zoukankan      html  css  js  c++  java
  • OWIN OAuth 2.0 Authorization Server

    https://docs.microsoft.com/en-us/aspnet/aspnet/overview/owin-and-katana/owin-oauth-20-authorization-server

    The OAuth 2.0 framework enables a third-party app to obtain limited access to an HTTP service. Instead of using the resource owner's credentials to access a protected resource, the client obtains an access token (which is a string denoting a specific scope, lifetime, and other access attributes). Access tokens are issued to third-party clients by an authorization server with the approval of the resource owner.

    This tutorial will cover:

    • How to create an authorization server to support four authorization grant types and refresh tokens:
      • Authorization code grant
      • Implicit Grant
      • Resource Owner Password Credentials Grant
      • Client Credentials Grant
    • Creating a resource server which is protected by an access token.
    • Creating OAuth 2.0 clients.
    app.UseOAuthAuthorizationServer(new OAuthAuthorizationServerOptions
         {Provider = new OAuthAuthorizationServerProvider
         {
             OnValidateClientRedirectUri = ValidateClientRedirectUri,
             OnValidateClientAuthentication = ValidateClientAuthentication,
             OnGrantResourceOwnerCredentials = GrantResourceOwnerCredentials,
             OnGrantClientCredentials = GrantClientCredetails
         }};

    // Summary:
    // Called when a request to the Token endpoint arrives with a "grant_type" of "client_credentials".
    // This occurs when a registered client application wishes to acquire an "access_token"
    // to interact with protected resources on it's own behalf, rather than on behalf
    // of an authenticated user. If the web application supports the client credentials
    // it may assume the context.ClientId has been validated by the ValidateClientAuthentication
    // call. To issue an access token the context.Validated must be called with a new
    // ticket containing the claims about the client application which should be associated
    // with the access token. The application should take appropriate measures to ensure
    // that the endpoint isn’t abused by malicious callers. The default behavior is
    // to reject this grant type. See also http://tools.ietf.org/html/rfc6749#section-4.4.2

    public Func<OAuthGrantClientCredentialsContext, Task> OnGrantClientCredentials { get; set; }

  • 相关阅读:
    css3
    如何去渲染数据?
    ajax
    Java多线程-线程安全
    java多线程-基础
    Git-团队开放中的代码同步与提交
    IDEA 调试Spring-boot 应用
    微服务-各种pom的配置和注解
    微服务-服务与注册中心
    微服务
  • 原文地址:https://www.cnblogs.com/chucklu/p/10346661.html
Copyright © 2011-2022 走看看