Are bearer authentication tokens encrypted by default using OWIN?

2018-06-07 07:45:01

We're using Web API 2 and OWIN bearer authentication. Inside our OAuthAuthorizationProvider class, we're adding claims the normal way.

OnGrantResourceOwnerCredentials = async context =>
{

//Authenticate the user
//Our logic removed

//After authenticating, set up the claims
var claimsIdentity = new ClaimsIdentity(context.Options.AuthenticationType);
claimsIdentity.AddClaim(new Claim("user", authenticatedUser.Username));
context.Validated(claimsIdentity);

}

My question - is the generated bearer token encrypted by default? Also, since it may be related, is there any advantage to using context.Validated(authenticationTicket) instead?

链接地址: http://www.djcxy.com/p/22446.html

上一篇: 从ASP.NET MVC项目生成无记名令牌

下一篇: 使用OWIN默认加密承载认证令牌吗？