Asp.net mvc 使用UseCookieAuthentication和现有Web API OAuth应用程序验证MVC应用程序_Asp.net Mvc_Asp.net Mvc 4_Authentication_Oauth

Asp.net mvc 使用UseCookieAuthentication和现有Web API OAuth应用程序验证MVC应用程序

asp.net-mvc asp.net-mvc-4 authentication oauth

Asp.net mvc 使用UseCookieAuthentication和现有Web API OAuth应用程序验证MVC应用程序,asp.net-mvc,asp.net-mvc-4,authentication,oauth,Asp.net Mvc,Asp.net Mvc 4,Authentication,Oauth,我已使用自定义的Microsoft.Owin实现创建了自己的web api OAuth身份验证服务器： app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create); app.CreatePerOwinContext<ApplicationRoleManager>(ApplicationRoleManager.Create); app.Use

我已使用自定义的Microsoft.Owin实现创建了自己的web api OAuth身份验证服务器：

app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);
        app.CreatePerOwinContext<ApplicationRoleManager>(ApplicationRoleManager.Create);

        app.UseCookieAuthentication(new CookieAuthenticationOptions());
        app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);

        PublicClientId = "self";
        OAuthOptions = new OAuthAuthorizationServerOptions
        {
            TokenEndpointPath = new PathString("/Token"),
            Provider = new ApplicationOAuthProvider(PublicClientId),
            AuthorizeEndpointPath = new PathString("/Auth/ExternalLogin"),
            AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
            AllowInsecureHttp = true
        };

        app.UseOAuthBearerTokens(OAuthOptions);

如果有人有相关经验，请告诉我

更新：我想我终于找到了解决方案。

在我的解决方案中，在登录过程中，我创建了一个票证，并保护OAuthBeareOptions中的票证，该票证在Startup.Auth类中定义

[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public async Task<ActionResult> SignIn(LoginPageModel pageModel, string returnUrl)
{
    if (!ModelState.IsValid)
    {
        return RedirectToAction("SignIn", new { returnUrl = returnUrl });
    }

    try
    {
        var result = await AuthService.Instance.AuthenticateAsync(pageModel.LoginModel);

        CreateIdentity(result);

        return RedirectToLocal(returnUrl);
    }
    catch (Exception ex)
    {
        return RedirectToAction("SignIn", new { returnUrl = returnUrl });
    }
}

private void CreateIdentity(TokenResponseModel result)
{
    IDictionary< String, String> data = new Dictionary< String, String>
    {
        { "userName", result.Username }
    };

    var claims = new List<Claim>();
    claims.Add(new Claim(ClaimTypes.Name, result.Username));
    claims.Add(new Claim(ClaimTypes.Email, result.Username));

    if (!String.IsNullOrEmpty(result.ExternalIdentity))
    {
        claims.Add(new Claim(CustomClaimTypes.ExternalIdentity, result.ExternalIdentity));
    }

    if (result.Roles != null && result.Roles.Length != 0)
    {
        foreach (var role in result.Roles)
        {
            claims.Add(new Claim(ClaimTypes.Role, role));
        }
    }

    ClaimsIdentity oAuthIdentity = new ClaimsIdentity(claims, OAuthDefaults.AuthenticationType);
    ClaimsIdentity cookiesIdentity = new ClaimsIdentity(claims, DefaultAuthenticationTypes.ApplicationCookie);

    AuthenticationProperties properties = new AuthenticationProperties(data);
    AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, properties);

    Startup.OAuthBearerOptions.AccessTokenFormat.Protect(ticket);
    AuthenticationManager.SignIn(cookiesIdentity);
}

我想我终于找到了解决办法。在我的解决方案中，在登录过程中，我创建了一个票证，并在Startup.Auth类中的OAuthBeareOptions中保护它。我在问题的末尾添加了解决方案。

public void ConfigureAuth(IAppBuilder app)
    {
        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
            LoginPath = new PathString("/Auth/SignIn")
        });

        app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions
        {
            Provider = new ApplicationOAuthBearerAuthenticationProvider(),
        });
    }

[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public async Task<ActionResult> SignIn(LoginPageModel pageModel, string returnUrl)
{
    if (!ModelState.IsValid)
    {
        return RedirectToAction("SignIn", new { returnUrl = returnUrl });
    }

    try
    {
        var result = await AuthService.Instance.AuthenticateAsync(pageModel.LoginModel);

        CreateIdentity(result);

        return RedirectToLocal(returnUrl);
    }
    catch (Exception ex)
    {
        return RedirectToAction("SignIn", new { returnUrl = returnUrl });
    }
}

private void CreateIdentity(TokenResponseModel result)
{
    IDictionary< String, String> data = new Dictionary< String, String>
    {
        { "userName", result.Username }
    };

    var claims = new List<Claim>();
    claims.Add(new Claim(ClaimTypes.Name, result.Username));
    claims.Add(new Claim(ClaimTypes.Email, result.Username));

    if (!String.IsNullOrEmpty(result.ExternalIdentity))
    {
        claims.Add(new Claim(CustomClaimTypes.ExternalIdentity, result.ExternalIdentity));
    }

    if (result.Roles != null && result.Roles.Length != 0)
    {
        foreach (var role in result.Roles)
        {
            claims.Add(new Claim(ClaimTypes.Role, role));
        }
    }

    ClaimsIdentity oAuthIdentity = new ClaimsIdentity(claims, OAuthDefaults.AuthenticationType);
    ClaimsIdentity cookiesIdentity = new ClaimsIdentity(claims, DefaultAuthenticationTypes.ApplicationCookie);

    AuthenticationProperties properties = new AuthenticationProperties(data);
    AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, properties);

    Startup.OAuthBearerOptions.AccessTokenFormat.Protect(ticket);
    AuthenticationManager.SignIn(cookiesIdentity);
}

public void ConfigureAuth(IAppBuilder app)
{
    app.UseCookieAuthentication(new CookieAuthenticationOptions
    {
        AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
        LoginPath = new PathString("/Auth/SignIn"),
    });

    OAuthBearerOptions = new OAuthBearerAuthenticationOptions();
    app.UseOAuthBearerAuthentication(OAuthBearerOptions);
}