owin

Return error on invalid or expired token

旧街凉风 提交于 2020-04-08 09:11:16
问题 I'm trying to implement OAuth Bearer Authentication with Owin. When an invalid or expired token is passed, the default implementation is to log this as a warning and just don't set an Identity. I however would like to reject the whole request with an error in this case. But how would I do this? After digging through the code I found out that in OAuthBearerAuthenticationHandler it will parse the token using a fallback mechanism when the provided AuthenticationTokenProvider did not parse any

ASP.NET MVC 随想录——探索ASP.NET Identity 身份验证和基于角色的授权,中级篇

安稳与你 提交于 2020-03-23 07:52:26
在 前一篇 文章中,我介绍了ASP.NET Identity 基本API的运用并创建了若干用户账号。那么在本篇文章中,我将继续ASP.NET Identity 之旅,向您展示如何运用ASP.NET Identity 进行身份验证(Authentication)以及联合ASP.NET MVC 基于角色的授权(Role-Based Authorization)。 本文的示例,你可以在此下载和预览: 点此进行预览 点此下载示例代码 探索身份验证与授权 在这一小节中,我将阐述和证明ASP.NET 身份验证和授权的工作原理和运行机制,然后介绍怎样使用Katana Middleware 和 ASP.NET Identity 进行身份验证。 1. 理解ASP.NET 表单身份验证与授权机制 谈到身份验证,我们接触的最多的可能就是表单身份验证(Form-based Authentication)。为了更好的去理解ASP.NET 表单身份验证与授权机制,我搬出几年前的一张旧图,表示HttpApplication 19个事件,它们分别在HttpModule 中被注册,这又被称为ASP.NET 管道(Pipeline)事件。通俗的讲,当请求到达服务器时,ASP.NET 运行时会依次触发这些事件: 身份验证故名思义,验证的是用户提供的凭据(Credentials)。一旦验证通过

Hw to pass arguments to my own Startup class?

拟墨画扇 提交于 2020-03-17 05:31:51
问题 I'm trying to develop a web api self hosting app using OWIN. In my own XyzStartup class, I need an external argument: contentFolderPath. However, I didn't find a way to pass this argument. Here is my code below: var contentFolderPath = this.TextBox.Text; // user input var startOptions = new StartOptions(); using(WebApp.Start<XyzStartup>(startOptions)){ } My startup public class XyzStartup { XyzStartup(string contentFolderPath) { ... } } I noticed there is a StartOption class, but don't how to

WAAD doesn't refresh access token from javascript

谁说我不能喝 提交于 2020-02-25 23:09:05
问题 For applications that authenticate users with Windows Azure Active Directory(WAAD), unable to refresh token from javascript. All the resources are protected by Authorize attribute makes calls to login.windows.net/{0} if token is expired. If the request is from page load it works as expected but if the request is from javascript ajax call it is unable make call to login.windows.net/{0}. It returns with status 302 and message XMLHttpRequest cannot load https://login.windows.net/xxx. No 'Access

How do I use Owin Katana Logger

∥☆過路亽.° 提交于 2020-02-25 03:07:06
问题 I see in files like this within the Microsoft Owin projects a logger is being called https://github.com/aspnet/AspNetKatana/blob/dev/src/Microsoft.Owin.Security.OpenIdConnect/OpenidConnectAuthenticationHandler.cs Can anyone tell me how I activate it to actually start writing logs somewhere that I can read? 回答1: By default Katana uses the TraceSource mechanism in .NET for logging. Add the following snippet to your config file to enable logging to a file: <system.diagnostics> <trace autoflush=

MVC with Owin JWT Identity

江枫思渺然 提交于 2020-02-21 01:46:22
问题 I am trying to figure out how to get the claim out of my token. I will try an keep the explanation short I have an HTML page that does a post to my web api, does and auth check and returns an JWT token when i get the token back i want to send it to different url, and the way i am doing it is using a querystring. I know i can use cookies but for this app we dont want to use them. So if my url looks like this http://somedomain/checkout/?token=bearer token comes here I am using Owin middleware

MVC with Owin JWT Identity

老子叫甜甜 提交于 2020-02-21 01:45:29
问题 I am trying to figure out how to get the claim out of my token. I will try an keep the explanation short I have an HTML page that does a post to my web api, does and auth check and returns an JWT token when i get the token back i want to send it to different url, and the way i am doing it is using a querystring. I know i can use cookies but for this app we dont want to use them. So if my url looks like this http://somedomain/checkout/?token=bearer token comes here I am using Owin middleware

Automatic code( authorization code ) redemption using latest version of Katana DLLs in openId authorization code flow

百般思念 提交于 2020-02-07 01:58:10
问题 From the recent release and conversation below, it says that now Katana(4.1.0) supports code-flow with automatic code redemption(that meaning we do not have call tokenendpoint explicitly to redeem the code for idtoken, accesstoken etc) https://github.com/aspnet/AspNetKatana/pull/297 so, I've upgraded Katana dlls and have p Notifications = new OpenIdConnectAuthenticationNotifications() { RedirectToIdentityProvider = OnRedirectToIdentityProvider, //MessageReceived = OnMessageReceived, --

AspNet Identity RequireUniqueEmail = false throws exception on CreateAsync

六眼飞鱼酱① 提交于 2020-02-06 07:54:29
问题 I initialize UserValidator of the UserManager with RequireUniqueEmail=false , the validator accepts duplicate emails for sure (tried to inherit it and override the ValidateAsync() method). However, when I try to create another user with a unique UserName but with an Email that already exists in the AspNetUsers table, CreateAsync() throws Validation failed for one or more entities. See 'EntityValidationErrors' property for more details. There is just one validation error: Email myemail@email

AspNet Identity RequireUniqueEmail = false throws exception on CreateAsync

拟墨画扇 提交于 2020-02-06 07:54:25
问题 I initialize UserValidator of the UserManager with RequireUniqueEmail=false , the validator accepts duplicate emails for sure (tried to inherit it and override the ValidateAsync() method). However, when I try to create another user with a unique UserName but with an Email that already exists in the AspNetUsers table, CreateAsync() throws Validation failed for one or more entities. See 'EntityValidationErrors' property for more details. There is just one validation error: Email myemail@email
订阅 owin