generate token in the next steps.

            //2.
            //We’ve specified the expiry for token to be 24 hours, so if the user tried
            //to use the same token for authentication after 24 hours from the issue time,
            //his request will be rejected and HTTP status code 401 is returned.

            //3.
            //We’ve specified the implementation on how to validate the credentials for
            //users asking for tokens in custom class named “SimpleAuthorizationServerProvider”.

            OAuthAuthorizationServerOptions OAuthServerOptions = new OAuthAuthorizationServerOptions()
            {
                AllowInsecureHttp = true,
                TokenEndpointPath = new PathString("/token"),
                AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(30),
                Provider = new SimpleAuthorizationServerProvider(),
                RefreshTokenProvider = new SimpleRefreshTokenProvider()
            };

            // Token Generation
            app.UseOAuthAuthorizationServer(OAuthServerOptions);
            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
        }
Example #30
0
        public static void Configuration(IAppBuilder app)
        {
            app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll);

            var OAuthOptions = new OAuthAuthorizationServerOptions
            {
                AllowInsecureHttp = true,
                TokenEndpointPath = new PathString("/oauth/Token"),
                AccessTokenExpireTimeSpan = TimeSpan.FromHours(8),
                Provider = new Providers.MyAuthorizationServerProvider(),
                // RefreshTokenProvider = new Providers.MyRefreshTokenProvider(DateTime.UtcNow.AddHours(8))
            };
            app.UseOAuthAuthorizationServer(OAuthOptions);
            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());

            // Configure Web API for self-host.
            HttpConfiguration config = new HttpConfiguration();

            config.SuppressDefaultHostAuthentication();
            config.Filters.Add(new HostAuthenticationFilter(OAuthDefaults.AuthenticationType));

            // Web API routes
            config.MapHttpAttributeRoutes();

            // We don't need this crap anymore!
            //config.Routes.MapHttpRoute(
            //    name: "DefaultApi",
            //    routeTemplate: "api/{controller}/{id}",
            //    defaults: new { id = RouteParameter.Optional }
            //);

            app.UseWebApi(config);
        }
Example #31
0
        public void ConfigureOAuth(IAppBuilder app, IContainer container)
        {
            //Use a cookie to temporarily store information about a user logging in with a third party login provider
            //app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);

            /*app.UseCookieAuthentication(new CookieAuthenticationOptions
             * {
             *  AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
             *  LoginPath = new PathString("/Account/Login"),
             *  LogoutPath = new PathString("/Account/LogOff"),
             *  ExpireTimeSpan = TimeSpan.FromMinutes(5.0),
             * });*/

            var userRepository = container.GetInstance <IUserRepository>();

            OAuthAuthorizationServerOptions OAuthServerOptions = new OAuthAuthorizationServerOptions()
            {
                //Don't do this in production ONLY FOR DEVELOPING: ALLOW INSECURE HTTP!
                AllowInsecureHttp = true,
                //The Path for generating the Token
                TokenEndpointPath = new PathString("/token"),
                //Setting the Token Expired Time (1 day)
                AccessTokenExpireTimeSpan = TimeSpan.FromDays(1),
                //Simple authorization server provider class will validate the user credentials
                Provider = new SimpleAuthorizationServerProvider(userRepository)
            };

            //Token Generation

            app.UseOAuthAuthorizationServer(OAuthServerOptions);
            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
            /*AntiForgeryConfig.UniqueClaimTypeIdentifier = ClaimTypes.NameIdentifier;*/

            // Enable the application to use bearer tokens to authenticate users
            // app.UseOAuthBearerTokens(OAuthServerOptions); new OAuthBearerAuthenticationOptions()

            // Enables the application to temporarily store user information when they are verifying the second factor in the two-factor authentication process.
            /*app.UseTwoFactorSignInCookie(DefaultAuthenticationTypes.TwoFactorCookie, TimeSpan.FromMinutes(5));*/
        }
Example #32
0
        // Настройка времени жиз
        public void ConfigureOAuth(IAppBuilder app)
        {
            var oAuthServerOptions = new OAuthAuthorizationServerOptions()
            {
                AllowInsecureHttp         = true,
                TokenEndpointPath         = new PathString("/api/auth/token"),
                AccessTokenExpireTimeSpan = TimeSpan.FromDays(365),
                Provider = new AuthorizationServerProvider()
            };

            app.UseOAuthAuthorizationServer(oAuthServerOptions);
            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());


            var CookieOptions = new CookieAuthenticationOptions
            {
                AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie
            };

            app.UseCookieAuthentication(CookieOptions);
            // app.UseOAuthBearerTokens(OAuthOptions);
        }
Example #33
0
        public void Configuration(IAppBuilder app)
        {
            app.UseAbp();

            app.UseOAuthBearerAuthentication(AccountController.OAuthBearerOptions);

            app.UseCookieAuthentication(new CookieAuthenticationOptions
            {
                AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
                LoginPath          = new PathString("/Account/Login")
            });

            app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);

            app.MapSignalR();

