asp.net-web-api2

Yes, I know what you are thinking - yet another CORS question, but this time I'm stumped. So to start off, the actual error message: XMLHttpRequest cannot load http://localhost/Foo.API/token . The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include' . Origin ' http://localhost:5000 ' is therefore not allowed access. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute. I'm not sure what is meant by credentials mode is 'include' ? So when I

I have created a WebApi and a Cordova application. I am using HTTP requests to communicate between the Cordova application and the WebAPI. In the WebAPI, I've implemented OAuth Bearer Token Generation. public void ConfigureOAuth(IAppBuilder app) { var oAuthServerOptions = new OAuthAuthorizationServerOptions { AllowInsecureHttp = true, TokenEndpointPath = new PathString("/token"), AccessTokenExpireTimeSpan = TimeSpan.FromDays(1), Provider = new SimpleAuthorizationServerProvider(new UserService(new Repository<User>(new RabbitApiObjectContext()), new EncryptionService())) }; // Token Generation

This question already has an answer here: Serialize object to JSON that already contains one JSON property 2 answers I'm using Newtonsoft Json serialization (with Web API 2). One of the public properties on my class is a String that holds JSON data. I'd like to serialize my class, and include this public property, but I don't want the serializer to process/modify the contents of this string. Is there any way I can include this property, but not mess with its contents? You could make a JsonConverter to write the raw value of the string property to the output without changing it. You take

I have implemented security for my web api (individual accounts) as discussed here . I have hosted the website on godaddy (shared hosting) and its working fine. When I ask for token by using url "domain.com/token", I get the token with expiration date of within 15 days. I have set this in "StartupAuth.cs" using AccessTokenExpireTimeSpan = TimeSpan.FromDays(15) e.g.: { "access_token":"qwertyuiop.....", "token_type":"bearer", "expires_in":1209599, "userName":"user@example.com", ".issued":"Wed, 11 Feb 2015 01:00:00 GMT", ".expires":"Thu, 26 Feb 2015 01:00:00 GMT" } (I put values in above code,

I would like to be able to modify the filter inside the controller and then return the data based on the altered filter. So for I have an ODataQueryOptions parameter on the server side that I can use to look at the FilterQueryOption. Let's assume the filter is something like this "$filter=ID eq -1" but on the server side if I see "-1" for an ID this tells me that the user wants to select all records. I tried to change the "$filter=ID eq -1" to "$filter=ID ne -1" which would give me all by setting the Filter.RawValue but this is read only. I tried to create a new FilterQueryOption but this

I'm doing some research for work with a view to using Bearer tokens as an authentication mechanism (i.e. AngularJS UI, authenticates via OWIN in a Web API [2] project). I have the login working fine, role information and all that is fine, but I cannot get the token to logout. My startup configuration is this: OAuthOptions = new OAuthAuthorizationServerOptions() { TokenEndpointPath = new PathString("/Token"), Provider = new ApplicationOAuthProvider(PublicClientId), AccessTokenExpireTimeSpan = SESSION_TIMEOUT, AllowInsecureHttp = true }; And my logout action is simply this: public