如何在WebApi Oauth Owin身份验证过程中向redirect_uri添加参数? [英] How to add parameters to redirect_uri in WebApi Oauth Owin authentication process?

问题描述

我正在使用oauth承载令牌认证和外部登录提供程序(google，twitter，facebook等)创建一个webapi项目.我从基本的VS 2013模板开始，然后一切正常！

I'm creating a webapi project with oauth bearer token authenthication and external login providers (google, twitter, facebook etc.). I started with the basic VS 2013 template and got everything to work fine!

但是，在用户成功登录后，OWIN基础结构会使用以下结构创建重定向:

However, after a user successfully logs is, the owin infrastructure creates a redirect with the folllowing structure:

http://some.url/#access_token=<the access token>&token_type=bearer&expires_in=1209600

在我的服务器代码中，我想为此重定向添加一个附加参数，因为在我的应用程序的注册过程中，新用户需要先确认并接受使用许可，然后才能将其注册为用户.因此，我想将参数"requiresConfirmation = true"添加到重定向中.但是，我不知道如何执行此操作.我尝试设置AuthenticationManager的AuthenticationResponseChallenge.Properties.RedirectUri，但这似乎没有任何影响.

In my server code I want to add an additional parameter to this redirect because in the registration process of my app, a new user needs to first confirm and accept the usage license before he/she is registered as a user. Therefore I want to add the parameter "requiresConfirmation=true" to the redirect. However, I've no clue about how to do this. I tried setting AuthenticationResponseChallenge.Properties.RedirectUri of the AuthenticationManager but this doesn't seem to have any affect.

任何建议将不胜感激！

推荐答案

使用AuthorizationEndpointResponse通知应该相对容易:

It should be relatively easy with the AuthorizationEndpointResponse notification:

在您的自定义OAuthAuthorizationServerProvider实现中，只需覆盖AuthorizationEndpointResponse即可从环境响应授权中提取您的额外参数，该响应是在调用IOwinContext.Authentication.SignIn(properties, identity) 时创建的. 然后，您可以将自定义requiresConfirmation参数添加到AdditionalResponseParameters:它将自动添加到回调URL(即使用隐式流时在片段中):

In your custom OAuthAuthorizationServerProvider implementation, simply override AuthorizationEndpointResponse to extract your extra parameter from the ambient response grant, which is created when you call IOwinContext.Authentication.SignIn(properties, identity). You can then add a custom requiresConfirmation parameter to AdditionalResponseParameters: it will be automatically added to the callback URL (i.e in the fragment when using the implicit flow):

public override Task AuthorizationEndpointResponse(OAuthAuthorizationEndpointResponseContext context) {
    var requiresConfirmation = bool.Parse(context.OwinContext.Authentication.AuthenticationResponseGrant.Properties.Dictionary["requiresConfirmation"]);
    if (requiresConfirmation) {
        context.AdditionalResponseParameters.Add("requiresConfirmation", true);
    }

    return Task.FromResult<object>(null);
}

在调用SignIn的代码中，确定用户是否已注册，然后将requiresConfirmation添加到AuthenticationProperties容器中:

In your code calling SignIn, determine whether the user is registered or not and add requiresConfirmation to the AuthenticationProperties container:

var properties = new AuthenticationProperties();
properties.Dictionary.Add("requiresConfirmation", "true"/"false");

context.Authentication.SignIn(properties, identity);

如果您需要更多详细信息，请随时与我联系.

Feel free to ping me if you need more details.

这篇关于如何在WebApi Oauth Owin身份验证过程中向redirect_uri添加参数?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！