从通用的应用程序登录使用Live标识网页API [英] Login from Universal App to Web Api using Live Id
问题描述
我想实现以下功能:
- 用户迹象,到Live ID帐户从Windows Phone的8.1(或通用)的应用程序。
- 应用访问,我与ASP.NET网页API 2 开发Web阿比
- 在该网页API,我需要对用户进行认证。
- 后来,我想验证的Web应用程序相同的用户
- User signs in into Live Id account from Windows Phone 8.1 (or Universal) app.
- App accesses Web Api that I develop with ASP.NET Web Api 2
- In this Web Api I need to authenticate the user.
- Later, I want to authenticate same user in web app
下面是我在做什么,这是行不通的。
Here is what I'm doing, and it doesn't work.
在我的Windows Phone应用程序:
In my Windows Phone App:
var authClient = new LiveAuthClient("http://myservice.cloudapp.net");
LiveLoginResult result = await authClient.LoginAsync(new string[] { "wl.signin" });
if (result.Status == LiveConnectSessionStatus.Connected)
{
connected = true;
var identity = await ConnectToApi(result.Session.AuthenticationToken);
Debug.WriteLine(identity);
}
然后
private async Task<string> ConnectToApi(string token)
{
using (var client = new HttpClient())
{
client.BaseAddress = new Uri("http://myservice.cloudapp.net/");
client.DefaultRequestHeaders.Accept.Clear();
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token);
// HTTP GET
HttpResponseMessage response = await client.GetAsync("api/values");
if (response.IsSuccessStatusCode)
{
string result = await response.Content.ReadAsStringAsync();
return result;
}
else
return response.ReasonPhrase;
}
}
然后在我的Web API我有以下
And then in my web api I have following
public void ConfigureAuth(IAppBuilder app)
{
app.UseMicrosoftAccountAuthentication(
clientId: "my client id",
clientSecret: "my secret");
}
我注册 http://myservice.cloudapp.net 作为重定向URL。
问题是认证不工作,网络API操作DP无法识别用户。
The problem is authentication doesn't work, web api actions dp not recognize the user.
我AP preciate如果有人可以点我到我在做什么错
I would appreciate if someone could point me into what I'm doing wrong
推荐答案
我得到了它完全错误的。首先,我真正需要使用app.UseJwtBearerAuthentication方法。这个例子是在这里找到的http:// code.lawrab.com / 2014/01 /固定-的WebAPI与 - 活id.html 。但是,当我尝试,我得到这个错误在输出
I got it totally wrong. First, I actually need to use app.UseJwtBearerAuthentication method. The example was found here http://code.lawrab.com/2014/01/securing-webapi-with-live-id.html. But when I tried, I got this error in the output
IDX10500:签名验证失败。无法解析SecurityKeyIdentifier:SecurityKeyIdentifier
(
IsReadOnly =假,
计数= 1,
条款[0] = System.IdentityModel.Tokens.NamedKeySecurityKeyIdentifierClause
)
这一次我花了一段时间才能弄清楚,直到我发现这个职位:<一href=\"http://stackoverflow.com/questions/25593435/jwtsecuritytokenhandler-4-0-0-breaking-changes\">JwtSecurityTokenHandler 4.0.0重大更改?
This one took me a while to figure out, until I found this post: JwtSecurityTokenHandler 4.0.0 Breaking Changes?
把这些东西放在一起,我似乎现在在我的测试环境中运行的解决方案:
Putting these things together, I got the solution that seems to work now in my testing environment:
public void ConfigureAuth(IAppBuilder app)
{
var sha256 = new SHA256Managed();
var sKey = "<Secret key>" + "JWTSig";
var secretBytes = new UTF8Encoding(true, true).GetBytes(sKey);
var signingKey = sha256.ComputeHash(secretBytes);
var securityKeyProvider = new SymmetricKeyIssuerSecurityTokenProvider("urn:windows:liveid", signingKey);
var securityKey = securityKeyProvider.SecurityTokens.First().SecurityKeys.First();
var jwtOptions = new JwtBearerAuthenticationOptions()
{
//AllowedAudiences = new[] { "<url>" },
//IssuerSecurityTokenProviders = new[]
//{
// new SymmetricKeyIssuerSecurityTokenProvider("urn:windows:liveid",signingKey)
//},
TokenValidationParameters = new System.IdentityModel.Tokens.TokenValidationParameters()
{
IssuerSigningKeyResolver = (token, securityToken, keyIdentifier, validationParameters) =>
{
return securityKey;
},
ValidAudience = "<url>",
ValidIssuer = securityKeyProvider.Issuer
}
};
app.UseJwtBearerAuthentication(jwtOptions);
}
这篇关于从通用的应用程序登录使用Live标识网页API的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!