            //ENABLE TO USE HANGFIRE dashboard (Requires enabling Hangfire in QueueSystemWebModule)
            //app.UseHangfireDashboard("/hangfire", new DashboardOptions
            //{
            //    Authorization = new[] { new AbpHangfireAuthorizationFilter() } //You can remove this line to disable authorization
            //});
        }
Example #34
0
        public void ConfigureOAuth(IAppBuilder app)
        {
            //use a cookie to temporarily store information about a user logging in with a third party login provider
            OAuthBearerOptions = new OAuthBearerAuthenticationOptions();

            OAuthAuthorizationServerOptions OAuthServerOptions = new OAuthAuthorizationServerOptions()
            {
                AllowInsecureHttp         = true,
                TokenEndpointPath         = new PathString("/token"),
                AccessTokenExpireTimeSpan = TimeSpan.FromDays(7),
                Provider = new MyAuthorizationServerProvider()
                           //,RefreshTokenProvider = new RefreshTokenProvider()
            };

            // Token Generation
            app.UseOAuthAuthorizationServer(OAuthServerOptions);
            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions()
            {
                AuthenticationMode = Microsoft.Owin.Security.AuthenticationMode.Active,
                AuthenticationType = "Bearer"
            });
        }
        public void Configuration(IAppBuilder app)
        {
            // For more information on how to configure your application, visit http://go.microsoft.com/fwlink/?LinkID=316888
            //enable cros origin request
            app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll);

            var provider = new MyAuthorizationServerProvider();
            OAuthAuthorizationServerOptions options = new OAuthAuthorizationServerOptions()
            {
                AllowInsecureHttp         = true,
                TokenEndpointPath         = new PathString("/token"),
                AccessTokenExpireTimeSpan = TimeSpan.FromDays(1),
                Provider = provider
            };

            app.UseOAuthAuthorizationServer(options);
            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());

            HttpConfiguration config = new HttpConfiguration();

            WebApiConfig.Register(config);
        }
Example #36
0
        public void Configuration(IAppBuilder app)
        {
            // Enable CORS (cross origin resource sharing) for making request using browser from different domains
            app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll);

            OAuthAuthorizationServerOptions options = new OAuthAuthorizationServerOptions
            {
                AllowInsecureHttp = true,
                //The Path For generating the Toekn
                TokenEndpointPath = new PathString("/Login/getToken"),
                //Setting the Token Expired Time (24 hours)
                AccessTokenExpireTimeSpan = TimeSpan.FromDays(1),
                //MyAuthorizationServerProvider class will validate the user credentials
                Provider = new AuthorizationServerProvider()
            };

            //Token Generations
            app.UseOAuthAuthorizationServer(options);
            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());

            HttpConfiguration config = new HttpConfiguration();
        }
Example #37
0
        public void Configuration(IAppBuilder app)
        {
            app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll);

            OAuthAuthorizationServerOptions options = new OAuthAuthorizationServerOptions
            {
                AllowInsecureHttp = true,
                //The Path For generating the Toekn
                TokenEndpointPath = new PathString("/token"),
                //Setting the Token Expired Time (24 hours)
                AccessTokenExpireTimeSpan = TimeSpan.FromDays(1),
                //MyAuthorizationServerProvider class will validate the user credentials
                Provider = new AuthorizationServiceProvider()
            };

            //Token Generations
            app.UseOAuthAuthorizationServer(options);
            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());

            //HttpConfiguration config = new HttpConfiguration();
            //WebApiConfig.Register(config);
        }
Example #38
0
        /// <summary>
        ///  Adds JWT bearer token middleware to your web application pipeline.
        /// </summary>
        /// <param name="app"></param>
        /// <param name="issuer"></param>
        /// <param name="audienceId"></param>
        /// <param name="symmetricKeyAsBase64"></param>
        /// <param name="validationParameters"></param>
        /// <returns></returns>
        public static IAppBuilder UseJwtBearerAuthentication(this IAppBuilder app, string issuer, string audienceId, string symmetricKeyAsBase64, TokenValidationParameters validationParameters)
        {
            if (app == null)
            {
                throw new ArgumentNullException("app");
            }
            if (validationParameters == null)
            {
                throw new ArgumentNullException("validationParameters");
            }

