对不起,如果这个问题措辞不好,我是认证新手 .
我有一个ASP.NET MVC项目,它为我的Web前端提供服务,并使用OWIN和基于身份cookie的身份验证进行身份验证 . 这似乎与我的Web API无关 .
我还有一个ASP.NET Web API项目,该项目也使用OWIN和基于身份令牌的身份验证进行身份验证,例如向/ Token endpoints 发出请求并获取可用于向API endpoints 发出请求的承载令牌 . 当使用通过/ Token endpoints 生成的承载令牌通过postman调用时,这很好,但是当我想从MVC应用程序调用API时我没有密码,我无法使用令牌 endpoints 生成令牌 .
我的问题是我希望能够从经过身份验证的ASP.NET MVC应用程序向ASP.NET Web API发出请求,我将如何生成可以调用Web API的令牌?鉴于我有一个已经过身份验证的ClaimsIdentity .
我的MVC项目的Startup.Auth是:
public partial class Startup
{
public void ConfigureAuth(IAppBuilder app)
{
// Configure the db context, user manager and signin manager to use a single instance per request
app.CreatePerOwinContext(ApplicationDbContext.Create);
app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);
app.CreatePerOwinContext<ApplicationSignInManager>(ApplicationSignInManager.Create);
app.CreatePerOwinContext<ApplicationRoleManager>(ApplicationRoleManager.Create);
// Enable the application to use a cookie to store information for the signed in user
// and to use a cookie to temporarily store information about a user logging in with a third party login provider
// Configure the sign in cookie
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
Provider = new CookieAuthenticationProvider
{
// Enables the application to validate the security stamp when the user logs in.
// This is a security feature which is used when you change a password or add an external login to your account.
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
validateInterval: TimeSpan.FromMinutes(30),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
}
});
}
}
我的Web API项目的Startup.Auth是:
public partial class Startup
{
public static OAuthAuthorizationServerOptions OAuthOptions { get; private set; }
public static string PublicClientId { get; private set; }
// For more information on configuring authentication, please visit http://go.microsoft.com/fwlink/?LinkId=301864
public void ConfigureAuth(IAppBuilder app)
{
// Configure the db context and user manager to use a single instance per request
app.CreatePerOwinContext(ApplicationDbContext.Create);
app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);
// Configure the application for OAuth based flow
PublicClientId = "self";
OAuthOptions = new OAuthAuthorizationServerOptions
{
TokenEndpointPath = new PathString("/Token"),
Provider = new ApplicationOAuthProvider(PublicClientId),
AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
// In production mode set AllowInsecureHttp = false
AllowInsecureHttp = true
};
// Enable the application to use bearer tokens to authenticate users
app.UseOAuthBearerTokens(OAuthOptions);
}
}
谢谢,如果有任何进一步的信息有用,请告诉我 .
1 回答
我之前实现的一个选项是,在成功从MVC应用程序登录后从API检索令牌 - 使用登录期间传入的相同凭据 . 随意存储令牌(即在ASP.NET会话状态中),然后在应用程序中根据需要使用它 .
您的MVC应用程序登录控制器操作可能如下所示:
BearerToken只是完整API令牌结构的定制类表示:
从MVC应用程序调用某些数据的示例调用可能如下所示: