owin-middleware

问题 How to get AD access token from login.microsoftonline.com and pass access token to web api controller? as I need "access token" as such to pass on to another partner company website url via post request. Below code doing AAD authentication as expected but also I need "access token" as such, public void ConfigureServices(IServiceCollection services) { services.Configure<CookiePolicyOptions>(options => { // This lambda determines whether user consent for non-essential cookies is needed for a

问题 This article shows how to host an entire web API stack in memory for testing using OWIN: http://www.davidwhitney.co.uk/Blog/2015/01/07/testing-an-asp-net-webapi-app-in-memory/ Whereas this article shows using the OWIN TestServer to unit test controllers: https://blog.jcorioland.io/archives/2014/04/01/using-owin-to-test-your-web-api-controllers.html The difference I see is between the use of TestServer.Create and WebApp.Start<Startup> What is the key difference and why would you choose one

来源： https://stackoverflow.com/questions/55797063/asp-net-owin-openid-connect-not-creating-user-authentication

问题 I have a ASP.net web api OWIN based self-host application running Windows Service. I set the base address to `http://hostname.domainName:8099' and this app is running fine for the machine where I am hosting this application. Now from another network machine this url is NOT accessible. The solution I tried is adding an inbound rule for port 8099 and it's working fine. :) Now I came to know on 2nd approach that I can add the executable .exe file to the list of allowed apps in Windows Firewall

问题 From the recent release and conversation below, it says that now Katana(4.1.0) supports code-flow with automatic code redemption(that meaning we do not have call tokenendpoint explicitly to redeem the code for idtoken, accesstoken etc) https://github.com/aspnet/AspNetKatana/pull/297 so, I've upgraded Katana dlls and have p Notifications = new OpenIdConnectAuthenticationNotifications() { RedirectToIdentityProvider = OnRedirectToIdentityProvider, //MessageReceived = OnMessageReceived, --

问题 I have a middleware method that requires context.Authentication.User.Identity.Name to be resolved for proper execution. However, when writing a unit test these properties are obviously null as no sign-in has occurred. I am not using Oauth or anything authentication related in this middleware (beyond the obvious name property), as it should be handled elsewhere in another middleware (to promote re-use/flexibility of the component I am developing). Is there a way to mock/fake this value so I

问题 In our ASP.NET Core based web application, we want the following: certain requested file types should get custom ContentType's in response. E.g. .map should map to application/json . In "full" ASP.NET 4.x and in combination with IIS it was possible to utilize web.config <staticContent>/<mimeMap> for this and I want to replace this behavior with a custom ASP.NET Core middleware. So I tried the following (simplified for brevity): public async Task Invoke(HttpContext context) { await

问题 I want to establish Web API Token Authentication with Angular JS as client. I am very new to this concept of Token Authentication inside Web API. I do not want to use ASP.NET Identity default tables to add or authenticate user. I have my own database and a table called "EmployeeAccess" table which contains EmployeeNumber as User Id and Password. I want to authenticate the users against the values in this table and then want to grant token so that they gets authorized for subsequent call. I

问题 I have set up my Resource Server (Web Api 2) to validate JWT token for incoming requests. The JWT token is issued by Auth0 and my client pass it to my web api. This all works fine and raises 401 response if Issuer, Audience or Expiry date is not valid. When I add my custom middleware derived from OwinMiddleware it suppresses token validation logic and I get 200 response for invalid requests. public class Startup { public void Configuration(IAppBuilder app) { var issuer = "my issuer"; var

问题 After a question as per why the ApplicationDbContext from Asp.Net Identity is created and disposed twice per Request I did some research why this would happen. I found that the ApplicationDbContext is actualy created once per HttpRequest but when using the Owin pipeline the Owin Middleware will be created a second time after the HttpRequest has ended. Because of this the ApplicationDbContext is indeed created for a second time when a user clicks one link giving the impression that the object