            JwtFormat jwtFormat = new JwtFormat(issuer, audienceId, symmetricKeyAsBase64, validationParameters);

            OAuthBearerAuthenticationOptions options2 = new OAuthBearerAuthenticationOptions()
            {
                AccessTokenFormat = jwtFormat
            };

            app.UseOAuthBearerAuthentication(options2);

            return(app);
        }
Example #39
0
        public void ConfigureOAuth(IAppBuilder app)
        {
            DataProtectionProvider = app.GetDataProtectionProvider();

            //use a cookie to temporarily store information about a user logging in with a third party login provider
            app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
            OAuthBearerOptions = new OAuthBearerAuthenticationOptions();

            OAuthAuthorizationServerOptions oAuthServerOptions = new OAuthAuthorizationServerOptions()
            {
                AllowInsecureHttp         = true,
                TokenEndpointPath         = new PathString("/token"),
                AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(1),
                Provider             = new SimpleAuthorizationServerProvider(),
                RefreshTokenProvider = new SimpleRefreshTokenProvider()
            };

            // Token Generation
            app.UseOAuthAuthorizationServer(oAuthServerOptions);
            app.UseOAuthBearerAuthentication(OAuthBearerOptions);

            //Configure Google External Login
            GoogleAuthOptions = new GoogleOAuth2AuthenticationOptions()
            {
                ClientId     = "xxxxxx",
                ClientSecret = "xxxxxx",
                Provider     = new GoogleAuthProvider()
            };
            app.UseGoogleAuthentication(GoogleAuthOptions);

            //Configure Facebook External Login
            FacebookAuthOptions = new FacebookAuthenticationOptions()
            {
                AppId     = "xxxxxx",
                AppSecret = "xxxxxx",
                Provider  = new FacebookAuthProvider()
            };
            app.UseFacebookAuthentication(FacebookAuthOptions);
        }
Example #40
0
File: Startup.cs Project: LEYVUS/SS
        public void Configuration(IAppBuilder app)
        {
            // Para obtener más información acerca de cómo configurar su aplicación, visite http://go.microsoft.com/fwlink/?LinkID=316888
            app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll);

            var myProvider = new MyAuthorizationServerProvider();

            OAuthAuthorizationServerOptions options = new OAuthAuthorizationServerOptions
            {
                AllowInsecureHttp         = true,
                TokenEndpointPath         = new PathString("/token"),
                AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(20),
                Provider = myProvider
            };

            app.UseOAuthAuthorizationServer(options);
            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());

            HttpConfiguration config = new HttpConfiguration();

            WebApiConfig.Register(config);
        }
Example #41
0
        public void Configuration(IAppBuilder app)
        {
            // It's Becouse we use Owins.cors
            app.UseCors(CorsOptions.AllowAll);

            //use middleware that create token outhantication
            app.UseOAuthAuthorizationServer(new OAuthAuthorizationServerOptions
            {
                TokenEndpointPath         = new PathString("/login"),
                AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(60),
                AllowInsecureHttp         = true,
                Provider = new TokenCreate()
            });

            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());

            HttpConfiguration config = new HttpConfiguration();

            config.MapHttpAttributeRoutes();
            config.Routes.MapHttpRoute("DefaultApi", "api/{controller}/{id}", new { id = RouteParameter.Optional });
            app.UseWebApi(config);
        }
Example #42
0
        public void Configuration(IAppBuilder app)
        {
            app.UseAbp();



            app.UseOAuthBearerAuthentication(AccountController.OAuthBearerOptions);

            app.UseCookieAuthentication(new CookieAuthenticationOptions
            {
                AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
                LoginPath          = new PathString("/Account/Login")
            });

            app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);

            if (IsTrue("ExternalAuth.Facebook.IsEnabled"))
            {
                app.UseFacebookAuthentication(CreateFacebookAuthOptions());
            }

            if (IsTrue("ExternalAuth.Twitter.IsEnabled"))
            {
                app.UseTwitterAuthentication(CreateTwitterAuthOptions());
            }

            if (IsTrue("ExternalAuth.Google.IsEnabled"))
            {
                app.UseGoogleAuthentication(CreateGoogleAuthOptions());
            }

            app.MapSignalR();

