从承载的OAuth令牌在OWIN获取的IPrincipal [英] Get IPrincipal from OAuth Bearer Token in OWIN

问题描述

我已经使用OWIN成功添加的OAuth我的WebAPI 2项目。我收到的令牌，并可以使用他们的HTTP头访问资源。

I have successfully added OAuth to my WebAPI 2 project using OWIN. I receive tokens and can use them in the HTTP Header to access resources.

现在我想用这些令牌还对其他渠道进行身份验证是不是该OWIN模板制作为标准的HTTP请求。例如，我使用的WebSockets，其中客户端发送的OAuth承载令牌进行身份验证。

Now I want to use those tokens also on other channels for authentication that are not the standard HTTP requests that the OWIN template is made for. For example, I am using WebSockets where the client has to send the OAuth Bearer Token to authenticate.

在服务器端，我通过WebSocket的接收令牌。 但是，我怎么能现在把这个令牌到OWIN管道从中提取的IPrincipal和ClientIdentifier？在的WebAPI 2模板，这一切都被抽象了我，所以没有什么我必须做的使它发挥作用。

On the server side, I receive the token through the WebSocket. But how can I now put this token into the OWIN pipeline to extract the IPrincipal and ClientIdentifier from it? In the WebApi 2 template, all this is abstracted for me, so there is nothing I have to do to make it work.

所以，基本上，我有标记为一个字符串，想用OWIN访问用户信息连接codeD放入令牌。

感谢你在前进的帮助。

推荐答案

我发现这个博客帖子的解决方案的一部分：<一href="http://leastprivilege.com/2013/10/31/retrieving-bearer-tokens-from-alternative-locations-in-katanaowin/">http://leastprivilege.com/2013/10/31/retrieving-bearer-tokens-from-alternative-locations-in-katanaowin/

I found a part of the solution in this blog post: http://leastprivilege.com/2013/10/31/retrieving-bearer-tokens-from-alternative-locations-in-katanaowin/

所以，我创建了自己的供应商如下：

So I created my own Provider as follows:

public class QueryStringOAuthBearerProvider : OAuthBearerAuthenticationProvider
{
    public override Task RequestToken(OAuthRequestTokenContext context)
    {
        var value = context.Request.Query.Get("access_token");

        if (!string.IsNullOrEmpty(value))
        {
            context.Token = value;
        }

        return Task.FromResult<object>(null);
    }
}

然后，我需要将其添加到我的应用程序中Startup.Auth.cs是这样的：

Then I needed to add it to my App in Startup.Auth.cs like this:

OAuthBearerOptions = new OAuthBearerAuthenticationOptions()
{
   Provider = new QueryStringOAuthBearerProvider(),
   AccessTokenProvider = new AuthenticationTokenProvider()
   {
       OnCreate = create,
       OnReceive = receive
   },
};

app.UseOAuthBearerAuthentication(OAuthBearerOptions);

通过自定义AuthenticationTokenProvider，我可以检索早在管道从令牌的所有其他值：

With a custom AuthenticationTokenProvider, I can retrieve all other values from the token early in the pipeline:

public static Action<AuthenticationTokenCreateContext> create = new Action<AuthenticationTokenCreateContext>(c =>
{
    c.SetToken(c.SerializeTicket());
});

public static Action<AuthenticationTokenReceiveContext> receive = new Action<AuthenticationTokenReceiveContext>(c =>
{
    c.DeserializeTicket(c.Token);
    c.OwinContext.Environment["Properties"] = c.Ticket.Properties;
});

而现在，例如在我的WebSocket的投手，我可以检索客户端Id和其他人是这样的：

And now, for example in my WebSocket Hander, I can retrieve ClientId and others like this:

IOwinContext owinContext = context.GetOwinContext();
if (owinContext.Environment.ContainsKey("Properties"))
{
    AuthenticationProperties properties = owinContext.Environment["Properties"] as AuthenticationProperties;
    string clientId = properties.Dictionary["clientId"];
...
 }

这篇关于从承载的OAuth令牌在OWIN获取的IPrincipal的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！