使用自定义 AuthorizeFilter ASP.NET Web API 验证客户端应用程序
Validate Client Application With Custom AuthorizeFilter ASP.NET Web API
我能够通过
验证所有请求
GlobalConfiguration.Configuration.Filters.Add(new Results.ClientAppAuthorization());
下面的代码除外
OAuthOptions = new OAuthAuthorizationServerOptions
{
TokenEndpointPath = new PathString("/Token"),
Provider = new ApplicationOAuthProvider(PublicClientId),
AuthorizeEndpointPath = new PathString("/ExternalLogin"),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
// In production mode set AllowInsecureHttp = false
AllowInsecureHttp = true
};
我希望能够在继续请求令牌之前使用 [ClientAppAuthorization] 验证客户端应用程序
我认为您应该自定义 OAuthAuthorizationServerProvider 并覆盖 ValidateClientAuthentication,然后在 Startup 中的 OAuthAuthorizationServerOptions 上使用它,如下所示:
public class CustomOAuthProvider : OAuthAuthorizationServerProvider
{
public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
//here Implement your Custom validation
// check your validation conditions and if true call
context.Validated();
// and at end
return Task.FromResult<object>(null);
}
}
然后在启动时使用它
OAuthOptions = new OAuthAuthorizationServerOptions
{
TokenEndpointPath = new PathString("/Token"),
//change here
Provider = new CustomOAuthProvider(),
//hange above line
AuthorizeEndpointPath = new PathString("/ExternalLogin"),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
// In production mode set AllowInsecureHttp = false
AllowInsecureHttp = true
};
我能够通过
验证所有请求 GlobalConfiguration.Configuration.Filters.Add(new Results.ClientAppAuthorization());
下面的代码除外
OAuthOptions = new OAuthAuthorizationServerOptions
{
TokenEndpointPath = new PathString("/Token"),
Provider = new ApplicationOAuthProvider(PublicClientId),
AuthorizeEndpointPath = new PathString("/ExternalLogin"),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
// In production mode set AllowInsecureHttp = false
AllowInsecureHttp = true
};
我希望能够在继续请求令牌之前使用 [ClientAppAuthorization] 验证客户端应用程序
我认为您应该自定义 OAuthAuthorizationServerProvider 并覆盖 ValidateClientAuthentication,然后在 Startup 中的 OAuthAuthorizationServerOptions 上使用它,如下所示:
public class CustomOAuthProvider : OAuthAuthorizationServerProvider
{
public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
//here Implement your Custom validation
// check your validation conditions and if true call
context.Validated();
// and at end
return Task.FromResult<object>(null);
}
}
然后在启动时使用它
OAuthOptions = new OAuthAuthorizationServerOptions
{
TokenEndpointPath = new PathString("/Token"),
//change here
Provider = new CustomOAuthProvider(),
//hange above line
AuthorizeEndpointPath = new PathString("/ExternalLogin"),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
// In production mode set AllowInsecureHttp = false
AllowInsecureHttp = true
};