katana | 易学教程

Multiple cookies issue in OWIN security AuthenticationHandler

阅读更多关于 Multiple cookies issue in OWIN security AuthenticationHandler

问题 I am using Facebook Owin Authentication and more or less follow Microsoft sample. I am more or less following the First time user logs in, everything is ok. But if they sign out and try again, it seems like the previous .AspNet.Correlation.Facebook is not removed, but set to empty string. So my next call to api/getexternallogin looks like this in Fiddler: This is when we are generating a correlationId and having multiple cookies at this point is not a show stopper. In the response, I set it

register new middleware to OWIN pipeline at runtime without restart application

阅读更多关于 register new middleware to OWIN pipeline at runtime without restart application

问题 I have added all available middleware in OWIN Pipeline using Startup class to authenticate user in my project. It is working fine. But how can I add middleware to OWIN Pipeline after Startup at runtime. So that Admin can enter the details of new Authentication Server using UI and register new authentication server on demand without disturbing running application. 回答1: Actually, standard owin pipeline implementation is not designed to be modified during runtime. It has two lifetime phase: init

Converting HttpRequestMessage to OwinRequest and OwinResponse to HttpResponseMessage

阅读更多关于 Converting HttpRequestMessage to OwinRequest and OwinResponse to HttpResponseMessage

问题 I have a web API message handler MyHandler that I want to run in OWIN pipeline as a middleware. So configuring the handler like this. public class Startup { public void Configuration(IAppBuilder app) { app.UseHttpMessageHandler(new MyHandler()); HttpConfiguration config = new HttpConfiguration(); config.Routes.MapHttpRoute( "DefaultWebApi", "{controller}/{id}", new { id = RouteParameter.Optional }); app.UseWebApi(config); } } Handler is very simple and does nothing. public class MyHandler :

Lifetime of Refresh Tokens with Katana OAuthAuthorizationServer

阅读更多关于 Lifetime of Refresh Tokens with Katana OAuthAuthorizationServer

问题 From the source code sandbox Webserver, refresh tokens was done like this: RefreshTokenProvider = new AuthenticationTokenProvider { OnCreate = CreateRefreshToken, OnReceive = ReceiveRefreshToken, } private void CreateRefreshToken(AuthenticationTokenCreateContext context) { context.SetToken(context.SerializeTicket()); } private void ReceiveRefreshToken(AuthenticationTokenReceiveContext context) { context.DeserializeTicket(context.Token); } This create refresh tokens that have the same lifetime

Override error code on AuthorizationCodeProvider.Create

阅读更多关于 Override error code on AuthorizationCodeProvider.Create

问题 This question is about the implementation of the Authorization Code flow using Owin in Asp.net Wep Api. I was trying to handle some error that might happen on my AuthorizationCode code creation. Apparently I can't redirect my self to the Client Redirect URI with he correct error code which is "server_error" The following is my code : private static void CreateAuthorizationCode(AuthenticationTokenCreateContext context) { try { //Some Code to create and save the AuthorizationCode that can throw

Infinite re-direct loop after AAD Authentication when redirect is specified

阅读更多关于 Infinite re-direct loop after AAD Authentication when redirect is specified

问题 If I specify a redirect URI in my OpenIdConnectAuthenticationOptions like so app.UseOpenIdConnectAuthentication( new OpenIdConnectAuthenticationOptions { ClientId = clientId, Authority = Authority, PostLogoutRedirectUri = postLogoutRedirectUri, RedirectUri = redirectUri, Notifications = new OpenIdConnectAuthenticationNotifications() { AuthenticationFailed = context => { context.HandleResponse(); context.Response.Redirect("/Error?message=" + context.Exception.Message); return Task.FromResult(0

OWIN middleware gets called more times than expected, what am I missing?

阅读更多关于 OWIN middleware gets called more times than expected, what am I missing?

问题 I am testing OWIN middleware and wrote the following middleware class. But strangely, I see that this middleware is called about four times in total when I request a URL without any path ( localhost:<port> ). However when I call localhost:<port>/welcome.htm or when I call localhost:<port>/default.htm it is only called once as expected. What am I missing? public class MyMiddleware : OwinMiddleware { public MyMiddleware(OwinMiddleware next) : base(next) { } public override async Task Invoke

Unable to run an asp.net 4.5 app on xsp on Mono 3

阅读更多关于 Unable to run an asp.net 4.5 app on xsp on Mono 3

问题 I've build Mono 3.0.2 from source (tarball), and built XSP from both the latest tarball and the latest on Github, but I'm unable to run a relatively simple asp.net app using .net 4.5 because it sees 'targetFramework="4.5"' in the web.config as invalid. Building the app, and running a console .net 4.5 app works just fine. This is the web.config in question: <?xml version="1.0"?> <!-- For more information on how to configure your ASP.NET application, please visit http://go.microsoft.com/fwlink/

Owin self-host - Failed to listen on prefix 'http://localhost:12345/' because it conflicts with an existing registration on the machine

阅读更多关于 Owin self-host - Failed to listen on prefix 'http://localhost:12345/' because it conflicts with an existing registration on the machine

问题 I'm trying to self-host a simple WebAPI: public class AccountViewApplication { protected IDisposable WebApplication; public void Start() { WebApplication = WebApp.Start<WebPipeline>("http://myhost.mymachine.me:12345"); new AccountViewApplication().Start(); } public void Stop() { WebApplication.Dispose(); } } The first time I run this, it starts to listen just fine, but the next time that I try - I get this: Failed to listen on prefix 'http://myhost.mymachine.me:12345/' because it conflicts

Infinite re-direct loop after AAD Authentication when redirect is specified

阅读更多关于 Infinite re-direct loop after AAD Authentication when redirect is specified

If I specify a redirect URI in my OpenIdConnectAuthenticationOptions like so app.UseOpenIdConnectAuthentication( new OpenIdConnectAuthenticationOptions { ClientId = clientId, Authority = Authority, PostLogoutRedirectUri = postLogoutRedirectUri, RedirectUri = redirectUri, Notifications = new OpenIdConnectAuthenticationNotifications() { AuthenticationFailed = context => { context.HandleResponse(); context.Response.Redirect("/Error?message=" + context.Exception.Message); return Task.FromResult(0); } } }); Then I get an infinite re-direct loop. This only happens though when i put it on and