asp.net-mvc – 使用Windows身份验证和OWIN的ASP.NET MVC5 / Ang
发布时间:2020-12-15 23:13:59 所属栏目:asp.Net 来源:网络整理
导读:我可能是过于复杂的事情,但是我们有一个使用 Windows身份验证的AngularJS的内部ASP.NET MVC5 SPA.此应用程序具有SQL后端数据库,该数据库具有用户表,其中包含其帐户名称及其在应用程序中的相应角色.我们将拨打另一个启用Windows身份验证的Web API应用程序. 我
|
我可能是过于复杂的事情,但是我们有一个使用
Windows身份验证的AngularJS的内部ASP.NET MVC5 SPA.此应用程序具有SQL后端数据库,该数据库具有用户表,其中包含其帐户名称及其在应用程序中的相应角色.我们将拨打另一个启用Windows身份验证的Web API应用程序.
我已经尝试研究如何使用OWIN处理授权,但是找不到关于OWIN和Windows身份验证的任何具体示例.一切都会使用用户名和密码的表单身份验证. 我的应用程序如何使用OWIN和Windows Auth?以下是我的OAuthAuthorizationServerProvider类的示例. public class SimpleAuthorizationServerProvider : OAuthAuthorizationServerProvider
{
public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
context.Validated();
return;
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin",new[] { "*" });
var container = UnityHelper.GetContainerInstance("***");
var securityHelper = container.Resolve<ISecurityHelper>();
User currentUser = securityHelper.GetCurrentUser(); // Validates user based on HttpContext.Current.User
if (currentUser == null)
{
context.SetError("invalid_grant","The user could not be found.");
return;
}
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
identity.AddClaim(new Claim("sub",currentUser.AccountName));
identity.AddClaim(new Claim("role","user"));
context.Validated(identity);
}
}
更新: 更新2: HttpContext.Current.GetOwinContext().Request.User.Identity.Name 这对User总是返回null. public class SecurityHelper : ISecurityHelper
{
private readonly ISecurityGroupController _securityGroupController;
private readonly IUserController _userController;
private readonly IEmployeeController _employeeController;
private readonly IFieldPermissionController _fieldPermissionController;
private readonly IOACController _oacController;
public SecurityHelper(ISecurityGroupController securityGroupController,IUserController userController,IEmployeeController employeeController,IFieldPermissionController fieldPermissionController,IOACController oacController)
{
_securityGroupController = securityGroupController;
_userController = userController;
_employeeController = employeeController;
_fieldPermissionController = fieldPermissionController;
_oacController = oacController;
}
// ... other methods
public User GetCurrentUser()
{
User user = _userController.GetByAccountName(HttpContext.Current.GetOwinContext().Request.User.Identity.Name);
if (user != null)
{
List<OAC> memberships = _oacController.GetMemberships(user.SourceId).ToList();
if (IsTestModeEnabled() && ((user.OACMemberships != null && user.OACMemberships.Count == 0) || user.OACMemberships == null))
{
user.OACMemberships = memberships;
}
else if (!IsTestModeEnabled())
{
user.OACMemberships = memberships;
}
}
return user;
}
}
解决方法
本文系列将是一个开始的好地方:
http://bitoftech.net/2014/06/01/token-based-authentication-asp-net-web-api-2-owin-asp-net-identity/
注意,将是以下代码,其基本上将承载令牌存储在本地存储器中并将其附加到头部.这显然比这更多,包括表单和实际的服务器认证系统,但这应该给你一个体面的开始. 服务器组件: public class Startup
{
public void Configuration(IAppBuilder app)
{
ConfigureOAuth(app);
//Rest of code is here;
}
public void ConfigureOAuth(IAppBuilder app)
{
OAuthAuthorizationServerOptions OAuthServerOptions = new OAuthAuthorizationServerOptions()
{
AllowInsecureHttp = true,TokenEndpointPath = new PathString("/token"),AccessTokenExpireTimeSpan = TimeSpan.FromDays(1),Provider = new SimpleAuthorizationServerProvider()
};
// Token Generation
app.USEOAuthAuthorizationServer(OAuthServerOptions);
app.USEOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
}
}
和以下客户端代码: 'use strict';
app.factory('authService',['$http','$q','localStorageService',function ($http,$q,localStorageService) {
var serviceBase = 'http://ngauthenticationapi.azurewebsites.net/';
var authServiceFactory = {};
var _authentication = {
isAuth: false,userName : ""
};
var _saveRegistration = function (registration) {
_logOut();
return $http.post(serviceBase + 'api/account/register',registration).then(function (response) {
return response;
});
};
var _login = function (loginData) {
var data = "grant_type=password&username=" + loginData.userName + "&password=" + loginData.password;
var deferred = $q.defer();
$http.post(serviceBase + 'token',data,{ headers: { 'Content-Type': 'application/x-www-form-urlencoded' } }).success(function (response) {
localStorageService.set('authorizationData',{ token: response.access_token,userName: loginData.userName });
_authentication.isAuth = true;
_authentication.userName = loginData.userName;
deferred.resolve(response);
}).error(function (err,status) {
_logOut();
deferred.reject(err);
});
return deferred.promise;
};
var _logOut = function () {
localStorageService.remove('authorizationData');
_authentication.isAuth = false;
_authentication.userName = "";
};
var _fillAuthData = function () {
var authData = localStorageService.get('authorizationData');
if (authData)
{
_authentication.isAuth = true;
_authentication.userName = authData.userName;
}
}
authServiceFactory.saveRegistration = _saveRegistration;
authServiceFactory.login = _login;
authServiceFactory.logOut = _logOut;
authServiceFactory.fillAuthData = _fillAuthData;
authServiceFactory.authentication = _authentication;
return authServiceFactory;
}]);
随着 'use strict';
app.factory('authInterceptorService',['$q','$location',function ($q,$location,localStorageService) {
var authInterceptorServiceFactory = {};
var _request = function (config) {
config.headers = config.headers || {};
var authData = localStorageService.get('authorizationData');
if (authData) {
config.headers.Authorization = 'Bearer ' + authData.token;
}
return config;
}
var _responseError = function (rejection) {
if (rejection.status === 401) {
$location.path('/login');
}
return $q.reject(rejection);
}
authInterceptorServiceFactory.request = _request;
authInterceptorServiceFactory.responseError = _responseError;
return authInterceptorServiceFactory;
}]);
(编辑:李大同) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |
相关内容
- asp.net-mvc – 在ASP.NET MVC中的View和PartialView有什么
- Asp.net – 空QueryString参数
- asp.net – 为什么Visual Studio会拒绝访问,尝试使用NuGet软
- asp.net-mvc-3 – 部署到“真实”IIs网站时默认Razor View的
- asp.net-mvc – 在ASP.NET MVC Web应用程序中托管WCF服务
- .net – 什么可以解释托管堆上超过5,000,000个System.WeakR
- asp.net-mvc – 在同一页面显示搜索表单及其结果的最佳方法
- 在asp.net.mvc中,什么是正确的方法来引用css内的图像
- asp.net-mvc – ASP .NET MVC在视图之间存储大量参数
- ASP.NET MVC共享Web托管建议? (或者,好的Windows VPS提供商