public void Configuration(IAppBuilder app) { dependencyResolver.Register(this.GetType().Assembly); var oAuthAuthorizationServerProvider = new OAuthAuthorizationServerProvider() { OnValidateClientAuthentication = async c => await this.ValidateClientAuthentication(c), OnGrantResourceOwnerCredentials = async c => await this.GrantResourceOwnerCredentials(c), }; var oAuthAuthorizationServerOptions = new OAuthAuthorizationServerOptions { TokenEndpointPath = new PathString(this.GetTokenEndpointPath()), Provider = oAuthAuthorizationServerProvider, AllowInsecureHttp = true, }; app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions()); //app.UseOAuthAuthorizationServer(oAuthAuthorizationServerOptions); app.UseConfiguration(dependencyResolver); dependencyResolver.Resolve <HttpConfiguration>() .EnableSwagger(c => c.SingleApiVersion("v1", "PhoneChoiceHelper API")) .EnableSwaggerUi(); dependencyResolver.Resolve <HttpConfiguration>() .Count() .Filter() .OrderBy() .Expand() .Select() .MaxTop(null) .EnableDependencyInjection(); ; }
private void LookupClient(OAuthAuthorizationServerProvider provider, string knownClientId, string knownClientSecret, string knownRedirectUri) { provider.OnValidateClientRedirectUri = ctx => { LastLookupClientId = ctx.ClientId; if (string.Equals(ctx.ClientId, knownClientId, StringComparison.Ordinal)) { ctx.Validated(knownRedirectUri); } return(Task.FromResult(0)); }; provider.OnValidateClientAuthentication = ctx => { string clientId; string clientSecret; if (ctx.TryGetBasicCredentials(out clientId, out clientSecret) || ctx.TryGetFormCredentials(out clientId, out clientSecret)) { LastLookupClientId = clientId; if (string.Equals(clientId, knownClientId, StringComparison.Ordinal) && string.Equals(clientSecret, knownClientSecret, StringComparison.Ordinal)) { ctx.Validated(clientId); } } return(Task.FromResult(0)); }; }
//OAuth身份验证 public static void OAuth(IAppBuilder app) { var oauthProvider = new OAuthAuthorizationServerProvider { OnGrantResourceOwnerCredentials = async context => { if (context.UserName == "rranjan" && context.Password == "password@123") { var claimsIdentity = new ClaimsIdentity(context.Options.AuthenticationType); claimsIdentity.AddClaim(new Claim("user", context.UserName)); claimsIdentity.AddClaim(new Claim(ClaimTypes.Name, context.UserName)); claimsIdentity.AddClaim(new Claim(ClaimTypes.Role, "ApiUser")); claimsIdentity.AddClaim(new Claim(ClaimTypes.UserData, "{Name:'User',Age:12}")); context.Validated(claimsIdentity); return; } context.Rejected(); }, OnValidateClientAuthentication = async context => { string clientId; string clientSecret; if (context.TryGetBasicCredentials(out clientId, out clientSecret)) { if (clientId == "rajeev" && clientSecret == "secretKey") { context.Validated(); } } else if (context.TryGetFormCredentials(out clientId, out clientSecret)) { if (clientId == "rajeev" && clientSecret == "secretKey") { context.Validated(); } } //context.Validated(); } }; var oauthOptions = new OAuthAuthorizationServerOptions { AllowInsecureHttp = true, TokenEndpointPath = new PathString("/accesstoken"), Provider = oauthProvider, AuthorizationCodeExpireTimeSpan = TimeSpan.FromMinutes(1), AccessTokenExpireTimeSpan = TimeSpan.FromHours(3), SystemClock = new SystemClock() }; app.UseOAuthAuthorizationServer(oauthOptions); app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions()); }
private static void ConfigureAuth(IAppBuilder app, OAuthAuthorizationServerProvider oAuthServerProvider) { var oAuthOptions = new OAuthAuthorizationServerOptions { TokenEndpointPath = new PathString("/Token"), Provider = oAuthServerProvider, AccessTokenExpireTimeSpan = TimeSpan.FromDays(14), // Only do this for demo!! AllowInsecureHttp = true }; app.UseOAuthAuthorizationServer(oAuthOptions); app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions()); }
