• 使用Resource Owner Password Credentials Grant授权发放Token

    对应的应用场景是:为自家的网站开发手机 App(非第三方 App),只需用户在 App 上登录,无需用户对 App 所能访问的数据进行授权。

    客户端获取Token:

    public string GetAccessToken(string UserName, string UserPwd)
{
    if (UserName == "xsj" && UserPwd == "123456")
    {
        HttpClient _httpClient = new HttpClient();
        _httpClient.BaseAddress = new Uri("http://localhost:61659");
        _httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic", Convert.ToBase64String(Encoding.ASCII.GetBytes(UserName + ":" + UserPwd)));
        var parameters = new Dictionary<string, string>();
        parameters.Add("grant_type", "password");
        parameters.Add("username", UserName);
        parameters.Add("password", UserPwd);
        string result = _httpClient.PostAsync("/Token", new FormUrlEncodedContent(parameters)).Result.Content.ReadAsStringAsync().Result;
    }
    return "";
}

        

    基于 Owin OAuth, 针对 Resource Owner Password Credentials Grant 的授权方式,只需重载 OAuthAuthorizationServerProvider.GrantResourceOwnerCredentials() 方法即可。代码如下:

    public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
        {
            //验证context.UserName与context.Password //调用后台的登录服务验证用户名与密码
            var oAuthIdentity = new ClaimsIdentity(context.Options.AuthenticationType);

            var props = new AuthenticationProperties(new Dictionary<string, string> { { "client_id", context.ClientId } });

            oAuthIdentity.AddClaim(new Claim(ClaimTypes.Name, context.UserName));

            var ticket = new AuthenticationTicket(oAuthIdentity, props);

            context.Validated(ticket);

            await base.GrantResourceOwnerCredentials(context);
        }

      

    使用:

    public string Call_WebAPI_By_Resource_Owner_Password_Credentials_Grant()
{
    string token = await GetAccessToken("xsj", "123456");
    if (token != "")
    {
        HttpClient _httpClient = new HttpClient();
        _httpClient.BaseAddress = new Uri("http://localhost:61659");
        _httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token);
        return _httpClient.GetAsync("/UserInfo/GetCurrent")).Content.ReadAsStringAsync());
    }
    return "";
}

    参考:http://www.cnblogs.com/dudu/tag/OAuth/
    https://github.com/feiyit/MvcApiSecurity
  • 相关阅读:
    c语言指针应用总结
    C语言指针知识点
    标准输出scanf函数
    C语言32个关键字查询
    kali2020 无法使用arpspoof ,切换阿里云源进行安装
    “中国网络安全能力图谱”发布,安华金和当选数据安全领域代表者!
    【官方文档】-Windows Server 安装和升级
    SQL Server 2012配置Always On可用性组
    【官方文档】-SQL Server 的最大容量规范
    【官方文档】-按 SQL Server 版本划分的计算能力限制
  • 原文地址:https://www.cnblogs.com/xsj1989/p/5690929.html
Copyright © 2020-2023  润新知