            //ENABLE TO USE HANGFIRE dashboard (Requires enabling Hangfire in SportsstoreWebModule)
            //app.UseHangfireDashboard("/hangfire", new DashboardOptions
            //{
            //    Authorization = new[] { new AbpHangfireAuthorizationFilter() } //You can remove this line to disable authorization
            //});
        }
Example #43
0
        public void Configuration(IAppBuilder app)
        {
            app.Map("/signalr", map =>
            {
                map.UseCors(CorsOptions.AllowAll);
                var hubConfiguration = new HubConfiguration();
                map.RunSignalR(hubConfiguration);
            });

            app.UseCors(CorsOptions.AllowAll);
            OAuthAuthorizationServerOptions option = new OAuthAuthorizationServerOptions
            {
                TokenEndpointPath         = new PathString("/token"),
                Provider                  = new OAuthProvider(),
                AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(Convert.ToInt32(ConfigurationManager.AppSettings["TokenExpiry"])),
                AllowInsecureHttp         = true,
                RefreshTokenProvider      = new OAuthRefreshTokenProvider()
            };

            app.UseOAuthAuthorizationServer(option);
            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
        }
Example #44
0
        public void Configuration(IAppBuilder app)
        {
            app.Use(typeof(HeaderSetter));
            app.UseCors(CorsOptions.AllowAll);

            var myProvider = new AuthorizationServerProvider();
            OAuthAuthorizationServerOptions options = new OAuthAuthorizationServerOptions
            {
                AllowInsecureHttp         = true,
                TokenEndpointPath         = new PathString("/token"),
                AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(60),
                Provider             = myProvider,
                RefreshTokenProvider = new RefreshTokenProvider()
            };

            app.UseOAuthAuthorizationServer(options);

            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
            HttpConfiguration config = new HttpConfiguration();

            WebApiConfig.Register(config);
        }
Example #45
0
        //crea el token y permite los accesos
        //esta clase permite mediente configuracio
        public void Configuration(IAppBuilder app)
        {
            //se tiene que modificar el web.config y agregar la linea donde hacemos referencia a este documento
            //se pone el codigo en la myAuthorization
            app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll); //agregamos el nuget de microsoft.owin.cors

            var myProvider = new MyAuthorizationServerProvider();

            OAuthAuthorizationServerOptions options = new OAuthAuthorizationServerOptions
            {
                AllowInsecureHttp = true,
                //aqui defines la ruta para la creacion de token
                TokenEndpointPath         = new PathString("/token"),
                AccessTokenExpireTimeSpan = TimeSpan.FromDays(365),
                Provider = myProvider
            };

            //aqui leo esos token
            app.UseOAuthAuthorizationServer(options);
            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
            //los token viajan en los headers mediante el consumo
        }
Example #46
0
        /// <summary>
        /// Configuration method
        /// configure the service
        /// </summary>
        /// <remarks>
        /// </remarks>
        /// <param name="app">
        /// contains the IAppBuilder
        /// </param>
        public void Configuration(IAppBuilder app)
        {
            app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll);

            var provider = new UserAuthorization();

            // Disable HTTP for Authorization
            // Set Token path
            // Set Token expire time
            // Set the provider
            OAuthAuthorizationServerOptions options = new OAuthAuthorizationServerOptions
            {
                AllowInsecureHttp         = true,
                TokenEndpointPath         = new PathString("/token"),
                AccessTokenExpireTimeSpan = TimeSpan.FromDays(1),
                Provider = provider
            };

            // Generate a token
            app.UseOAuthAuthorizationServer(options);
            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
        }
Example #47
0
        public void ConfigureAuth(IAppBuilder app)
        {
            // NOTE: The usual WindowsAzureActiveDirectoryBearerAuthentication middleware uses a
            // metadata endpoint which is not supported by the v2.0 endpoint.  Instead, this
            // OpenIdConnectSecurityTokenProvider implementation can be used to fetch & use the OpenIdConnect
            // metadata document - which for the v2 endpoint is https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration

            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions
            {
                AccessTokenFormat = new JwtFormat(
                    new TokenValidationParameters
                {
                    // Check if the audience is intended to be this application
                    ValidAudience = clientId,

