zoukankan      html  css  js  c++  java

  • ASP.NET MVC WEB API OAuth2Authorize

    using System;
    using System.Net;
    using System.Security.Cryptography;
    using System.Security.Cryptography.X509Certificates;
    using System.Security.Principal;
    using System.ServiceModel.Channels;
    using System.Threading;
    using System.Web.Http;
    using System.Web.Http.Controllers;
    using System.Web.Http.Filters;
    using DotNetOpenAuth.OAuth2;
     
    namespace ProjectName.Web.Controllers.ActionFilters
    {
    /// <summary>
    /// ActionFilter to authorize requests using OAuth2
    /// </summary>
    public class OAuth2Authorize : AuthorizationFilterAttribute
    {
    /// <summary>
    /// Called when [authorization].
    /// </summary>
    /// <param name="actionContext">The action context.</param>
    public override void OnAuthorization(HttpActionContext actionContext)
    {
    // get public / private key from certificate
    var store = new X509Store(StoreLocation.LocalMachine);
    store.Open(OpenFlags.ReadOnly);
    var certCollection = store.Certificates;
    var currentCerts = certCollection.Find(X509FindType.FindByTimeValid, DateTime.Now, false);
    var signingCert = currentCerts.Find(X509FindType.FindBySubjectDistinguishedName, "CN=*.yourdomain.com, OU=Domain Control Validated, O=*.yourdomain.com", false);
    var cert = signingCert[0];
    store.Close();
     
    var publicKey = (RSACryptoServiceProvider)cert.PublicKey.Key;
    var privateKey = (RSACryptoServiceProvider)cert.PrivateKey;
     
    using (var signing = publicKey)
    using (var encrypting = privateKey)
    {
    base.OnAuthorization(actionContext);
     
    // TODO FIXME dnoa doesn't support HttpRequestMessage - manually creating HttpRequestMessageProperty until they do
    var request = new HttpRequestMessageProperty();
    request.Headers[HttpRequestHeader.Authorization] = actionContext.Request.Headers.Authorization.ToString();
    var requestUri = actionContext.Request.RequestUri;
     
    var resourceServer = new ResourceServer(new StandardAccessTokenAnalyzer(signing, encrypting));
    IPrincipal result;
     
    var response = resourceServer.VerifyAccess(request, requestUri, out result);
     
    if (response != null)
    {
    actionContext.Response = actionContext.ControllerContext.Request.CreateResponse(HttpStatusCode.Forbidden);
    return;
    }
     
    var principal = null; // create your principal using result.Identity.Name if needed
    Thread.CurrentPrincipal = principal;
    }
    }
    }
    }
  • 相关阅读:
    String.trim()这个细节不能忘记
    Integer.parseInt(f.trim())中String f要加trim()
    类属性不能写在try{}catch(){}里面
    011--TypeScript泛型
    010--TypeScript里面的this和重载
    009--函数(基本实例和函数类型)
    007--TypeScript之类的修饰符
    008--TypeScript存储器和静态属性
    006--TypeScript之类
    005--TypeScript接口
  • 原文地址:https://www.cnblogs.com/fx2008/p/2819546.html
Copyright © 2011-2022 走看看