OWIN OAuth 2.0 Authorization Server
2021-06-16 15:07
标签:style called inter overview https tutorial limit party tcl https://docs.microsoft.com/en-us/aspnet/aspnet/overview/owin-and-katana/owin-oauth-20-authorization-server The OAuth 2.0 framework enables a third-party app to obtain limited access to an HTTP service. Instead of using the resource owner‘s credentials to access a protected resource, the client obtains an access token (which is a string denoting a specific scope, lifetime, and other access attributes). Access tokens are issued to third-party clients by an authorization server with the approval of the resource owner. This tutorial will cover: // Summary: public Func OWIN OAuth 2.0 Authorization Server 标签:style called inter overview https tutorial limit party tcl 原文地址:https://www.cnblogs.com/chucklu/p/10346661.html
app.UseOAuthAuthorizationServer(new OAuthAuthorizationServerOptions
{Provider = new OAuthAuthorizationServerProvider
{
OnValidateClientRedirectUri = ValidateClientRedirectUri,
OnValidateClientAuthentication = ValidateClientAuthentication,
OnGrantResourceOwnerCredentials = GrantResourceOwnerCredentials,
OnGrantClientCredentials = GrantClientCredetails
}};
// Called when a request to the Token endpoint arrives with a "grant_type" of "client_credentials".
// This occurs when a registered client application wishes to acquire an "access_token"
// to interact with protected resources on it‘s own behalf, rather than on behalf
// of an authenticated user. If the web application supports the client credentials
// it may assume the context.ClientId has been validated by the ValidateClientAuthentication
// call. To issue an access token the context.Validated must be called with a new
// ticket containing the claims about the client application which should be associated
// with the access token. The application should take appropriate measures to ensure
// that the endpoint isn’t abused by malicious callers. The default behavior is
// to reject this grant type. See also http://tools.ietf.org/html/rfc6749#section-4.4.2
文章标题:OWIN OAuth 2.0 Authorization Server
文章链接:http://soscw.com/essay/94629.html