                    // Change below to 'true' if you want this Web API to accept tokens issued to one Azure AD tenant only (single-tenant)
                    ValidateIssuer = false,
                },
                    new OpenIdConnectSecurityTokenProvider("https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration")
                    ),
            });
        }
Example #48
0
        public void Configuration(IAppBuilder app)
        {
            GlobalConfiguration.Configure(WebApiConfig.Register);
            ServicesConfig.Register(GlobalConfiguration.Configuration);

            var OAuthServerOptions = new OAuthAuthorizationServerOptions()
            {
                AllowInsecureHttp         = true,
                TokenEndpointPath         = new PathString("/token"),
                AccessTokenExpireTimeSpan = TimeSpan.FromDays(1),
                Provider = GlobalConfiguration.Configuration.DependencyResolver.GetService <IOAuthAuthorizationServerProvider>()
            };

            app.Use <OwinExceptionHandlerMiddleware>();

            // Token Generation
            app.UseOAuthAuthorizationServer(OAuthServerOptions);
            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());

            app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll);
            app.UseWebApi(GlobalConfiguration.Configuration);
        }
Example #49
0
        public void ConfigureAuth(IAppBuilder app)
        {
            //this is very important line cross orgin source(CORS)it is used to enable cross-site HTTP requests
            //For security reasons, browsers restrict cross-origin HTTP requests
            app.UseCors(CorsOptions.AllowAll);

            var OAuthOptions = new OAuthAuthorizationServerOptions
            {
                AllowInsecureHttp         = true,
                TokenEndpointPath         = new PathString("/token"),
                AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(30),//token expiration time
                Provider = new OauthProvider()
            };

            app.UseOAuthBearerTokens(OAuthOptions);
            app.UseOAuthAuthorizationServer(OAuthOptions);
            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());

            HttpConfiguration config = new HttpConfiguration();

            WebApiConfig.Register(config);//register the request
        }
Example #50
0
        /// <summary>
        /// Add token based authentication to owin pipeline
        /// </summary>
        /// <param name="app"></param>
        private void ConfigureOAuthTokenGeneration(IAppBuilder app)
        {
            //use a cookie to temporarily store information about a user logging in with a third party login provider
            app.UseExternalSignInCookie(Microsoft.AspNet.Identity.DefaultAuthenticationTypes.ExternalCookie);
            OAuthBearerOptions = new OAuthBearerAuthenticationOptions();

            //Authentication refresh token middlware
            app.UseOAuthAuthorizationServer(new Microsoft.Owin.Security.OAuth.OAuthAuthorizationServerOptions
            {
                AllowInsecureHttp         = true,
                TokenEndpointPath         = new PathString("/Token"),
                AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(30),
                Provider             = new CustomAuthorisationServerProvider(),
                RefreshTokenProvider = new CustomRefreshTokenProvider()
            });
            // Enable the application to use bearer tokens to authenticate users
            app.UseOAuthBearerAuthentication(OAuthBearerOptions);


            //external authentication middleware

            /*//Configure Google External Login
             * googleAuthOptions = new GoogleOAuth2AuthenticationOptions()
             * {
             *  ClientId = "xxxxxx",
             *  ClientSecret = "xxxxxx",
             *  Provider = new GoogleAuthProvider()
             * };
             * app.UseGoogleAuthentication(googleAuthOptions);
             *
             * //Configure Facebook External Login
             * facebookAuthOptions = new FacebookAuthenticationOptions()
             * {
             *  AppId = "xxxxxx",
             *  AppSecret = "xxxxxx",
             *  Provider = new FacebookAuthProvider()
             * };
             * app.UseFacebookAuthentication(facebookAuthOptions);*/
        }
Example #51
0
        public static void ConfigureOAuth(IAppBuilder app)
        {
            // Configure the db context and user manager to use a single instance per request
            app.CreatePerOwinContext(AuthContext.Create);
            app.CreatePerOwinContext <UserRepository>(UserRepository.Create);


            OAuthServerOptions = new OAuthAuthorizationServerOptions
            {
                //For Dev enviroment only (on production should be AllowInsecureHttp = false)
                AllowInsecureHttp         = true,
                TokenEndpointPath         = new PathString("/oauth/token"),
                AccessTokenExpireTimeSpan = TimeSpan.FromDays(1),
                Provider          = new CustomOAuthProvider(),
                AccessTokenFormat = new CustomJwtFormat("http://localhost:62179"),
            };

            // Token Generation
            app.UseOAuthAuthorizationServer(OAuthServerOptions);

