katana

问题 I have an Asp.net webapi with JWT authentication using OWIN middle ware. My resource server and the authorization server are same. I am able to get the token from the token endpoint. ValidateClientAuthentication and GrantResourceOwnerCredentials methods are hit successfully. However when I try to access a protected(with [Authorize]) api (with authorization header set to bearer token) I only get "Authorization has been denied for this request". I have overridden ValidateAuthorizeRequest method

问题 I have a solution in VS2013 with the following setup: App.Web (Web Project with only static files) App.Web.API (Web API project with OWIN) Both the projects have a default url pointing to their own localhost:portX (I am using IIS Express), so App.Web is listening on localhost:2222 and APP.Web.API is listening on localhost:3333. I set up the App.Web.API to use OWIN and I added the package Microsoft.Owin.Host.SystemWeb for the autofire up in IIS. I put a breakpoint in the configuration method

问题 I have Microsoft.Owin.FileServer (v2.1.0) set up in my Owin pipeline, and setting up FileServerOptions with EnableDirectoryBrowsing = true works great for showing the directory contents in both my console host and iisexpress. It's when I try to view a particular file (so, the StaticFiles part) I have problems in iisexpress. Still works great in the console host, but in iisexpress I get a 404: HTTP Error 404.0 - Not Found The resource you are looking for has been removed, had its name changed,

问题 How can I reject An identity? My class inherits from OAuthBearerAuthenticationProvider and I have an override of ValidateIdentity? I have tried setting context.Rejected(); or context.SetError(); and throwing an exception but my controllers still get called. OAuthBearerAuthenticationHandler does call my class so I know I have the setup correct. my current failing code public void ConfigureAuth ( IAppBuilder app ) { // Enable the application to use a cookie to store information for the signed

问题 There are multiple question I have around self-hosting Self Hosting Nuget There are 2 nuget which provide self hosting : Microsoft.AspNet.WebApi.OwinSelfHost and Microsoft.AspNet.WebApi.SelfHost , so does microsoft have 2 implementation of self hosting?? or they are same?? Owin or Kitana the name of nuget is Microsoft.AspNet.WebApi.OwinSelfHost has OWIN, but as far as I read Owin is an interface and Kitana an implementation, what is the name of the nuget for implementation?? Hosting in

问题 What's the difference among app.use , app.run , app.map in Owin? When to use what? It's not straightforward when reading the documentation. 回答1: app.use inserts a middleware into the pipeline which requires you to call the next middleware by calling next.Invoke(). app.run inserts a middleware without a next, so it just runs. With app.map you can map paths, which get evaluated at runtime, per request, to run certain middleware only if the request path matches the pattern you mapped. See docs

问题 I am running the following code from Scott Allen's ASP.Net Fundamentals course using System; using Microsoft.Owin.Hosting; using Owin; namespace ConsoleApplication1 { class Program { static void Main(string[] args) { string uri = "http://localhost:8080"; using (WebApp.Start<Startup>(uri)) { Console.WriteLine("Started!"); Console.ReadKey(); Console.WriteLine("Stopping!"); } } } public class Startup { public void Configuration(IAppBuilder app) { app.UseWelcomePage(); //app.Run( // ctx => ctx

问题 Within my web application I have registered Google as a single sign-on provider: app.UseGoogleAuthentication(new GoogleOAuth2AuthenticationOptions { ClientId = "8765.......apps.googleusercontent.com", ClientSecret = "Secret" }) My app doesn't allow users to sign-up/register (instead their accounts are created by an administrator, but they can later link their account up with Google). In my "Sign in with Google" controller, I am trying to issue a Challenge() to redirect to Google. This might

问题 We have our own OpenID Connect Provider. We want to pass custom query parameter in Authentication request using Owin middleware. And we cannot find the way how to implement this using Microsoft.Owin.Security.OpenIdConnect assembly. Even We cannot find how to add a standard request parameter to Authentication Request (e.g. " login_hint parameter"). For example Google has " login_hint " and " hd " parameters (https://developers.google.com/accounts/docs/OAuth2Login#sendauthrequest), and we want

问题 Startup.cs is a new way to initialize your app instead of Application_Start in Global.asax and it's fine. But is there a place to put my teardown logic, for example this: public class WebApiApplication : System.Web.HttpApplication { protected void Application_End() { // Release you ServiceBroker listener SqlDependency.Stop(connString); } } Looked in Microsoft.Owin namespace but it only seems to have OwinStartupAttribute . Does this mean that application lifecycle events are still processed by