其他客戶端登錄ASP.NET MVC 5 Web API2

Question

我創建了混合項目ASP.NET MVC5 + WebAPI 2（.NET Framework 4.5.6）。我已經實現了正確的工作API控制器。

我想用[Authorize]屬性來保護這個控制器。 我必須使用MS Windowsw服務客戶端消耗此API。

在連接到WebAPI時，它被重定向到登錄網頁。

我是否在API控制器本身或網站AccountController上實施了特殊登錄方法？

當我看到混合proyect的Visual Studio不會產生該代碼

OAuthOptions = new OAuthAuthorizationServerOptions 
{ 
    TokenEndpointPath = new PathString("/Token"), 
    Provider = new ApplicationOAuthProvider(PublicClientId), 
    AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"), 
    AccessTokenExpireTimeSpan = TimeSpan.FromDays(14), 
    // In production mode set AllowInsecureHttp = false 
    AllowInsecureHttp = true 
}; 

，而是它還有另外一個。

如何避免它，使Windows服務可以使用API​​？

謝謝！

Answer 1

我發現這裏完整的解決方案

https://blogs.msdn.microsoft.com/martinkearn/2015/03/25/securing-and-securely-calling-web-api-and-authorize/

using Newtonsoft.Json.Linq; 
using System; 
using System.Collections.Generic; 
using System.Net.Http; 
using System.Net.Http.Headers; 
using System.Threading.Tasks; 

namespace Client 
{ 
class Program 
{ 
const string userName = "someuser@someemail.com"; 
const string password = "Password1!"; 
const string apiBaseUri = "http://localhost:18342"; 
const string apiGetPeoplePath = "/api/people"; 

static void Main(string[] args) 
{ 
//Get the token 
var token = GetAPIToken(userName, password, apiBaseUri).Result; 
Console.WriteLine("Token: {0}", token); 

//Make the call 
var response = GetRequest(token, apiBaseUri, apiGetPeoplePath).Result; 
Console.WriteLine("response: {0}", response); 

//wait for key press to exit 
Console.ReadKey(); 
} 

private static async Task<string> GetAPIToken(string userName, string password, string apiBaseUri) 
{ 
using (var client = new HttpClient()) 
{ 
//setup client 
client.BaseAddress = new Uri(apiBaseUri); 
client.DefaultRequestHeaders.Accept.Clear(); 
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); 

//setup login data 
var formContent = new FormUrlEncodedContent(new[] 
{ 
new KeyValuePair<string, string>("grant_type", "password"), 
new KeyValuePair<string, string>("username", userName), 
new KeyValuePair<string, string>("password", password), 
}); 

//send request 
HttpResponseMessage responseMessage = await client.PostAsync("/Token", formContent); 

//get access token from response body 
var responseJson = await responseMessage.Content.ReadAsStringAsync(); 
var jObject = JObject.Parse(responseJson); 
return jObject.GetValue("access_token").ToString(); 
} 
} 

static async Task<string> GetRequest(string token, string apiBaseUri, string requestPath) 
{ 
using (var client = new HttpClient()) 
{ 
//setup client 
client.BaseAddress = new Uri(apiBaseUri); 
client.DefaultRequestHeaders.Accept.Clear(); 
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); 
client.DefaultRequestHeaders.Add("Authorization", "Bearer " + token); 

//make request 
HttpResponseMessage response = await client.GetAsync(requestPath); 
var responseString = await response.Content.ReadAsStringAsync(); 
return responseString; 
} 
} 
} 
}