            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
        }
Example #52
0
        public void ConfigureOAuth(IAppBuilder app)
        {
            // Configurare il contesto di database e la gestione utenti per l'utilizzo di un'unica istanza per richiesta
#if IDEMV3COMPATIBILITY
            app.CreatePerOwinContext(IdemIdentityContext.Create);
            app.CreatePerOwinContext <IdemMigrationUserManager>(IdemMigrationUserManager.Create);
#else
            app.CreatePerOwinContext(IdemIdentityContext.Create);
            app.CreatePerOwinContext <IdemUserManager>(IdemUserManager.Create);
#endif
            OAuthAuthorizationServerOptions OAuthServerOptions = new OAuthAuthorizationServerOptions()
            {
                AllowInsecureHttp         = true,
                TokenEndpointPath         = new PathString("/token"),
                AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(Settings.Default.TokenLifetime),
                Provider = new IdemMigrationOAuthProvider()
            };

            // Token Generation
            app.UseOAuthAuthorizationServer(OAuthServerOptions);
            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
        }
Example #53
0
        public void ConfigureOAuth(IAppBuilder app)
        {
            app.CreatePerOwinContext(IdentityContext.Create);
            app.CreatePerOwinContext <ApplicationUserManager>(ApplicationUserManager.Create);

            var oAuthServerOptions = new OAuthAuthorizationServerOptions
            {
                TokenEndpointPath         = new PathString("/oauth/token"),
                Provider                  = new SimpleAuthorizationServerProvider(),
                AuthorizeEndpointPath     = new PathString("/api/Usuario/Login"),
                AccessTokenExpireTimeSpan = TimeSpan.FromDays(90),
                // AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(5),
                RefreshTokenProvider = new SimpleRefreshTokenProvider(),
                AllowInsecureHttp    = true
            };

            // Token Generation
            app.UseOAuthAuthorizationServer(oAuthServerOptions);

            OAuthBearerOptions = new OAuthBearerAuthenticationOptions();
            app.UseOAuthBearerAuthentication(OAuthBearerOptions);
        }
Example #54
0
        public void ConfigureOAuth(IAppBuilder app)
        {
            app.UseExternalSignInCookie(Microsoft.AspNet.Identity.DefaultAuthenticationTypes.ExternalCookie);

            app.CreatePerOwinContext(ApplicationDbContext.Create);
            app.CreatePerOwinContext <ApplicationUserManager>(ApplicationUserManager.Create);
            app.CreatePerOwinContext <ApplicationRoleManager>(ApplicationRoleManager.Create);

            OAuthBearerOptions = new OAuthBearerAuthenticationOptions();

            OAuthAuthorizationServerOptions OAuthServerOptions = new OAuthAuthorizationServerOptions()
            {
                AllowInsecureHttp         = true,
                TokenEndpointPath         = new PathString(GlobalConstants.TokenEndPointPath),
                AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(Convert.ToDouble(AppConstants.ConfigurationKeys.AccessTokenExpireTimeInMinutes)),
                Provider = new SimpleAuthorizationServerProvider()
            };

            // Token Generation
            app.UseOAuthAuthorizationServer(OAuthServerOptions);
            app.UseOAuthBearerAuthentication(OAuthBearerOptions);
        }
Example #55
0
        public void ConfigureOAuth(IAppBuilder app)
        {
            /*
             * Here we’ve created new instance from class “OAuthAuthorizationServerOptions” and set its option as the below:
             *
             *  The path for generating tokens will be as :”http://localhost:port/token”. We’ll see how we will issue HTTP POST request to generate token in the next steps.
             *  We’ve specified the expiry for token to be 24 hours, so if the user tried to use the same token for authentication after 24 hours from the issue time, his request will be rejected and HTTP status code 401 is returned.
             *  We’ve specified the implementation on how to validate the credentials for users asking for tokens in custom class named “SimpleAuthorizationServerProvider”.
             * */

            OAuthAuthorizationServerOptions OAuthServerOptions = new OAuthAuthorizationServerOptions()
            {
                AllowInsecureHttp         = true,
                TokenEndpointPath         = new PathString("/token"),
                AccessTokenExpireTimeSpan = TimeSpan.FromHours(1),
                Provider = new AuthorizationServerProvider()
            };

