owin-middleware

问题 I have an asp.net Web API server running under IIS, that until now has used windows authentication as it has only had other services running on the same domain conencting to it. So, in my web.config I have the following settings... <system.web> <compilation debug="true" targetFramework="4.5.1" /> <httpRuntime targetFramework="4.5.1" /> <authentication mode="Windows" /> </system.web> <system.webServer> <security> <authentication> <windowsAuthentication enabled="true" /> </authentication> <

问题 This is the Project Structure This is the access_token I am getting in My Angular Client Application. { "nbf": 1529181048, "exp": 1529184648, "iss": "https://localhost:44381", "aud": [ "https://localhost:44381/resources", "myaspnetwebapi" ], "client_id": "AngularCore", "sub": "1", "auth_time": 1529181045, "idp": "local", "scope": [ "openid", "profile", "myaspnetwebapi" ], "amr": [ "pwd" ] } In My ASP.NET WEB API Project, I am using this OPEN ID CONNECT Nuget Package - https://www.nuget.org

问题 I have a multi-tenant application. Each tenant can authenticate its users using OAUTH-2 with Facebook, Twitter, Google, etc. Each tenant has its own API keys for the aforementioned services. The typical way to setup the OWIN pipeline is to "use" auth providers in Startup but this sets the API keys at app start. I need to be able to change which keys are used with each oauth API for each request. app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType =

问题 Background First let me explain the background. I am working on a project that attempts to marry a backend server that uses Web API configured via OWIN- hosted on IIS now, but potentially other OWIN-supported hosts in the future- to a frontend using AngularJS. The AngularJS frontend is entirely static content. I completely avoid server-side technologies such as MVC/Razor, WebForms, Bundles, anything that has to do with the frontend and the assets it uses, and defer instead to the latest and

问题 I'm trying to create a unified error handling/reporting in ASP.NET Web API 2.1 Project built on top of OWIN middleware (IIS HOST using Owin.Host.SystemWeb). Currently I used a custom exception logger which inherits from System.Web.Http.ExceptionHandling.ExceptionLogger and uses NLog to log all exceptions as the code below: public class NLogExceptionLogger : ExceptionLogger { private static readonly Logger Nlog = LogManager.GetCurrentClassLogger(); public override void Log

问题 I'm attempting to use some custom Owin middleware to modify (in this case, completely replace) the response stream in specific circumstances. Anytime I make a call that does trigger my middleware to replace the response, everything works properly. The problem only occurs when I make a call that my middleware does not make changes to. Additionally, I have only been able to get the error to occur when the API call that is not being replaced is returning a manually created HttpResponseMessage

问题 I currently have an ASP 5/ASP Core Web API that I need to integration test with the OWIN Test Server. The problem is that I use IdentityServer as the authorization server in production and I do not want to include the authorization as part of my integration testing. This is the Startup.cs of the API: public Startup(IHostingEnvironment env) { // Set up configuration sources. IConfigurationBuilder builder = new ConfigurationBuilder() .AddJsonFile("appsettings.json") .AddJsonFile($"appsettings.

问题 I am using MVC 5 client which is secured by "UseOpenIdConnectAuthentication" and getting all user details in Claims object, this client is calling WAAD secured Web Api by "Bearer" authentication token. I need to fetch username or email in the web api. I tried different options but nothing worked. I am getting null in Identity.Name, other properties I am getting like nameidentifier, objectidentifier, tenanted etc. Please advise. Thanks Below code I am using for access token in Web Client.

问题 Is it possible to send a custom parameter to an external login provider/custom owin middleware I have an Identity Server 3 who handles my authentication, and I have an external identity provider middleware which handles the signing in of the user, to sign in I have to send a token to the middleware, which the middleware uses to authenticate. I tried following approaches: acr_values : I sent the token as a acr_value, but this approach does not work for 2 reasons: The token is to long( >900

问题 I am running WebAPI with just one Middleware and not able to set response HTTP status code. I am using OnSendingHeaders() and able to add headers and set response body, but status code is not getting set and response always has it set as 200 OK. I am able to set response status code in ValidateUrl(context) though. Difference is ValidateUrl(context) is called synchronously and OnSendingHeaders() would be called asynchronously after ProcessIncomingRequest() is executed. Is HTTP status line