owin-middleware

How to get AD access token and pass it to web api controller?

孤街醉人 提交于 2021-02-11 17:43:00
问题 How to get AD access token from login.microsoftonline.com and pass access token to web api controller? as I need "access token" as such to pass on to another partner company website url via post request. Below code doing AAD authentication as expected but also I need "access token" as such, public void ConfigureServices(IServiceCollection services) { services.Configure<CookiePolicyOptions>(options => { // This lambda determines whether user consent for non-essential cookies is needed for a

Why use OWIN TestServer?

点点圈 提交于 2021-02-07 12:53:52
问题 This article shows how to host an entire web API stack in memory for testing using OWIN: http://www.davidwhitney.co.uk/Blog/2015/01/07/testing-an-asp-net-webapi-app-in-memory/ Whereas this article shows using the OWIN TestServer to unit test controllers: https://blog.jcorioland.io/archives/2014/04/01/using-owin-to-test-your-web-api-controllers.html The difference I see is between the use of TestServer.Create and WebApp.Start<Startup> What is the key difference and why would you choose one

Hosting WebAPI using OWIN not working when adding the add the firewall allowed apps

血红的双手。 提交于 2020-04-30 06:33:05
问题 I have a ASP.net web api OWIN based self-host application running Windows Service. I set the base address to `http://hostname.domainName:8099' and this app is running fine for the machine where I am hosting this application. Now from another network machine this url is NOT accessible. The solution I tried is adding an inbound rule for port 8099 and it's working fine. :) Now I came to know on 2nd approach that I can add the executable .exe file to the list of allowed apps in Windows Firewall

Automatic code( authorization code ) redemption using latest version of Katana DLLs in openId authorization code flow

百般思念 提交于 2020-02-07 01:58:10
问题 From the recent release and conversation below, it says that now Katana(4.1.0) supports code-flow with automatic code redemption(that meaning we do not have call tokenendpoint explicitly to redeem the code for idtoken, accesstoken etc) https://github.com/aspnet/AspNetKatana/pull/297 so, I've upgraded Katana dlls and have p Notifications = new OpenIdConnectAuthenticationNotifications() { RedirectToIdentityProvider = OnRedirectToIdentityProvider, //MessageReceived = OnMessageReceived, --

Owin.TestServer To Test a Middleware that Requires Authentication

风格不统一 提交于 2020-01-05 11:26:57
问题 I have a middleware method that requires context.Authentication.User.Identity.Name to be resolved for proper execution. However, when writing a unit test these properties are obviously null as no sign-in has occurred. I am not using Oauth or anything authentication related in this middleware (beyond the obvious name property), as it should be handled elsewhere in another middleware (to promote re-use/flexibility of the component I am developing). Is there a way to mock/fake this value so I

Middleware to set response ContentType

穿精又带淫゛_ 提交于 2020-01-01 04:07:26
问题 In our ASP.NET Core based web application, we want the following: certain requested file types should get custom ContentType's in response. E.g. .map should map to application/json . In "full" ASP.NET 4.x and in combination with IIS it was possible to utilize web.config <staticContent>/<mimeMap> for this and I want to replace this behavior with a custom ASP.NET Core middleware. So I tried the following (simplified for brevity): public async Task Invoke(HttpContext context) { await

Bad Request (400) when using Web API Token Authentication from Angular JS

痞子三分冷 提交于 2019-12-30 09:37:40
问题 I want to establish Web API Token Authentication with Angular JS as client. I am very new to this concept of Token Authentication inside Web API. I do not want to use ASP.NET Identity default tables to add or authenticate user. I have my own database and a table called "EmployeeAccess" table which contains EmployeeNumber as User Id and Password. I want to authenticate the users against the values in this table and then want to grant token so that they gets authorized for subsequent call. I

OwinMiddleware implementation in Resource Server suppresses Token validation

大城市里の小女人 提交于 2019-12-25 14:47:45
问题 I have set up my Resource Server (Web Api 2) to validate JWT token for incoming requests. The JWT token is issued by Auth0 and my client pass it to my web api. This all works fine and raises 401 response if Issuer, Audience or Expiry date is not valid. When I add my custom middleware derived from OwinMiddleware it suppresses token validation logic and I get 200 response for invalid requests. public class Startup { public void Configuration(IAppBuilder app) { var issuer = "my issuer"; var

Why is owin middleware created a second time after the HttpRequest ended

痴心易碎 提交于 2019-12-22 12:32:40
问题 After a question as per why the ApplicationDbContext from Asp.Net Identity is created and disposed twice per Request I did some research why this would happen. I found that the ApplicationDbContext is actualy created once per HttpRequest but when using the Owin pipeline the Owin Middleware will be created a second time after the HttpRequest has ended. Because of this the ApplicationDbContext is indeed created for a second time when a user clicks one link giving the impression that the object