0
我正在一個ASP.NET WEB API多客戶端應用程序。第一個客戶端通過用戶名和密碼進行認證,第二個客戶端通過代碼(字符串類型)認證。多個提供商的網絡api
是否有可能在同一個應用程序上有多個提供程序? 下面是代碼:
public void ConfigureAuth(IAppBuilder app)
{
app.CreatePerOwinContext(ApplicationDbContext.Create);
app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);
app.UseCookieAuthentication(new CookieAuthenticationOptions());
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
// Configure the application for OAuth based flow
PublicClientId = "self";
OAuthOptions = new OAuthAuthorizationServerOptions
{
TokenEndpointPath = new PathString("/Token"),
Provider = new ApplicationOAuthProvider(PublicClientId),
AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
// In production mode set AllowInsecureHttp = false
AllowInsecureHttp = true
};
app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll);
}
在我ApplicationOAuthProvider I類驗證碼還可以,但第一個應用程序不使用代碼。
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
var userManager = context.OwinContext.GetUserManager <ApplicationUserManager>();
ApplicationUser user = await userManager.FindAsync(context.UserName, context.Password);
ApplicationUser userByName = await userManager.FindByNameAsync(context.UserName);
var data = await context.Request.ReadFormAsync();
var code = data["code"];
if (userByName == null || userByName.Code != code)
{
context.SetError("invalid_grant", "The user name or password is incorrect.");
return;
}
ClaimsIdentity oAuthIdentity = await userByName.GenerateUserIdentityAsync(userManager, OAuthDefaults.AuthenticationType);
ClaimsIdentity cookiesIdentity = await userByNameCristina.GenerateUserIdentityAsync(userManager,
CookieAuthenticationDefaults.AuthenticationType);
AuthenticationProperties properties = CreateProperties(userByNameCristina.UserName,data["code"]);
AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, properties);
context.Validated(ticket);
context.Request.Context.Authentication.SignIn(cookiesIdentity);
}