Web API 2 OWIN Bearer token authentication - AccessTokenFormat null?OWIN中IIS主機的默認OAuth AccessTokenFormat實現是什麼?
默認/令牌端點工作正常,我可以得到從那裏, 令牌,但我需要使用一個票AccessTokenFormat.Protect方法生成的accessToken爲externalLogin。
基本上我的實現與這一個非常相似,並且我遇到了AccessTokenFormat爲空的相同問題。 從documentation它說:用來保護包含在訪問令牌中的信息
的數據格式。如果應用程序未提供默認數據保護提供程序,則取決於主機服務器。 IIS上的SystemWeb主機將使用ASP.NET機器密鑰數據保護,並且HttpListener和其他自託管服務器將使用DPAPI數據保護。如果分配了不同的訪問令牌提供程序或格式,則必須將兼容實例分配給資源服務器的OAuthBearerAuthenticationOptions.AccessTokenProvider或OAuthBearerAuthenticationOptions.AccessTokenFormat屬性。
它在我看來,如果AccessTokenFormat沒有分配,主機會爲它提供一個基本的實現。但我不認爲它在這裏有效。 有沒有一種方法可以找到ISecureDataFormatAccessTokenFormat的默認實現並將其手動分配給變量?
或者沒有人有其他想法如何解決這個問題?
更新: 我得到了武士刀的源代碼,並找到OAuthAuthorizationServerMiddleware類,從源代碼中,我可以看到下面的代碼:
if (Options.AccessTokenFormat == null)
{
IDataProtector dataProtecter = app.CreateDataProtector(
typeof(OAuthAuthorizationServerMiddleware).Namespace,
"Access_Token", "v1");
Options.AccessTokenFormat = new TicketDataFormat(dataProtecter);
}
在我Startup.Auth,這裏是我的代碼:
static Startup()
{
PublicClientId = "self";
UserManagerFactory =() => new UserManager<ApplicationUser>(new UserStore<ApplicationUser>(new ApplicationDbContext()));
OAuthOptions = new OAuthAuthorizationServerOptions()
{
TokenEndpointPath = new PathString("/Token"),
AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"),
Provider = new ApplicationOAuthProvider(PublicClientId, UserManagerFactory),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
AllowInsecureHttp = true
};
OAuthBearerOptions = new OAuthBearerAuthenticationOptions();
OAuthBearerOptions.AccessTokenFormat = OAuthOptions.AccessTokenFormat;
OAuthBearerOptions.AccessTokenProvider = OAuthOptions.AccessTokenProvider;
OAuthBearerOptions.AuthenticationMode = OAuthOptions.AuthenticationMode;
OAuthBearerOptions.AuthenticationType = OAuthOptions.AuthenticationType;
OAuthBearerOptions.Description = OAuthOptions.Description;
OAuthBearerOptions.Provider = new CustomBearerAuthenticationProvider();
OAuthBearerOptions.SystemClock = OAuthOptions.SystemClock;
}
public void ConfigureAuth(IAppBuilder app)
{
// Configure the db context and user manager to use a single instance per request
app.CreatePerOwinContext(ApplicationDbContext.Create);
app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);
app.UseOAuthAuthorizationServer(OAuthOptions);
// Enable the application to use bearer tokens to authenticate users
app.UseOAuthBearerTokens(OAuthOptions);
// Enable the application to use a cookie to store information for the signed in user
// and to use a cookie to temporarily store information about a user logging in with a third party login provider
// Configure the sign in cookie
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
Provider = new CookieAuthenticationProvider
{
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
validateInterval: TimeSpan.FromMinutes(30),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
}
});
// Use a cookie to temporarily store information about a user logging in with a third party login provider
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
}
我也有WebApiConfig
0以下// Web API configuration and services
// Configure Web API to use only bearer token authentication.
config.SuppressDefaultHostAuthentication();
config.Filters.Add(new HostAuthenticationFilter(OAuthDefaults.AuthenticationType));
我不知道爲什麼 app.UseOAuthAuthorizationServer(OAuthOptions);沒有設置accessTokenFormat