开放认证跨域重定向问题 [英] open authentication cross domain redirection issue
问题描述
我试图在MVC的Web-api4开放式身份验证第一次。我主持我的服务services.domain.com,和前端(UI)是test.domain.com。
在前端,我会打电话从Facebook登录该服务。成功登录后,我会得到services.domain.com访问令牌。但我的code为test.domain.com。
从Facebook重定向后。我得到访问令牌在service.bubblesbuy.com,但我需要在这test.domain.com访问令牌。
这里有我跟着
步骤 $。阿贾克斯({
网址:services.domain.com/api/Account/ExternalLogins?returnUrl=%2F&generateState=true
成功:功能(数据){
//成功后
}
成功后,我会得到供应商,这里是输出
[
{
名称:脸谱,
URL: \"/api/Account/ExternalLogin?provider=Facebook&response_type=token&client_id=self&redirect_uri=services.domain.com&state=bzDUygFiUw-jOYHCYaDPT8iawAjq1ejd0hmkVPZTwjk1\",
国家:bzDUygFiUw-jOYHCYaDPT8iawAjq1ejd0hmkVPZTwjk1
}
]
我会把网址我的服务
<$p$p><$c$c>services.domain.com//api/Account/ExternalLogin?provider=Facebook&response_type=token&client_id=self&redirect_uri=services.domain.com&state=bzDUygFiUw-jOYHCYaDPT8iawAjq1ejd0hmkVPZTwjk1\",国家:bzDUygFiUw-jOYHCYaDPT8iawAjq1ejd0hmkVPZTwjk1
我收到访问令牌
services.domain.com/#access_token= Hu2B5WmmZLy8TfJ3RqRsVnQDfDcHSiVCMliWrS554PpU-i_LQzdMggJgXClsf-ZtYXRDxxct7m3frZxYR0MKLxNWHwH1gXxi7Y-HUbWjyB9QvBJMwifFCVMnt7BOOlKjJPEAhdOY7ZgRB-vURBH-hHT6wFSXJvvpYpZ0fziX0DgKrLIqUj8&token_type=bearer&expires_in=1209600&state=24HUa-Upzo-_Xh2j0CkAx5TVPdoirvNrGktpg5H5Ifg1
但我需要访问test.domain.com令牌(前端哪里我所有的HTML页面有)
请帮助我如何获得test.domain.com的访问令牌(在前端)
您需要的授权服务器发出一个访问令牌到客户端(前端)。
微软提供了一个OWIN中间件ASP.NET MVC。看看这个例子: OWIN的OAuth 2.0授权服务器
由于微软将不再支持该中间件在未来,你也可以使用开源的 IdentityServer3 。该项目是.NET基础的一部分,提供良好的支持和大量的样本。
i am trying open authentication first time in mvc-web-api4 . i have hosted my services in services.domain.com , and front end (UI) is in test.domain.com .
in front end i will call the service to login from facebook. after successful login i will get the access token in services.domain.com . but my code is in test.domain.com.
after redirection from facebook . i am getting access token in service.bubblesbuy.com , but i need that access token in test.domain.com.
here are the steps i followed
$.ajax({
url: "services.domain.com/api/Account/ExternalLogins?returnUrl=%2F&generateState=true",
success: function (data) {
//after successful
}
after successful , i will get providers , here is the output
[
{
"Name": "Facebook",
"Url": "/api/Account/ExternalLogin?provider=Facebook&response_type=token&client_id=self&redirect_uri=services.domain.com&state=bzDUygFiUw-jOYHCYaDPT8iawAjq1ejd0hmkVPZTwjk1",
"State": "bzDUygFiUw-jOYHCYaDPT8iawAjq1ejd0hmkVPZTwjk1"
}
]
i will pass Url to my service
services.domain.com//api/Account/ExternalLogin?provider=Facebook&response_type=token&client_id=self&redirect_uri=services.domain.com&state=bzDUygFiUw-jOYHCYaDPT8iawAjq1ejd0hmkVPZTwjk1",
"State": "bzDUygFiUw-jOYHCYaDPT8iawAjq1ejd0hmkVPZTwjk1
i am getting the access token in
services.domain.com/#access_token= Hu2B5WmmZLy8TfJ3RqRsVnQDfDcHSiVCMliWrS554PpU-i_LQzdMggJgXClsf-ZtYXRDxxct7m3frZxYR0MKLxNWHwH1gXxi7Y-HUbWjyB9QvBJMwifFCVMnt7BOOlKjJPEAhdOY7ZgRB-vURBH-hHT6wFSXJvvpYpZ0fziX0DgKrLIqUj8&token_type=bearer&expires_in=1209600&state=24HUa-Upzo-_Xh2j0CkAx5TVPdoirvNrGktpg5H5Ifg1
but i need to access that token in test.domain.com (front end where my all html page is there )
please help me how to get that access token in test.domain.com (in front end )
You need an authorization server that issues an access token to your client (front-end). Microsoft provides an OWIN middleware for ASP.NET MVC. Take a look at this sample: OWIN OAuth 2.0 Authorization Server
Since Microsoft will no longer support this middleware in the future, you can also use the open source IdentityServer3. This project is part of the .NET Foundation and offers good support and a lot of samples.
这篇关于开放认证跨域重定向问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
