owin

I'm trying to use the AccessToken provided by Owin in Google.Apis requests but I'm receiveing the exception System.InvalidOperationException (Additional information: The access token has expired but we can't refresh it). My configuration of Google Authentication is OK and I can successfully login into my application with it. I store the context.AccessToken as a Claim in the authentication callback (OnAuthenticated "event" of GoogleOAuth2AuthenticationProvider). My Startup.Auth.cs configuration (app.UseGoogleAuthentication(ConfigureGooglePlus())) private GoogleOAuth2AuthenticationOptions

I am new the webAPI2, so please excuse me if my question is trivial. I want to implement token based security for my webAPI, so that other applications (apart from my SPA) can also call my webAPIs. I started with Owin OpenAuth and implemented a POC. Everything worked well. But when I had to send client to Authorization to Authorization server, I could not find any inbuilt function to do that. I had to build this my self. Then I came across DotNetOpenAuth that provides APIs to set the communication as well. As far as I could find out, Microsoft is favoring Owin OpenAuth over DotNetOpenAuth. Can

I am converting an existing ASP .Net Web API 2 project to use OWIN. The project uses Castle Windsor as the dependency injection framework with one of the dependencies set to use the PerWebRequest lifestyle. When I make a request to the server I get a Castle.MicroKernel.ComponentResolutionException exception. The exception recommends adding the following to the system.web/httpModules and system.WebServer/modules sections in the config file: <add name="PerRequestLifestyle" type="Castle.MicroKernel.Lifestyle.PerWebRequestLifestyleModule, Castle.Windsor" /> This doesn't resolve the error. Taking

I've got an self-hosted SignalR instance, using OWIN. I'd like to implement authorization. My users will already have logged into an ASP.NET MVC application, using Forms Authentication. Since the two applications will be available at the same URL, the cookies will be shared between the two. How do I accept a Forms Authentication cookie in a self-hosted SignalR application? Clarification: I'm talking about a browser accessing a self-hosted SignalR hub using the same credentials that were used to log into a separate (but related, and installed on the same host) IIS application. So, the question

How do you create a custom ASP.NET MVC 5 Auth without using the UserStore of Microsoft.AspNet.Identity.EntityFramework?? All you have to do is implement the same interfaces that the Userstore for Identity.Entityframework uses. User will be your user class public class MyUserStore<TUser> : IUserLoginStore<TUser, int>, IUserClaimStore<TUser, int>, IUserRoleStore<TUser, int>, IUserPasswordStore<TUser, int>, IUserSecurityStampStore<TUser, int>, IUserStore<TUser, int>, IDisposable where TUser : User { //Implement the interfaces you need } Then pass your MyUserStore into the UserManager each request

I am working on a single page application using AngularJS and ASP.NET Identity 2. I log the user in and the cookie is set; however, when I check the Identity of the user on the same request, it shows it as blank and IsAuthenticated is false. However, these are populated on subsequent requests. I was hoping to send back to the UI whether or not the user was logged in on the same request. Is this possible? Code as requested (AngularJS makes AJAX post into WebAPI controller Login method) [HttpPost] [AllowAnonymous] [Route("Login")] public async Task<IHttpActionResult> Login(LoginModel loginModel)

Facebook is recommending that I use a HTTPS redirect URL, instead of HTTP. I've been trying to find a way to configure it to generate a HTTPS URL, at the moment it's generating a HTTP URL. https://www.facebook.com/v2.8/dialog/oauth?response_type=code&client_id=255162614498922&redirect_uri= http://example.com/signin-facebook &scope=&state=-x4AVtFysadfadsfsadROH6E1QJ82gv4e4j48s32K5xbmqlF-JFbE5Y2Tx_MAdSquCP6CjZjic8Ye6gwasdfdfask3PXWkyxS42Ajpks9IuumDOl6CUJsadfafsasfdasdfbfpEFUDyxJUR3fARlWc83Lysadffdsdaffsdafasdsdafx_ziTnttz Currently it is generating: http://example.com/signin-facebook for the

What I Need?! I have an ASP.NET identity system setup and running with external logins. For whatever reason i need to setup a custom authentication after the ASP.NET identity authentication. Let me explain how? Lets say I have three pages for the users to view on my application, Page A,B,C. Who can view Page A? Any anonymous user can view page A. Who can view Page A & B? Any user who have created an account either with his/her email & password or with external logins. Who can view Page A,B & C? Here is the place i want to set custom authentication. Any user who have created an account either

I'm trying to get my head around using OWIN. I have created two MVC 5 projects. One with authentication using Aspnet.Identity and the other started as an empty project. I added the following to the emptyp project: Account controller with a Login action and coresponding view Startup.cs and another partial Startup.cs with public partial class Startup { public void ConfigureAuth(IAppBuilder app) { app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = "ApplicationCookie", LoginPath = new PathString("/Account/Login") }); } } I have decorated the About action in the Home