在C#中手动解码OAuth承载令牌 [英] Manually decode OAuth bearer token in c#
问题描述
在基于Web Api 2.2 OWIN的应用程序中,遇到一种情况,我需要手动解码承载令牌,但我不知道该怎么做. 这是我的startup.cs
In my Web Api 2.2 OWIN based application I have a situation where I manually need to decode the bearer token but I don't know how to do this. This is my startup.cs
public class Startup
{
public static OAuthAuthorizationServerOptions OAuthServerOptions { get; private set; }
public static UnityContainer IoC;
public void Configuration(IAppBuilder app)
{
//Set Auth configuration
ConfigureOAuth(app);
....and other stuff
}
public void ConfigureOAuth(IAppBuilder app)
{
OAuthServerOptions = new OAuthAuthorizationServerOptions()
{
AllowInsecureHttp = true,
TokenEndpointPath = new PathString("/token"),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(1),
Provider = new AuthProvider(IoC.Resolve<IUserService>(), IoC.Resolve<IAppSettings>())
};
// Token Generation
app.UseOAuthAuthorizationServer(OAuthServerOptions);
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
}
}
在我的控制器中,我将不记名令牌作为参数发送
In my controller Im sending the bearer token as a parameter
[RoutePrefix("api/EP")]
public class EPController : MasterController
{
[HttpGet]
[AllowAnonymous]
[Route("DC")]
public async Task<HttpResponseMessage> GetDC(string token)
{
//Get the claim identity from the token here
//Startup.OAuthServerOptions...
//..and other stuff
}
}
如何从作为参数传递的令牌中手动解码并获取声明?
How to manually decode and get the claims from the token passed as a parameter?
注意:我知道我可以在标头中发送令牌并使用[Authorize]和(ClaimsIdentity)User.Identity等,但是问题是当令牌中未显示令牌时如何读取令牌标头.
NOTE: I know I can send the token in the header and use [Authorize] and (ClaimsIdentity)User.Identity etc but the question is how to read the token when it's not presented in the header.
推荐答案
我创建了一个示例项目,用于反序列化承载令牌,这些承载令牌使用MachineKeyDataProtector进行了加密. 您可以看一下源代码.
I created a sample project for deserializing bearer tokens, which are encrypted using the MachineKeyDataProtector. You can take a look at the source code.
这篇关于在C#中手动解码OAuth承载令牌的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!