            // Token Generation
            app.UseOAuthAuthorizationServer(OAuthServerOptions);
            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
        }
Example #56
0
        public void ConfigureAuth(IAppBuilder app)
        {
            app.CreatePerOwinContext(ApplicationDbContext.Create);
            app.CreatePerOwinContext <ApplicationUserManager>(ApplicationUserManager.Create);

            app.UseCookieAuthentication(new CookieAuthenticationOptions());
            //app.UseCookieAuthentication(new CookieAuthenticationOptions
            //{
            //    AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
            //    LoginPath = new PathString("/Account/Login"),
            //    LogoutPath = new PathString("/Account/LogOff"),
            //    ExpireTimeSpan = TimeSpan.FromMinutes(5.0),
            //});

            app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);

            PublicClientId = "self";
            OAuthAuthorizationServerOptions = new OAuthAuthorizationServerOptions
            {
                TokenEndpointPath         = new PathString("/Token"),
                Provider                  = new ApplicationOAuthProvider(PublicClientId),
                AuthorizeEndpointPath     = new PathString("/api/Account/ExternalLogin"),
                AccessTokenExpireTimeSpan = TimeSpan.FromHours(4),
                AllowInsecureHttp         = true
            };

            //app.UseOAuthBearerTokens(OAuthAuthorizationServerOptions);
            //app.UseTwoFactorSignInCookie(DefaultAuthenticationTypes.TwoFactorCookie, TimeSpan.FromMinutes(5));
            //app.UseTwoFactorRememberBrowserCookie(DefaultAuthenticationTypes.TwoFactorRememberBrowserCookie);

            app.UseOAuthAuthorizationServer(OAuthAuthorizationServerOptions);
            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());

            app.UseGoogleAuthentication(new GoogleOAuth2AuthenticationOptions()
            {
                ClientId     = "132617998045-honcrlov9bvejas80mdr9tlvmtqncfd0.apps.googleusercontent.com",
                ClientSecret = "afJQKibQ4yN_f7lzZOsFK2a5"
            });
        }
Example #57
0
        // For more information on configuring authentication, please visit http://go.microsoft.com/fwlink/?LinkId=301864
        public void ConfigureAuth(IAppBuilder app)
        {
            app.CreatePerOwinContext <ApplicationDbContext>(ApplicationDbContext.Create);
            app.CreatePerOwinContext <ApplicationUserManager>(ApplicationUserManager.Create);

            app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll);

            // Enable the application to use a cookie to store information for the signed in user
            // and to use a cookie to temporarily store information about a user logging in with a third party login provider
            app.UseCookieAuthentication(new CookieAuthenticationOptions());
            app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);

            // Configure the application for OAuth based flow
            PublicClientId = "self";
            OAuthOptions   = new OAuthAuthorizationServerOptions
            {
                TokenEndpointPath         = new PathString("/oauth/token"),
                Provider                  = new ApplicationOAuthProvider(),
                AuthorizeEndpointPath     = new PathString("/oauth/authorize"),
                AccessTokenExpireTimeSpan = TimeSpan.FromDays(90),
                AllowInsecureHttp         = true
            };

            // Enable the application to use bearer tokens to authenticate users
            app.UseOAuthAuthorizationServer(OAuthOptions);

            var OAuthBearerOptions = new OAuthBearerAuthenticationOptions()
            {
                Provider            = new QueryStringOAuthBearerProvider(),
                AccessTokenProvider = new AuthenticationTokenProvider()
                {
                    OnCreate  = create,
                    OnReceive = receive
                },
            };

            app.UseOAuthBearerAuthentication(OAuthBearerOptions);
        }
        /// <summary>
        /// 初始化OAuth
        /// </summary>
        /// <param name="app"></param>
        /// <param name="provider"></param>
        /// <returns></returns>
        public static IAppBuilder ConfigureOAuth(this IAppBuilder app, IServiceProvider provider)
        {
            IOAuthAuthorizationServerProvider oauthServerProvider = provider.GetService <IOAuthAuthorizationServerProvider>();

            if (oauthServerProvider == null)
            {
                throw new InvalidOperationException(Resources.OAuthServerProviderIsNull);
            }
            IAuthorizationCodeProvider authorizationCodeProvider = provider.GetService <IAuthorizationCodeProvider>();

            if (authorizationCodeProvider == null)
            {
                throw new InvalidOperationException(Resources.AuthorizationCodeProviderIsNull);
            }
            IRefreshTokenProvider refreshTokenProvider = provider.GetService <IRefreshTokenProvider>();

