authentication - OWIN - Associating application information to auth server -


i've been following tutorial found here setting authorization server, separate client app. http://bitoftech.net/2014/06/01/token-based-authentication-asp-net-web-api-2-owin-asp-net-identity/
can example , working, feel i'm missing few steps application.

i'd have authorization server provide oauth tokens, used separate project (and potentially multiple others) authenticate users. understand point of separate authorization logic , business logic, i'm not sure how pair created users on auth server users on application.

for example, when user creates account first time, they'll send username/password authorization server. @ point app create own user information (empty profile , settings etc), , how store application's userid authorization information? i've tried adding client userid claim on auth server, i'm not sure if understand means or if that's correct approach.

basically, think should able do, not sure how it, in asp.net webapi application, should accept authorization: bearer < token > header, , somehow able grab userid (relevant specific application) authorization server. second, unrelated application should able accept same access token , own userid (assuming user has account both applications) auth server.

am looking @ right way? how associate different applications' userids users created on auth server?

assuming i'm understanding you're trying correctly, if you're using microsoft's oauth owin implementation, should able override oauthauthorizationserverprovider , override appropriate grant*().

see http://www.asp.net/aspnet/overview/owin-and-katana/owin-oauth-20-authorization-server more details.

if you're using resourceowner grant, it's straight forward:

public override task grantresourceownercredentials(oauthgrantresourceownercredentialscontext context) {      var user = ...;     if (!passwordprovider.validatepassword(context.password, user.password))     {         context.seterror("invalid_grant", "the password incorrect.");         return task.fromresult<object>(null);     }      // build claims identity     var identity = new claimsidentity(owinauthconfig.oauthauthorizationoptions.authenticationtype);     identity.buildclaims(user);      // create properties     var properties = createproperties(user);      // create ticket , process it.     var ticket = new authenticationticket(identity, properties);     context.validated(ticket);     return task.fromresult<object>(null); }

where build claims like:

public static class applicationoauthproviderhelper {     public static void buildclaims(this claimsidentity identity, user user)     {         var claims = new list<claim>         {             new claim(claimtypes.name, user.username),             new claim(claimtypes.nameidentifier, user.userid.tostring())         };          // custom claims, user app ids.         // ex. claim { claimtype = "app1/userid", value = "34242" }         var externalappclaims = magicalfunctionthatgetsexternalclaims(user);         foreach(var claim in externalappclaims)         {             claims.add(new claim(claim.claimtype, claim.value));         }          identity.addclaims(claims);     } }

which might used in web api controller as:

var useridstring = (user.identity claimsidentity).findfirst("app1/userid");

let me know if doesn't answer question!


Comments

Post a Comment

Popular posts from this blog

javascript - Jquery show_hide, what to add in order to make the page scroll to the bottom of the hidden field once button is clicked -

i have button on website when clicked, reveals map. button can seen when page first loads up, when clicked, section holding map slides open , goes out of screen since page loads @ top (normal). want page scroll down bottom of div select when button pushed, if map out of screen. if page scrolled down, , clicks show map button, don't want page jump bottom of map. i tried figure out myself, no luck. seasoned jquery coders able give me guidance? many thanks! map = mapdiv.gmap3("get"); infobox = new infobox({ pixeloffset: new google.maps.size(-220, -310), closeboxurl: '', enableeventpropagation: true }); mapdiv.delegate('.infobox .close','click',function () { infobox.close(); }); jquery(".slidingdiv").hide(); jquery(".show_hide").show(); jquery('.show_hide').click(function(){ lastcenter=map.getcenter(); jquery(".slidingdiv&quo
Read more

javascript - Highcharts multi-color line -

Image
i looking create highchart multi-colored line. if goes down under value, become red, , when comes on value, become green . here picture example: or maybe highcharts have other charts models differentiate high or low level color? you can achieve coloring using lineargradient coloring: color: { lineargradient: { x1: 0, x2: 0, y1: 0, y2: 1 }, stops: [ [0, 'red'], [0.25, 'yellow'], [0.50, 'green'], [0.75, 'yellow'], [1, 'red'] ] } here 0 in stops relates minimum value of series , 1 maximum value, , in between percentages between values. if find percentages according values prior creating chart use correct stops values make relate specific values in data (at least approximately). see this jsfiddle example .
Read more

javascript - Enter key does not work in search box -

tried search guys sorry. input in search box doesnt work (or search) when hit enter when user clicks search button. doing wrong? here code. thanks. <script type="text/javascript"> $(document).ready(function() { $("#submit").click(function() { var url = "http://asla.org/awardssearch.html"; url += "?s=" + $('#googlecse').val(); window.location = url; }); $('#googlecse').keydown(function(event) { if (event.keycode == '13') { $("#submit").click(); } else { //do nothing :) } }); }); </script> <form class="navbar-form navbar-right" role="search"> <div class="search"> <input id="googlecse" type="text" onblur="if(this.value=='')this.value=this.defaultvalue;" onfocus="if(this.value==this.defaultvalue)t
Read more