ASP.NET身份和移动客户端 [英] ASP.NET Identity and mobile clients
问题描述
ASP.NET的最新版本包括新的身份验证框架ASP.NET身份,这应该是用户管理的核心组成部分在所有新的和不久的将来ASP.NET项目和网站。
The latest version of ASP.NET includes the new authentication framework ASP.NET Identity, which should be the core building block for user management in all new and near future ASP.NET projects and websites.
我已经看到,它可以与的WebAPI很好地整合,但没有看到集成为移动客户端设备的认证的任何实例。例如 - 假设我有一个ASP.NET网站,在使用中实现身份。现在我想建立为Windows 8.1和Windows Phone客户端应用程序8.我看到都限制两个主要的问题。
I have seen that it can integrate with the WebAPI quite nicely, but haven't seen any example of integration as authentication for mobile client devices. For example - suppose I have a ASP.NET website with Identity implemented in use. Now I want to build client applications for Windows 8.1 and Windows Phone 8. I see two main issues that are limiting this.
首先 - ASP.NET身份显然只发出短暂的权威性。令牌,这是相当的移动应用糟糕的用户体验。我已经看到了一些尝试创建一个刷新令牌机制 - <一个href=\"http://leastprivilege.com/2013/11/15/adding-refresh-tokens-to-a-web-api-v2-authorization-server/\" rel=\"nofollow\">http://leastprivilege.com/2013/11/15/adding-refresh-tokens-to-a-web-api-v2-authorization-server/ 。这是一个相当不错的方法,但它仍然是更有趣地看到一个真正建立在溶液中。
Firstly - ASP.NET Identity apparently issues only short-lived auth. tokens, which is quite a bad user experience for mobile applications. I have seen some attempts to create a refresh token mechanism - http://leastprivilege.com/2013/11/15/adding-refresh-tokens-to-a-web-api-v2-authorization-server/ . This is quite a nice approach, but it would still be more interesting to see a really built in solution.
二 - 也许更为重要 - 外部认证提供商的支持。在ASP.NET网站的身份是很清楚易见的方式通过的WebAPI进行身份验证,但我还没有与外部身份验证使用的看到了这一点。这怎么可能得到为Facebook,微软和Twitter认证的URL如何认证流程从应用内完成?
Second - and maybe more important - external authentication provider support. On the ASP.NET Identity website it is quite clear and easy to see a way to authenticate via WebAPI, but I haven't seen this in use with external authentication. How is it possible to get the authentication URLs for Facebook, Microsoft and Twitter and how can the authentication flow be completed from within the app?
有没有人一些经验,用这个?这将是巨大找到一个完整的演练中,我会很乐意奖励与一些赏金点正确的解决方案:-)。
Has anyone some experience with this? It would be great to find a complete walkthrough, I will gladly reward the correct solution with some bounty points :-) .
推荐答案
的问题在于,安全性是复杂的,微软的解决方案仅解决简单的场景。
The problem is that security is complicated and that Microsoft's solutions only address the simple scenarios.
另外,你consing术语(增加了大家的困惑,包括你自己)。 ASP.NET身份管理存储在数据库中的用户的凭证。它是无关的,需要验证凭据(移动,API,浏览,桌面等)的应用程序的类型。
Also, you're consing terminology (which increases everyone's confusion, including your own). ASP.NET Identity manages users' credentials stored in a database. It's unrelated to the type of application that needs to validate credentials (mobile, api, browser, desktop, etc).
卡塔纳中间件是允许应用程序进行认证的呼叫者。还有的浏览器应用程序,对于谷歌外部中间件,脸谱,WS-美联储等的cookie中间件,然后有OAuth2以API的应用程序。每个工作于应用程序的性质不同基础。他们中的一些相互作用,以及,取决于应用的要求。
Katana middleware is what allows an application to authenticate the caller. There's cookie middleware for browser applications, external middleware for google, facebook, WS-Fed, etc, and then there's OAuth2 for API applications. Each work differently based upon the nature of the application. Some of them interact as well, depending on the requirements of the application.
我并不是来接你 - 这更是一个有关微软缺乏他们所提供的框架教育/文档的投诉。而我想这是一个回答你的问题 - 微软没有你问什么。他们的点点滴滴,但你留下来连接点。
I don't mean to pick on you -- this is more of a complaint about Microsoft's lack of education/documentation in the frameworks they provide. And I suppose this is an answer to your question -- Microsoft doesn't have what you're asking for. They have bits and pieces, but you're left to connect the dots.
有些链接可能会有所帮助:
Some links that might help:
<一个href=\"http://www.asp.net/web-api/overview/security\">http://www.asp.net/web-api/overview/security
<一个href=\"http://www.asp.net/vnext/overview/authentication\">http://www.asp.net/vnext/overview/authentication
<一个href=\"http://brockallen.com/category/owin-katana/\">http://brockallen.com/category/owin-katana/
http://leastprivilege.com/category/katana/
http://leastprivilege.com/category/webapi/
心连心
这篇关于ASP.NET身份和移动客户端的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
