关注Taiseer Joudeh优秀文章
使用ASP .NET Web API 2和Owin在AngularJS App中启用OAuth刷新令牌(http://bitoftech.net/2014/07/16/enable-oauth-refresh-tokens-angularjs-app-using -asp-net-web-api-2-owin /)目前我正在使用刷新令牌选项创建基于令牌的身份验证.
我的Startup类代码如下:
public class Startup
{
public void Configuration(IAppBuilder app)
{
HttpConfiguration config = new HttpConfiguration();
ConfigureOAuth(app);
WebApiConfig.Register(config);
app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll);
app.UseWebApi(config);
}
public void ConfigureOAuth(IAppBuilder app)
{
OAuthAuthorizationServerOptions oAuthServerOptions = new OAuthAuthorizationServerOptions()
{
AllowInsecureHttp = true,
TokenEndpointPath = new PathString("/token"),
AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(30),
Provider = new SimpleAuthorizationServerProvider(),
RefreshTokenProvider = new SimpleRefreshTokenProvider()
};
// Token Generation
app.UseOAuthAuthorizationServer(oAuthServerOptions);
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
}
}
我的SimpleAuthorizationServerProvider类代码如下:
public class SimpleAuthorizationServerProvider : OAuthAuthorizationServerProvider
{
public override Task …我有一个启动类,代码如下
public class Startup
{
public void Configuration(IAppBuilder app)
{
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType="ApplicationCookie",
LoginPath = new Microsoft.Owin.PathString("/auth/login")
});
}
}
当我运行我的项目时
在/网页AUTH /登录资讯?RETURNURL =%2Fauth%2Flogin%3FReturnUrl%3D%252Fauth%252Flogin%253FReturnUrl%253D%25252Fauth%25252Flogin%25253FReturnUrl%25253D%2525252Fauth%2525252Flogin%2525253FReturnUrl%2525253D%252525252Fauth%252525252Flogin%252525253FReturnUrl%252525253D %25252525252Fauth%25252525252Flogin%25252525253FReturnUrl%25252525253D%2525252525252Fauth%2525252525252Flogin%2525252525253FReturnUrl%2525252525253D%252525252525252Fauth%252525252525252Flogin%252525252525253FReturnUrl%252525252525253D%25252525252525252Fauth%25252525252525252Flogin%25252525252525253FReturnUrl%25252525252525253D%2525252525252525252Fauth%2525252525252525252Flogin%2525252525252525253FReturnUrl%2525252525252525253D%252525252525252525252Fauth%252525252525252525252Flogin%252525252525252525253FReturnUrl%252525252525252525253D%25252525252525252525252Fauth %25252525252525252525252Flogin%25252525252525252525253FReturnUrl%25252525252525252525253D%2525252525252525252525252Fauth%2525252525252525252525252Flogin%25252525252 52525252525253FReturnUrl%2525252525252525252525253D%252525252525252525252525252Fauth%252525252525252525252525252Flogin%252525252525252525252525253FReturnUrl%252525252525252525252525253D%25252525252525252525252525252Fauth%25252525252525252525252525252Flogin%25252525252525252525252525253FReturnUrl%25252525252525252525252525253D%2525252525252525252525252525252Fauth%2525252525252525252525252525252Flogin%2525252525252525252525252525253FReturnUrl%2525252525252525252525252525253D%252525252525252525252525252525252Fauth%252525252525252525252525252525252Flogin%252525252525252525252525252525253FReturnUrl%252525252525252525252525252525253D%25252525252525252525252525252525252Fauth%25252525252525252525252525252525252Flogin%25252525252525252525252525252525253FReturnUrl%25252525252525252525252525252525253D%2525252525252525252525252525252525252Fauth%2525252525252525252525252525252525252Flogin%2525252525252525252525252525252525253FReturnUrl% 2525252525252525252525252525252525253D%252525252525252525252525 252525252525252Fauth%25252525252525252525252525252525252525252Flogin%25252525252525252525252525252525252525253FReturnUrl%252525252525252525252525252525252525253D%25252525252525252525252525252525252525252FF导致了太多的重定向.清除此站点的cookie或允许第三方cookie可以解决问题.如果没有,它可能是服务器配置问题,而不是您的计算机的问题.
我清除了我的cookie,但仍然保持不变.
在尝试使用Google进行外部身份验证时,应用程序会给我以下异常:
<错误> <消息>发生错误.<ExceptionMessage> Sequence在System.Linq.Enumerable.SingleOrDefault [TSource]中包含多个元素</ ExceptionMessage> <ExceptionType> System.InvalidOperationException </ ExceptionType> <StackTrace>
1 source) at Microsoft.Owin.Security.AuthenticationManager.<AuthenticateAsync>d__8.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at System.Runtime.CompilerServices.TaskAwaiter(System.Web.Http中的IEnumerable 1.GetResult() .HostAuthenticationFilter.d__0.MoveNext()---在抛出异常的前一个位置的堆栈跟踪结束---在System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification的System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(任务任务)处( System.Web.Http.Controllers.AuthenticationFilterResult.d__0.MoveNext()中的System.Runtime.CompilerServices.TaskAwaiter.GetResult()处的任务任务)从抛出异常的先前位置开始的堆栈跟踪结束---在系统中System.W上System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()的System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(任务任务)中的.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(任务任务)eb.Http.Dispatcher.HttpControllerDispatcher.d__1.MoveNext()
我已将Web Api oAuth配置如下:
public void ConfigureOAuth(IAppBuilder app)
{
app.UseExternalSignInCookie(
Microsoft.AspNet.Identity.DefaultAuthenticationTypes.ExternalCookie);
OAuthBearerOptions = new OAuthBearerAuthenticationOptions();
OAuthAuthorizationServerOptions OAuthServerOptions =
new OAuthAuthorizationServerOptions()
{
AllowInsecureHttp = true,
TokenEndpointPath = new PathString("/token"),
AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(30),
Provider = new SimpleAuthorizationServerProvider(),
};
app.UseOAuthAuthorizationServer(OAuthServerOptions);
app.UseOAuthBearerAuthentication(OAuthBearerOptions);
googleAuthOptions = new …我的界面定义如下:
public interface IApplicationSettings
{
string LoggerName { get; }
string NumberOfResultsPerPage { get; }
string EmailAddress { get; }
string Credential { get; }
}
该接口的实现如下:
public class WebConfigApplicationSettings : IApplicationSettings
{
public string LoggerName
{
get { return ConfigurationManager.AppSettings["LoggerName"]; }
}
public string NumberOfResultsPerPage
{
get { return ConfigurationManager.AppSettings["NumberOfResultsPerPage"]; }
}
public string EmailAddress
{
get { return ConfigurationManager.AppSettings["EmailAddress"]; }
}
public string Credential
{
get { return ConfigurationManager.AppSettings["Credential"]; }
}
}
我还创建了一个工厂类来获取WebConfigSettings具体实现的实例,如下所示:
public class ApplicationSettingsFactory
{
private …access-token ×1
ajax ×1
asp.net ×1
asp.net-mvc ×1
c# ×1
cookies ×1
oauth ×1
oauth-2.0 ×1
owin ×1
routes ×1
structuremap ×1