C# Owin如何使用OAuthAuthorizationServer？_C#_Asp.net_Owin

C# Owin如何使用OAuthAuthorizationServer？

c# asp.net

C# Owin如何使用OAuthAuthorizationServer？,c#,asp.net,owin,C#,Asp.net,Owin,我正在尝试取消登录owin和OAuthAuthorizationServer 我知道Outh2有4个部分： 1-资源所有者 2-资源服务器： 3-客户端应用程序： 4-授权服务器：我已经在一个简单的应用程序中实现了owin和授权服务器应用程序运行良好我只是想了解更多关于南方的东西因此，我在srartp课程中： public class Startup { public void ConfigureAuth(IAppBuilder app)

我正在尝试取消登录owin和OAuthAuthorizationServer

我知道Outh2有4个部分：

1-资源所有者

2-资源服务器：

3-客户端应用程序：

4-授权服务器：

我已经在一个简单的应用程序中实现了owin和授权服务器

应用程序运行良好

我只是想了解更多关于南方的东西

因此，我在srartp课程中：

public class Startup
        {
            public void ConfigureAuth(IAppBuilder app)
            {
                app.UseCors(CorsOptions.AllowAll);//this is very important line cross orgin source(CORS)it is used to enable cross-site HTTP requests                                   //For security reasons, browsers restrict cross-origin HTTP requests 
                var OAuthOptions = new OAuthAuthorizationServerOptions
                {
                    AllowInsecureHttp = true,
                    TokenEndpointPath = new PathString("/token"),
                    AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(60),//token expiration time
                    Provider = new OauthProvider()
                };
                app.UseOAuthBearerTokens(OAuthOptions);
                app.UseOAuthAuthorizationServer(OAuthOptions);
                app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
                HttpConfiguration config = new HttpConfiguration();
                WebApiConfig.Register(config);//register the request
            }

            public void Configuration(IAppBuilder app)
            {
                ConfigureAuth(app);
                GlobalConfiguration.Configure(WebApiConfig.Register);
            }

        }

然后我创建了我的OauthProvider

这是我的班级

public class OauthProvider : OAuthAuthorizationServerProvider
    {
        public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
        {
            //First request will come here, this method will validate the request wheather it has crendtials(UserName and Password) if the request not contain username and 
           //password the request will reject from here not proceded any further
            context.Validated(); 
        }
        public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
        {
            //If the request has valid and it contain username and password than this method will check correct crenstials and than generate a valid token
            var identity = new ClaimsIdentity(context.Options.AuthenticationType); //it will check the authenticate type

            using (var db = new DataContext())
            {
                if (db != null)
                {
                    var user = db.Users.Where(o => o.UserName == context.UserName && o.Password == context.Password).FirstOrDefault();
                    if (user != null)
                    {
                        //Store information againest the request
                        identity.AddClaim(new Claim("UserName", context.UserName));
                        identity.AddClaim(new Claim("LoggedOn", DateTime.Now.ToString()));
                        context.Validated(identity);
                    }
                    else
                    {
                        context.SetError("Wrong Crendtials", "Provided username and password is incorrect");
                        context.Rejected();
                    }
                }
                else
                {
                    context.SetError("Wrong Crendtials", "Provided username and password is incorrect");
                    context.Rejected();
                }
                return;
            }
        }
    }

如果我想了解OAuth的部分

如何定义我对每个部件所做的操作

请注意，这是一个web api项目

任何有用的信息都是有用的

谢谢