c# - Getting an access token in ASP.NET 5 -

-

my asp.net 5 (mvc 6 + beta7) web application (mvc + webapi) required access_token webapi login calls.

so far, googling, have created following code startup.cs:

app.useoauthbearerauthentication(options => {     options.automaticauthentication = true;     options.audience = "http://localhost:62100/";     options.authority = "http://localhost:62100/"; });

my client side is:

var login = function () {     var url = "http://localhost:62100/";     var data = $("#userdata").serialize();     data = data + "&grant_type=password";     $.post(url, data)         .success(saveaccesstoken)         .always(showresponse);     return false; };

is required use useopenidconnectserver? if so, how use signingcredentials token (e.g. mvc5 applicationoauthprovider)?

please note site simple demo http site , not need ssl.

is required use useopenidconnectserver?

using aspnet.security.openidconnect.server not "required". you're - of course - free opt server (like identityserver) or custom solution. being main developer behind aspnet-contrib, i'm not objective, i'll suggest going app.useopenidconnectserver().

if so, how use signingcredentials token (e.g. mvc5 applicationoauthprovider)?

when implementing password , using default token type, registering signing key/certificate not mandatory.

here's how can started:

startup.cs

public class startup {     public void configureservices(iservicecollection services)     {         services.addauthentication();     }      public void configure(iapplicationbuilder app)     {         // add new middleware validating encrypted         // access tokens issued oidc server.         app.useoauthvalidation();          // add new middleware issuing tokens.         app.useopenidconnectserver(options =>         {             options.tokenendpointpath = "/connect/token";              // override onvalidatetokenrequest skip client authentication.             options.provider.onvalidatetokenrequest = context =>             {                 // reject token requests don't use                 // grant_type=password or grant_type=refresh_token.                 if (!context.request.ispasswordgranttype() &&                     !context.request.isrefreshtokengranttype())                 {                     context.reject(                         error: openidconnectconstants.errors.unsupportedgranttype,                         description: "only grant_type=password , refresh_token " +                                      "requests accepted                      return task.fromresult(0);                 }                  // since there's 1 application , since it's public client                 // (i.e client cannot keep credentials private),                 // call skip() inform server request should                 // accepted without enforcing client authentication.                 context.skip();                  return task.fromresult(0);             };              // override onhandletokenrequest support             // grant_type=password token requests.             options.provider.onhandletokenrequest = context =>             {                 // handle grant_type=password token requests , let                 // openid connect server middleware handle other grant types.                 if (context.request.ispasswordgranttype())                 {                     // credentials validation here.                     // note: can call reject() message                     // indicate authentication failed.                      var identity = new claimsidentity(context.options.authenticationscheme);                     identity.addclaim(openidconnectconstants.claims.subject, "[unique id]");                      // default, claims not serialized                     // in access , identity tokens.                     // use overload taking "destinations"                     // parameter make sure claims                     // correctly inserted in appropriate tokens.                     identity.addclaim("urn:customclaim", "value",                         openidconnectconstants.destinations.accesstoken,                         openidconnectconstants.destinations.identitytoken);                      var ticket = new authenticationticket(                         new claimsprincipal(identity),                         new authenticationproperties(),                         context.options.authenticationscheme);                      // call setscopes list of scopes want grant                     // (specify offline_access issue refresh token).                     ticket.setscopes("profile", "offline_access");                      context.validate(ticket);                 }                  return task.fromresult(0);             };         });     } }

project.json

{   "dependencies": {     "aspnet.security.oauth.validation": "1.0.0",     "aspnet.security.openidconnect.server": "1.0.0"   } }

you can read blog post, explains how implement resource owner password grant: http://kevinchalet.com/2016/07/13/creating-your-own-openid-connect-server-with-asos-implementing-the-resource-owner-password-credentials-grant/


Comments

Post a Comment

Popular posts from this blog

javascript - Chart.js (Radar Chart) different scaleLineColor for each scaleLine -

-
Image
i try , create radar chart using chart.js has various colours each scaleline, or coloured between scalelines. wondering if possible? from: to: i have working graph, though there doesn't seem method change individual scale lines. kind regards leigh you can extend radar chart type this, so chart.types.radar.extend({ name: "radaralt", initialize: function (data) { chart.types.radar.prototype.initialize.apply(this, arguments); var originalscaledraw = this.scale.draw; var ctx = this.chart.ctx; this.scale.draw = function () { var linewidth = this.linewidth; // bypasses line drawing in originalscaledraw this.linewidth = linewidth; originalscaledraw.apply(this, arguments); ctx.linewidth = this.linewidth; var scale = this; // draw chart.helpers.each(scale.ylabels, function (label, index) { // color of ...
Read more

apache - Error with PHP mail(): Multiple or malformed newlines found in additional_header -

-
suddenly have started receiving above error without changes having been made script. host 1and1 (i know...) the script still works fine on different server, , suspicion there must have been server config change has lead this, although hosts plead ignorance. there's no information on above error @ in google can find - have ideas? server running apache if helps. had similar problem. came out of blue. no php code changed. what changed: php upgraded 5.5.25-1 5.5.26. a security risk in php mail() function has been fixed , newlines in additional_headers allowed no more. because newlines mean: starts email message (and surely don't want inject newlines through headers followed evil message). what have worked fine, e.g. having newlines after headers or passing whole message additional_headers , function no more. solution : sanitize headers. no multiple newlines in additional_headers argument. these count "multiple or malformed newlines":...
Read more

java - Android – MapFragment overlay button shadow, just like MyLocation button -

-
Image
i'm struggling add shadow custom overlay button on google map. goal make custom button google's mylocation button. here's how app looks now: layout.xml <relativelayout xmlns:android="http://schemas.android.com/apk/res/android" xmlns:tools="http://schemas.android.com/tools" xmlns:map="http://schemas.android.com/apk/res-auto" android:layout_height="match_parent" android:layout_width="match_parent" style="@style/apptheme"> <fragment android:layout_width="match_parent" android:layout_height="match_parent" android:id="@+id/map" tools:context=".mapsactivity" android:name="com.google.android.gms.maps.supportmapfragment" android:layout_alignparentend="true" android:layout_alignparentstart="true" android:layout_alignparentbottom="true" ...
Read more