在网页API使用OAuth认证 [英] Authentication using OAuth in Web API
问题描述
我正在使用ASP.Net MVC5其中还包括一个Web API的项目。该API将是仅供内部使用。我使用的OWIN库供应商的认证。
I'm working on a project using ASP.Net MVC5 which also includes a Web API. The API will be for internal use only. I'm using the OWIN library to provider authentication.
我有困难的时候搞清楚如何正确通过API实现身份验证。我打算使用OAuth 2.0,但与OAuth的问题是,用户需要通过浏览器页面,而不是本机的登录界面登录。所以我想知道是否有可能以某种方式跳过浏览器。
I'm having a difficult time figuring out how to correctly implement authentication through the API. I was planning on using OAuth 2.0 but the problem with OAuth is that the user needs to login through a browser page instead of a native login screen. So I was wondering if it is possible to somehow skip the browser.
我发现<一个href=\"https://katanaproject.$c$cplex.com/SourceControl/latest#tests/Katana.Sandbox.WebServer/Startup.cs\">this例如创造它自己的OAuth授权服务器。不过,这并不说明如何让本地登录
I've found this example which creates it's own OAuth Authorization Server. But it doesn't show how to make the login native.
推荐答案
如果它是一个高度受信任的客户端,那么你可以使用的OAuth2资源所有者口令流。你可以看一下在VS2013 SPA模板和/或对这个职位阅读:
If it's a highly trusted client, then you can use the OAuth2 resource owner password flow. You can look at the VS2013 SPA template and/or read on this post:
<一个href=\"http://leastprivilege.com/2013/11/13/embedding-a-simple-usernamepassword-authorization-server-in-web-api-v2/\">http://leastprivilege.com/2013/11/13/embedding-a-simple-usernamepassword-authorization-server-in-web-api-v2/
这篇关于在网页API使用OAuth认证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!