在 .Net 核心中共享默认的 OWIN 令牌 [英] Share default OWIN tokens in .Net core
问题描述
我有建立在 .NET 4.5.1 上的授权服务器并使用 Microsoft.Owin.Security.OAuth Version=3.0.0
我用这个包实现了一个解决方法 Owin.Token.AspNetCore.
var ticket = LegacyOAuthSecurityTokenHelper.GetTicket(token, new LegacyTokenAuthenticationOptions{DecryptionKey = "machineKey-DecryptionKey",ValidationKey = "machineKey-ValidationKey",EncryptionMethod = EncryptionMethod.AES,//默认 AESValidationMethod = ValidationMethod.HMACSHA256//默认 HMACSHA256}));//使用ticket.Identity.Claims 验证您的用户!I have Authorization server which built on .NET 4.5.1 and use Microsoft.Owin.Security.OAuth Version=3.0.0 http://prntscr.com/hvwhl4 Tokens protected via machinkey (OAuthAuthorizationServerOptions.AccessTokenFormat is default). I also have many application-consumers(resource servers) on .NET 4.5.1 which validate these tokens http://prntscr.com/hvwwdu http://prntscr.com/hvwiwr. All these applications have the same machinkey in web.config
Now I try to build .net core 2.0 application and I need to use the same tokens from my Auth server(.net 4.5.1 owin 3.0.0). How can I validate and read claims from Microsoft.Owin.Security.OAuth(3.0.0) tokens in .net core 2.0?
One note: I can't change my Auth server and define DataProtector in Auth server. So I need to find a way how to "decode" OWIN tokens in .net core using existing machine key.
UPDATE: So I've opened issue on github https://github.com/aspnet/Security/issues/1592
Now It is closed and the answer was: "Closing because there are no plans to support this. You can use a 3rd party token server such as Identity Server to issue tokens that work with both systems. Or, you can write custom code for ASP.NET Core to handle the OWIN/Katana-style tokens."
I find a kind of solution. I use Autofac.Integration.Owin package and OAuthAuthorizationServerMiddleware in my Auth server to define in run time from which resource server I got the request and then define in which format I need to return token.
Please find below a piece of code from Autofac config in Auth server:
I implemented a workaround with this package Owin.Token.AspNetCore.
var ticket = LegacyOAuthSecurityTokenHelper.GetTicket(token, new LegacyTokenAuthenticationOptions
{
DecryptionKey = "machineKey-DecryptionKey",
ValidationKey = "machineKey-ValidationKey",
EncryptionMethod = EncryptionMethod.AES, // Default AES
ValidationMethod = ValidationMethod.HMACSHA256 // Default HMACSHA256
}));
// Authenticate your user with ticket.Identity.Claims!
这篇关于在 .Net 核心中共享默认的 OWIN 令牌的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