            if (refreshTokenProvider == null)
            {
                throw new InvalidOperationException(Resources.RefreshTokenProviderIsNull);
            }
            OAuthAuthorizationServerOptions options = new OAuthAuthorizationServerOptions()
            {
                TokenEndpointPath           = new PathString("/token"),
                AuthorizeEndpointPath       = new PathString("/authorize"),
                ApplicationCanDisplayErrors = true,
                AuthenticationMode          = AuthenticationMode.Active,
#if DEBUG
                AllowInsecureHttp = true,
#endif
                Provider = oauthServerProvider,
                AuthorizationCodeProvider = authorizationCodeProvider,
                RefreshTokenProvider      = refreshTokenProvider
            };

            app.UseOAuthAuthorizationServer(options);
            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
            return(app);
        }
Example #59
0
        // 有关配置身份验证的详细信息,请访问 http://go.microsoft.com/fwlink/?LinkId=301864
        public void ConfigureAuth(IAppBuilder app)
        {
            #region OAuthAuthorizationServer
            //https://docs.microsoft.com/en-us/aspnet/aspnet/overview/owin-and-katana/owin-oauth-20-authorization-server
            var oAuthOptions = new OAuthAuthorizationServerOptions
            {
                TokenEndpointPath     = new PathString(TokenConstants.TokenPath),                         //获取 access_token 认证服务请求地址
                AuthorizeEndpointPath = new PathString(TokenConstants.AuthorizePath),                     //获取 authorization_code 认证服务请求地址
                //AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
                AccessTokenExpireTimeSpan   = TimeSpan.FromMinutes(TokenConstants.AccessTokenExpireTime), //access_token 过期时间
                ApplicationCanDisplayErrors = true,
                //在生产模式下设 AllowInsecureHttp = false
                AllowInsecureHttp = true,

                Provider = new AuthorizationServerProvider(),                //access_token 相关认证服务
                AuthorizationCodeProvider = new AuthorizationCodeProvider(), ////authorization_code 认证服务
                RefreshTokenProvider      = new RefreshTokenProvider(),      //refresh_token 认证服务

                // AccessTokenFormat = new TicketDataFormat(app.CreateDataProtector(
                //typeof(OAuthAuthorizationServerMiddleware).Namespace,
                //"Access_Token", "v1")),
                // RefreshTokenFormat = new TicketDataFormat(app.CreateDataProtector(
                // typeof(OAuthAuthorizationServerMiddleware).Namespace,
                // "Refresh_Token", "v1")),
            };
            app.UseOAuthAuthorizationServer(oAuthOptions);
            #endregion OAuthAuthorizationServer

            #region UseOAuthBearerTokens
            var oAuthBearerOptions = new OAuthBearerAuthenticationOptions()
            {
                Provider            = new OAuthBearerProvider(), //Bearer相关认证服务
                AccessTokenProvider = new AccessTokenProvider()  // Receives the bearer token
            };
            app.UseOAuthBearerAuthentication(oAuthBearerOptions);
            //表示 token_type 使用 bearer 方式
            #endregion  UseOAuthBearerTokens
        }
Example #60
0
        public void ConfigurarOAuth(IAppBuilder app)
        {
            app.UseExternalSignInCookie(Microsoft.AspNet.Identity.DefaultAuthenticationTypes.ExternalCookie);
            OAuthBearerOptions = new OAuthBearerAuthenticationOptions();

            var OAuthServerOptions = new OAuthAuthorizationServerOptions
            {
                AllowInsecureHttp         = true,
                TokenEndpointPath         = new PathString("/token"),
                AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(30),
                Provider             = new SimpleAuthorizationServerProvider(),
                RefreshTokenProvider = new SimpleRefreshTokenProvider()
            };

            /* Geração do Token */
            app.UseOAuthAuthorizationServer(OAuthServerOptions);
            app.UseOAuthBearerAuthentication(OAuthBearerOptions);

            /* Configuração com Login Externo através do Google */
            googleAuthOptions = new GoogleOAuth2AuthenticationOptions()
            {
                ClientId     = "xxxxxx",
                ClientSecret = "xxxxxx",
                Provider     = new GoogleAuthProvider()
            };

            app.UseGoogleAuthentication(googleAuthOptions);

            /* Configuração com Login Externo através do Facebok */
            facebookAuthOptions = new FacebookAuthenticationOptions()
            {
                AppId     = "xxxxxx",
                AppSecret = "xxxxxx",
                Provider  = new FacebookAuthProvider()
            };

            app.UseFacebookAuthentication(facebookAuthOptions);
        }