WebApi使用Token(OAUTH 2.0方式)
2021-01-27 15:13
标签:accounts lis src 授权 添加引用 地址 asp creat convert 1.在项目中添加引用 Microsoft.AspNet.WebApi.Owin Microsoft.Owin.Host.SystemWeb Microsoft.Owin.Security.OAuth Microsoft.Owin.Security.Cookies Microsoft.AspNet.Identity.Owin Microsoft.Owin.Cors 2.新建Startup类 3.OAuth身份认证,新建SimpleAuthorizationServerProvider类 4.新建SimpleRefreshTokenProvider类 5.在要加验证的接口上加上[Authorize]标记 6.传入参数,获取token 7.传入access_token 参考原文地址:https://www.cnblogs.com/lnice/p/6857203.html WebApi使用Token(OAUTH 2.0方式) 标签:accounts lis src 授权 添加引用 地址 asp creat convert 原文地址:https://www.cnblogs.com/huangtaiyi/p/11929234.html public class Startup
{
public void Configuration(IAppBuilder app)
{
ConfigAuth(app);
HttpConfiguration config = new HttpConfiguration();
WebApiConfig.Register(config);
app.UseCors(CorsOptions.AllowAll);
app.UseWebApi(config);
}
public void ConfigAuth(IAppBuilder app)
{
OAuthAuthorizationServerOptions option = new OAuthAuthorizationServerOptions()
{
AllowInsecureHttp = true,
TokenEndpointPath = new PathString("/token"), //获取 access_token 授权服务请求地址
AccessTokenExpireTimeSpan = TimeSpan.FromDays(1), //access_token 过期时间
Provider = new SimpleAuthorizationServerProvider(), //access_token 相关授权服务
RefreshTokenProvider = new SimpleRefreshTokenProvider() //refresh_token 授权服务
};
app.UseOAuthAuthorizationServer(option);
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
}
}
public class SimpleAuthorizationServerProvider : OAuthAuthorizationServerProvider
{
public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
context.Validated();
return Task.FromResultobject>(null);
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });
//验证用户名密码
AccountService accService = new AccountService();
string md5Pwd = LogHelper.MD5CryptoPasswd(context.Password);
IListobject[]> ul = accService.Login(context.UserName, md5Pwd);
if (ul.Count() == 0)
{
context.SetError("invalid_grant", "The username or password is incorrect");
return;
}
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
identity.AddClaim(new Claim("sub", context.UserName));
identity.AddClaim(new Claim("role", "user"));
context.Validated(identity);
}
}
public class SimpleRefreshTokenProvider : AuthenticationTokenProvider
{
private static ConcurrentDictionarystring, string> _refreshTokens = new ConcurrentDictionarystring, string>();
///
[Authorize]
public class DefaultController : ApiController
{
[HttpPost]
public string getPost()
{
return JsonConvert.SerializeObject(new { state = 1, msg = "ok" });
}
[HttpGet]
[AllowAnonymous]
public string validatePass(string name)
{
return JsonConvert.SerializeObject(new { state = 2, msg = "validatePass_ok" });
}
}