owin-middleware

“Message”: “Authorization has been denied for this request.” OWIN middleware

谁说我不能喝 提交于 2019-12-11 00:27:47
问题 I added Token based authentication to my OWIN middleware and can generate the token. But while using, the token for an API call with Authorize attribute I always get "Authorization has been denied for this request." It works fine though without Authorize attribute. Here is my startup.cs and controller method. Any thoughts , what is wrong? startup.cs public void Configuration(IAppBuilder app) { var issuer = ConfigurationManager.AppSettings["issuer"]; var secret = TextEncodings.Base64Url.Decode

Web Api 2 get controller and action name in OWIN middleware?

那年仲夏 提交于 2019-12-10 20:45:25
问题 How can I retrieve the api controller name and api action name inside a piece of custom OWIN middleware? I can do it inside of a message handler like so: var config = request.GetConfiguration(); var routeData = config.Routes.GetRouteData(request); var controllerContext = new HttpControllerContext(config, routeData, request); request.Properties[HttpPropertyKeys.HttpRouteDataKey] = routeData; controllerContext.RouteData = routeData; var controllerDescriptor = new DefaultHttpControllerSelector

Branching ASP.NET Core Pipeline Authentication

試著忘記壹切 提交于 2019-12-10 20:11:55
问题 My application is currently using Basic authentication but I want to transition to OAuth, so there will be a short period where both types of authentication need to be used. Is there some way to branch my ASP.NET Core pipeline like so: public void Configure(IApplicationBuilder application) { application .Use((context, next) => { if (context.Request.Headers.ContainsKey("Basic")) { // Basic } else if (context.Request.Headers.ContainsKey("Authorization")) { // OAuth } return next(); })

Why does the order of auth middleware declaration matter in Owin Startup class?

廉价感情. 提交于 2019-12-10 04:35:23
问题 I read some examples(1,2,3,4) about setting up authentication in the owin pipeline when using web api and the examples declare the authentication middleware as the first middleware in the Configuration method but doesn't tell why it needs to be first. In this question the auther had the webapi middleware attached before the authentication middleware and then the authentication didn't work correctly. When the auther moved it to the top of the method then everything work as expected.. Does

Add claims with Owin Middleware

[亡魂溺海] 提交于 2019-12-10 03:34:15
问题 Is it possible with an Owin Middleware implementation to add claims prior to the execution of a Web API controller? Created an OwinMiddleware implementation and added an identity: var id = new ClaimsIdentity(); id.AddClaim(new Claim("Whatever", "is possible")); context.Authentication.User.AddIdentity(id); await Next.Invoke(context); However, even this Invoke method call the identities are not updated (just the internal claims array). And the controller when executed of course never gets the

Can I add a new scoped service within a custom middleware?

倖福魔咒の 提交于 2019-12-08 02:15:00
问题 I'm using WebApi in Asp .Net Core and I'm wondering if/how I can add a new scoped service that all following middleware and controllers can get access to through dependency injection? Or should I share state with HttpContext.Items instead? That doesn't seem to be what it is intended for since HttpContext isn't available at all in a WebApi-controller? If neither HttpContext or DI is the right tool for this, then how can I propagate state in the request-pipeline without having it already

Can I add a new scoped service within a custom middleware?

烂漫一生 提交于 2019-12-06 09:27:54
I'm using WebApi in Asp .Net Core and I'm wondering if/how I can add a new scoped service that all following middleware and controllers can get access to through dependency injection? Or should I share state with HttpContext.Items instead? That doesn't seem to be what it is intended for since HttpContext isn't available at all in a WebApi-controller? If neither HttpContext or DI is the right tool for this, then how can I propagate state in the request-pipeline without having it already created from the beginning? First add your scoped service in your ConfigureServices(IServiceCollection

Asp.net Web API 2 and mixed Authentication using both Integrated Windows and Token based

此生再无相见时 提交于 2019-12-05 22:16:07
I have an asp.net Web API server running under IIS, that until now has used windows authentication as it has only had other services running on the same domain conencting to it. So, in my web.config I have the following settings... <system.web> <compilation debug="true" targetFramework="4.5.1" /> <httpRuntime targetFramework="4.5.1" /> <authentication mode="Windows" /> </system.web> <system.webServer> <security> <authentication> <windowsAuthentication enabled="true" /> </authentication> </security> .... With this I can use a browser (or the services) on the same domain and reach my services.

Why does the order of auth middleware declaration matter in Owin Startup class?

这一生的挚爱 提交于 2019-12-05 09:45:10
I read some examples( 1 , 2 , 3 , 4 ) about setting up authentication in the owin pipeline when using web api and the examples declare the authentication middleware as the first middleware in the Configuration method but doesn't tell why it needs to be first. In this question the auther had the webapi middleware attached before the authentication middleware and then the authentication didn't work correctly. When the auther moved it to the top of the method then everything work as expected.. Does anyone know why the authentication middleware needs to be added as the first middleware in the

Add claims with Owin Middleware

旧巷老猫 提交于 2019-12-05 03:19:07
Is it possible with an Owin Middleware implementation to add claims prior to the execution of a Web API controller? Created an OwinMiddleware implementation and added an identity: var id = new ClaimsIdentity(); id.AddClaim(new Claim("Whatever", "is possible")); context.Authentication.User.AddIdentity(id); await Next.Invoke(context); However, even this Invoke method call the identities are not updated (just the internal claims array). And the controller when executed of course never gets the new dummy claim. Ideas? You may find useful inheriting from Authorizate Attribute and extending it to
订阅 owin-middleware