public void Configuration(IAppBuilder app) { var oauthProvider = new OAuthAuthorizationServerProvider { OnGrantResourceOwnerCredentials = async context => { if (context.UserName == "xyz" && context.Password == "xyz@123") { var claimsIdentity = new ClaimsIdentity(context.Options.AuthenticationType); claimsIdentity.AddClaim(new Claim("user", context.UserName)); context.Validated(claimsIdentity); return; } context.Rejected(); }, OnValidateClientAuthentication = async context => { string clientId; string clientSecret; if (context.TryGetBasicCredentials(out clientId, out clientSecret)) { if (clientId == "xyz" && clientSecret == "secretKey") { context.Validated(); } } } }; var oauthOptions = new OAuthAuthorizationServerOptions { AllowInsecureHttp = true, TokenEndpointPath = new PathString("/accesstoken"), Provider = oauthProvider, AuthorizationCodeExpireTimeSpan = TimeSpan.FromMinutes(1), AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(3), SystemClock = new SystemClock() }; app.UseOAuthAuthorizationServer(oauthOptions); app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions()); var config = new HttpConfiguration(); config.MapHttpAttributeRoutes(); app.UseWebApi(config); }
public void Configuration(IAppBuilder app) { var provider = new OAuthAuthorizationServerProvider { OnValidateClientAuthentication = ctx => { ctx.Validated(); return(Task.FromResult(0)); }, OnGrantResourceOwnerCredentials = ctx => { if (ctx.UserName == "maurice" && ctx.Password == "pass") { var identity = new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, ctx.UserName) }, "password"); ctx.Validated(identity); } return(Task.FromResult(0)); } }; var options = new OAuthAuthorizationServerOptions { TokenEndpointPath = new PathString("/token"), Provider = provider, AllowInsecureHttp = true // Never do this in production }; app.UseOAuthAuthorizationServer(options); var authenticationOptions = new OAuthBearerAuthenticationOptions(); app.UseOAuthBearerAuthentication(authenticationOptions); app.Map("/api", apiApp => { var config = new HttpConfiguration(); config.MapHttpAttributeRoutes(); config.SuppressDefaultHostAuthentication(); config.Filters.Add(new HostAuthenticationAttribute(authenticationOptions.AuthenticationType)); apiApp.UseWebApi(config); }); }
// For more information on configuring authentication, please visit http://go.microsoft.com/fwlink/?LinkId=301864 public void ConfigureAuth(IAppBuilder app) { // Enable the application to use a cookie to store information for the signed in user app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie, LoginPath = new PathString("/Account/Login") }); // Use a cookie to temporarily store information about a user logging in with a third party login provider app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie); // Uncomment the following lines to enable logging in with third party login providers //app.UseMicrosoftAccountAuthentication( // clientId: "", // clientSecret: ""); //app.UseTwitterAuthentication( // consumerKey: "", // consumerSecret: ""); //app.UseFacebookAuthentication( // appId: "", // appSecret: ""); #region ServerOAuth app.UseOAuthBearerAuthentication(new Microsoft.Owin.Security.OAuth.OAuthBearerAuthenticationOptions () { AuthenticationMode = Microsoft.Owin.Security.AuthenticationMode.Active, AuthenticationType = "Emad", Realm = "EHM" //anything }); var options = new Microsoft.Owin.Security.OAuth.OAuthAuthorizationServerOptions(); options.TokenEndpointPath = new PathString("/account/token"); options.AuthorizeEndpointPath = new PathString("/account/auth"); options.AllowInsecureHttp = true; //Don't do that!! always be on secure scheme, this is set to "true" for demo purposes var provider = new OAuthAuthorizationServerProvider(); provider.OnValidateClientRedirectUri = (context) => { return(Task.Run(() => { //Caution: this is not to validate that the uri is valid syntax wise, this is to validate it business wise. If this uri is not //valid syntax wise this entry will not be hit in the first place, and your authentication process will not work! context.Validated(); })); }; provider.OnValidateAuthorizeRequest = (context) => { return(Task.Run(() => { //Authorization validation here //Somewhere in the request you should create the identity and sign in with it, I put it here, it could be a page on your app? context.OwinContext.Authentication.SignIn(new System.Security.Claims.ClaimsIdentity("Bearer")); context.Validated(); })); }; provider.OnAuthorizeEndpoint = (context) => { return(Task.Run(() => { //This is the last chance to alter the request, you can either end it here using RequestCompleted and start resonding, //or you can let it go through to the subsequent middleware, //except that you have to make sure the response returns a 200, otherwise the whole thing will not work context.RequestCompleted(); var str = context.Options.AccessTokenFormat; })); }; provider.OnValidateClientAuthentication = (context) => { return(Task.Run(() => { //Client validation here context.Validated(); })); }; options.Provider = provider; AuthenticationTokenProvider authTokenProvider = new AuthenticationTokenProvider(); authTokenProvider.OnCreate = (context) => { //create a dummy token context.SetToken("MyTokenblablabla"); }; //This is called when a client is requesting with Authorization header and passing the token, like this "Authorization: Bearer jdksjkld" authTokenProvider.OnReceive = (context) => { //create dummy identity regardless of the validty of the token :) var claimsIdentity = new System.Security.Claims.ClaimsIdentity("Bearer"); claimsIdentity.AddClaim(new Claim("something", "Ahmad")); //This claim type "something" is used for protection from anti-forgery... //Check the Global.asax for "AntiForgeryConfig.UniqueClaimTypeIdentifier = "something";" //you can avoid setting this, but you have to use the default claims type. check http://bartwullems.blogspot.com.au/2013/09/aspnet-mvc-4-error-when-using-anti.html context.SetTicket(new Microsoft.Owin.Security.AuthenticationTicket(claimsIdentity, new Microsoft.Owin.Security.AuthenticationProperties { ExpiresUtc = new System.DateTimeOffset(2015, 3, 1, 1, 1, 1, new System.TimeSpan()), } )); }; options.AuthorizationCodeProvider = authTokenProvider; options.RefreshTokenProvider = authTokenProvider; options.AccessTokenProvider = authTokenProvider; app.UseOAuthBearerTokens(options); #endregion //app.UseGoogleAuthentication(); }
// For more information on configuring authentication, please visit http://go.microsoft.com/fwlink/?LinkId=301864 public void ConfigureAuth(IAppBuilder app) { var oauthProvider = new OAuthAuthorizationServerProvider { OnGrantResourceOwnerCredentials = async context => { if (context.UserName == "xyz" && context.Password == "xyz@123") { var claimsIdentity = new ClaimsIdentity(context.Options.AuthenticationType); claimsIdentity.AddClaim(new Claim("user", context.UserName)); context.Validated(claimsIdentity); return; } context.Rejected(); }, OnValidateClientAuthentication = async context => { string clientId; string clientSecret; if (context.TryGetBasicCredentials(out clientId, out clientSecret)) { if (clientId == "xyz" && clientSecret == "secretKey") { context.Validated(); } } } }; var oauthOptions = new OAuthAuthorizationServerOptions { AllowInsecureHttp = true, TokenEndpointPath = new PathString("/accesstoken"), Provider = oauthProvider, AuthorizationCodeExpireTimeSpan = TimeSpan.FromMinutes(1), AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(3), SystemClock = new SystemClock() }; app.UseOAuthAuthorizationServer(oauthOptions); app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions()); var config = new HttpConfiguration(); config.MapHttpAttributeRoutes(); app.UseWebApi(config); // // Configure the db context and user manager to use a single instance per request // app.CreatePerOwinContext(ApplicationDbContext.Create); // app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create); // // Enable the application to use a cookie to store information for the signed in user // // and to use a cookie to temporarily store information about a user logging in with a third party login provider // app.UseCookieAuthentication(new CookieAuthenticationOptions()); // app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie); // // Configure the application for OAuth based flow //// PublicClientId = "self"; // OAuthOptions = new OAuthAuthorizationServerOptions // { // TokenEndpointPath = new PathString("/Token"), // Provider = new ApplicationOAuthProvider(), // AuthorizeEndpointPath = new PathString("/api/SignProcess/Validateuser"), // AccessTokenExpireTimeSpan = TimeSpan.FromDays(1), // // In production mode set AllowInsecureHttp = false // AllowInsecureHttp = true // }; // // Enable the application to use bearer tokens to authenticate users // app.UseOAuthBearerTokens(OAuthOptions); // // Uncomment the following lines to enable logging in with third party login providers // //app.UseMicrosoftAccountAuthentication( // // clientId: "", // // clientSecret: ""); // //app.UseTwitterAuthentication( // // consumerKey: "", // // consumerSecret: ""); // //app.UseFacebookAuthentication( // // appId: "", // // appSecret: ""); // //app.UseGoogleAuthentication(new GoogleOAuth2AuthenticationOptions() // //{ // // ClientId = "", // // ClientSecret = "" // //}); }