owin

问题 I am using the standard ASP.net OWIN OAuth middleware system to authenticate local users with Bearer tokens. What I would like to do is is hand out role-based tokens for the same user account. eg. OAuth TokenA => General User Privileges UserA -> OAuth TokenB => Admin User Privileges Is this supported in any way? 回答1: I was able to solve this using the following method - //ensure the token is a User role token only identity.AddClaim(new Claim(ClaimTypes.Role, "User")); Where 'identity' is an

问题 I am implementing 2 factor authentication in WebApi, asp.net identity and OWIN. Every time I log in, I get SignInStatus = Success never reaches to SignInStatus = RequiresVerification though user TwoFactorAuthentication is enabled. Below are some code snippets, Startup.cs: private void ConfigureAuth(IAppBuilder app) { app.UseCookieAuthentication(new CookieAuthenticationOptions()); app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie); app.UseTwoFactorSignInCookie

问题 Hi i've added a owin startup class in my WCF service this using System; using System.Threading.Tasks; using Microsoft.Owin; using Owin; [assembly: OwinStartup(typeof(SampleService.StartupClass))] namespace SampleService { public class StartupClass { public void Configuration(IAppBuilder app) { // For more information on how to configure your application, visit http://go.microsoft.com/fwlink/?LinkID=316888 } } } but it seems that the Configuration method is not firing i've tried this in a

问题 I have a ASP.NET Web API implemented as OWIN middleware. I hosted it on azure and now I have a problem using swagger. It is perfectly working on localhost but when I try it on azure I get this: The way I did my configuration for swagger on the API was to completely remove SwaggerConfig.cs file and add all the configuration into my Startup.cs class as shown here: How to generate documentation using swashbuckle for WebApi 2 with Owin . If it is going to help, I am trying to implement oAuth2

问题 I tried to implement a middleware just for my web API actions, so i found Map that is a extension method of IAppBuilder inerface. i checked katana source code [1], this method return an IAppBuilder same as Use method. but in owin/WebAPI i don't know why controllers dose not resolve after mapping? its clear after invoking next middleware, owin should run next middleware, but after mapping it seems there is no next middleware, where is my mistake? StartUp: public void Configuration(IAppBuilder

问题 I would like to get redirectUrl from a client in Identity in IdentityServer3 in the login page. for EX: I have a "localhost:54483/payments/5466cdaa-2005-4947-b4dc-cc6a49b83dfd/checkout" link when I hit it , I will be redirected to a login page in IndentityServer and I need to get redirect link above (http://localhost:54483/payments/5466cdaa-2005-4947-b4dc-cc6a49b83dfd/checkout) in public class CustomViewService: DefaultViewService { private gtoken _gtoken; public CustomViewService

问题 I'm setting up OAuth using the Owin libraries including Google and Facebook. The Owin startup class is registering fine by the looks of it. What I'm finding is that rather than being redirected to the appropriate sign in page at Facebook or Google, I'm being redirected to a default 'login.aspx' page. There is no login.aspx page in my solution. The flow is triggered in a view like so: @{ // Get list of configured external authentication middleware var loginProviders = Context.GetOwinContext()

问题 I use the IUserSecurityStampStore to implement sign-out-everywhere functionality. It seems to work fine, however I have the problem that every time the user changes her password, she is logged off afterwards. One possibility to work around this issue, is to call SignIn in the Manage -Action of the AccountController after a password change. This seems to work, but I think it’s a bit clumsy and probably not the right way. Thats why my questions are: How can I force OWIN to rewrite the cookie

问题 I have a WebAPI, and I need to secure an Angular 4.x app so I though I could use JWT. I'm trying to figure out what's the bare minimum (no OAuth?) to achieve it using Microsoft's OWIN Katana 3.x packages. How can it be done? 回答1: The following doesn't work (Microsoft's/System parts entangled in a breaking way). But it's the closest I could get to something looking almost simple. using System.IdentityModel.Tokens.Jwt; using System.Security.Claims; using System.Security.Cryptography; using

问题 I am trying to implement JWT authentication using OWIN middleware for my ASP.NET WebAPI 2.0. I am through with the first task of obtaining the jwt token from the OAuthAuthorizationServer. The resource owner and token server are same i.e same WebAPI generates the token and should consume too to provide access to resources. In my Global.asax file I have added the below code line GlobalConfiguration.Configure(FilterConfig.Configure); In my Filter.config I have added the following configure