bearer-token

问题 I have an MVC client of .Net core which uses identityserver 4. Methods which returns view is protected by authorize attribute. But how to call web API (which is separate project running on different URL) with same authenticated data which MVC client has? Or will I have to authenticate again using oidc javascript client? Is there any way I can get bearer token from already authenticated MVC client to authorize my javascript client to access web API? 回答1: Get your access token in a MVC

问题 Is it possible define that ASP.NET Web API 2 bearer token that never expires? Any clue? 回答1: I don't think you can set it to never expire but you could certainly set a longer AccessTokenExpireTimeSpan : OAuthOptions = new OAuthAuthorizationServerOptions { TokenEndpointPath = new PathString("/Token"), Provider = new ApplicationOAuthProvider(PublicClientId, UserManagerFactory), AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"), AccessTokenExpireTimeSpan = TimeSpan.FromDays(14

问题 To sent and receive authorization bearer I did read this Correct way to set Bearer token with CURL and this How to properly use Bearer tokens? and here is my code: $url = "http://www.example.com/phpinfo.php"; $data = array('long_url' => 'http://www.google.com'); $ch = curl_init($url); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_HEADER, true); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS,

问题 I am trying to implement a Policy that is quite granular level. The idea is like in the image. Each entity has always the One-To-Many relation with the entity on the right. One Institution can have many Courses , each Course can have many Subjects , each Subject can have many Syllabus , etc... There are 3 Roles: Administrator , Contributor , Viewer If you have a Role in one of the top entities this role will be propagated to the rest bellow. E.g: If you are an Administrator of Course you are

问题 I am creating a Web Api application and I want to use bearer tokens for the user authentication. I implemented the token logic, following this post and everything seems to work fine. NOTE: I am not using the ASP.NET Identity Provider. Instead I have created a custom User entity and services for it. public class Startup { public void Configuration(IAppBuilder app) { ConfigureOAuth(app); var config = new HttpConfiguration(); var container = DependancyConfig.Register(); var dependencyResolver =

问题 I thought I had a pretty simple goal in mind when I set out a day ago to implement a self-contained bearer auth webapi on .NET core 2.0, but I have yet to get anything remotely working. Here's a list of what I'm trying to do: Implement a bearer token protected webapi Issue tokens & refresh tokens from an endpoint in the same project Use the [Authorize] attribute to control access to api surface Not use ASP.Net Identity (I have much lighter weight user/membership reqs) I'm totally fine with

问题 I have implemented security for my web api (individual accounts) as discussed here. I have hosted the website on godaddy (shared hosting) and its working fine. When I ask for token by using url "domain.com/token", I get the token with expiration date of within 15 days. I have set this in "StartupAuth.cs" using AccessTokenExpireTimeSpan = TimeSpan.FromDays(15) e.g.: { "access_token":"qwertyuiop.....", "token_type":"bearer", "expires_in":1209599, "userName":"user@example.com", ".issued":"Wed,

问题 I have implemented security for my web api (individual accounts) as discussed here. I have hosted the website on godaddy (shared hosting) and its working fine. When I ask for token by using url "domain.com/token", I get the token with expiration date of within 15 days. I have set this in "StartupAuth.cs" using AccessTokenExpireTimeSpan = TimeSpan.FromDays(15) e.g.: { "access_token":"qwertyuiop.....", "token_type":"bearer", "expires_in":1209599, "userName":"user@example.com", ".issued":"Wed,

问题 If I have a method that sends some data to an endpoint, I understand I should use a bearer token to authenticate this call, sent in the header of the request. Say my method that sends/receives data to/from the endpoint looks like this: public async Task<string> PostGetAsync() { var uri = new Uri("https://localhost:44322/endpoint"); using (var client = new HttpClient()) { var pairs = new List<KeyValuePair<string, string>> { new KeyValuePair<string, string>("Key", "Value") }; var content = new

问题 We are using App Service Authentication to protect a web API and using Google as authentication provider. It works as expected when we fire a request from a browser (when the session information is in the cookie) IIS log: 2016-05-29T13:51:19 PID[3600] Verbose Received request: GET https://XXXXXX.azurewebsites.net/api/user 2016-05-29T13:51:19 PID[3600] Verbose Found 'AppServiceAuthSession' cookie for site 'XXXXXX.azurewebsites.net'. Length: 728. 2016-05-29T13:51:19 PID[3600] Verbose