zoukankan      html  css  js  c++  java
  • ASP.NET MVC WEB API OAuth2Authorize

    using System;
    using System.Net;
    using System.Security.Cryptography;
    using System.Security.Cryptography.X509Certificates;
    using System.Security.Principal;
    using System.ServiceModel.Channels;
    using System.Threading;
    using System.Web.Http;
    using System.Web.Http.Controllers;
    using System.Web.Http.Filters;
    using DotNetOpenAuth.OAuth2;
     
    namespace ProjectName.Web.Controllers.ActionFilters
    {
    /// <summary>
    /// ActionFilter to authorize requests using OAuth2
    /// </summary>
    public class OAuth2Authorize : AuthorizationFilterAttribute
    {
    /// <summary>
    /// Called when [authorization].
    /// </summary>
    /// <param name="actionContext">The action context.</param>
    public override void OnAuthorization(HttpActionContext actionContext)
    {
    // get public / private key from certificate
    var store = new X509Store(StoreLocation.LocalMachine);
    store.Open(OpenFlags.ReadOnly);
    var certCollection = store.Certificates;
    var currentCerts = certCollection.Find(X509FindType.FindByTimeValid, DateTime.Now, false);
    var signingCert = currentCerts.Find(X509FindType.FindBySubjectDistinguishedName, "CN=*.yourdomain.com, OU=Domain Control Validated, O=*.yourdomain.com", false);
    var cert = signingCert[0];
    store.Close();
     
    var publicKey = (RSACryptoServiceProvider)cert.PublicKey.Key;
    var privateKey = (RSACryptoServiceProvider)cert.PrivateKey;
     
    using (var signing = publicKey)
    using (var encrypting = privateKey)
    {
    base.OnAuthorization(actionContext);
     
    // TODO FIXME dnoa doesn't support HttpRequestMessage - manually creating HttpRequestMessageProperty until they do
    var request = new HttpRequestMessageProperty();
    request.Headers[HttpRequestHeader.Authorization] = actionContext.Request.Headers.Authorization.ToString();
    var requestUri = actionContext.Request.RequestUri;
     
    var resourceServer = new ResourceServer(new StandardAccessTokenAnalyzer(signing, encrypting));
    IPrincipal result;
     
    var response = resourceServer.VerifyAccess(request, requestUri, out result);
     
    if (response != null)
    {
    actionContext.Response = actionContext.ControllerContext.Request.CreateResponse(HttpStatusCode.Forbidden);
    return;
    }
     
    var principal = null; // create your principal using result.Identity.Name if needed
    Thread.CurrentPrincipal = principal;
    }
    }
    }
    }
  • 相关阅读:
    1.4(java学习笔记) 面向对象内存分析
    1.3(java学习笔记)构造方法及重载
    1.2(java学习笔记)类与对象
    1.1(java学习笔记) 面向过程与面向对象
    STM32F0库函数初始化系列:GPIO配置
    STM32F4库函数初始化系列:PWM输出
    STM32F4库函数初始化系列:DMA串口接收
    STM32F4库函数初始化系列:三重ADC——DMA
    STM32F1库函数初始化系列:DMA—ADC采集
    STM32F4库函数初始化系列:串口DMA接收
  • 原文地址:https://www.cnblogs.com/fx2008/p/2819546.html
Copyright © 2011-2022 走看看