1. 首頁
  2. 問答
  3. asp.net MVC項目中的OAuth

asp.net MVC項目中的OAuth

2014-09-25 77 views
2

如何在線我看到這兩個?有什麼區別嗎?asp.net MVC項目中的OAuth

var OAuthOptions = new OAuthAuthorizationServerOptions 
{ 
    TokenEndpointPath = new PathString("/Token"), 
    AuthorizeEndpointPath = new PathString("/Account/Authorize"), 
    Provider = new SimpleAuthorizationServerProvider(UserRepository, UserStore), 
    AccessTokenExpireTimeSpan = TimeSpan.FromDays(14), 
    AllowInsecureHttp = true 
}; 
app.UseOAuthBearerTokens(OAuthOptions); 


app.UseOAuthAuthorizationServer(new OAuthAuthorizationServerOptions 
{ 
    AllowInsecureHttp = true, 

    TokenEndpointPath = new PathString("/token"), 
    AccessTokenExpireTimeSpan = TimeSpan.FromHours(8), 

    Provider = new SimpleAuthorizationServerProvider(UserRepository, UserStore) 
}); 
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());

方法UseOAuthBearerTokens怎麼會發生在OAuthAuthorizationServerOptions作爲參數?

來源

2014-09-25 Gillardo

+2

好問題。我不知道這是否僅僅是我,但我認爲ASP.NET當前狀態的整個授權/認證/ OAuth部分是絕對混亂的。 – Tobias 2014-09-25 16:18:58

+0

有人推薦使用別的東西嗎? – Gillardo 2014-09-25 16:53:39

回答

2

我相信第一個UseOAuthBearerTokens(options)被添加到Web API 2.1中,它將對UseOAuthAuthorizationServer和UseOAuthBearerAuthentication的調用進行封裝。

不幸的是,網絡上的文章/博客中的很多示例不包含發佈日期,因此很難追蹤代碼是否仍然適用。考慮到這些API正在更新的速度,我認爲它會減少混淆。

下面是從Microsoft.Owin.Security包發現Owin.AppBuilderExtensions.cs的代碼,以供參考,如網絡API V2.2的:

public static void UseOAuthBearerTokens(this IAppBuilder app, OAuthAuthorizationServerOptions options) 
     { 
      if (app == null) 
      { 
       throw new ArgumentNullException("app"); 
      } 
      if (options == null) 
      { 
       throw new ArgumentNullException("options"); 
      } 

      app.UseOAuthAuthorizationServer(options); 

      app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions 
      { 
       AccessTokenFormat = options.AccessTokenFormat, 
       AccessTokenProvider = options.AccessTokenProvider, 
       AuthenticationMode = options.AuthenticationMode, 
       AuthenticationType = options.AuthenticationType, 
       Description = options.Description, 
       Provider = new ApplicationOAuthBearerProvider(), 
       SystemClock = options.SystemClock 
      }); 

      app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions 
      { 
       AccessTokenFormat = options.AccessTokenFormat, 
       AccessTokenProvider = options.AccessTokenProvider, 
       AuthenticationMode = AuthenticationMode.Passive, 
       AuthenticationType = DefaultAuthenticationTypes.ExternalBearer, 
       Description = options.Description, 
       Provider = new ExternalOAuthBearerProvider(), 
       SystemClock = options.SystemClock 
      }); 
     }

來源

2015-01-15 04:40:01

相關問題

 相關問題