bearer token authentication with web api 1

2018-05-30 07:08:41

I'm working on implementing token based authentication in ASP.NET WebAPI. Is it possible to implement bearer token authentication in WebAPI 1.2?

update:

The problem is all the examples i see is based on WebAPI 2 and OWIN. WebAPI 2 came up with a dedicated authenticate attribute, but i am looking for WebAPI 1.2 it only having authorize attribute. We need to override the onAuthorize method and implement the token validation logic. but i dont know how to implement bearer token and set expiry time for that token. more over how to generate a new token if a token is expired. somewhere do i need to store the generated token inorder to validate?

public class APIAuthentication : AuthorizationFilterAttribute
{
    private const string BasicAuthResponseHeader = "WWW-Authenticate";
    private const string BasicAuthResponseHeaderValue = "Basic";

    public override void OnAuthorization(HttpActionContext actionContext)
    {
        //logics for perform bearer token auth.
        //if auth failed we ill be return 401 and auth type in header
        HandleUnAuthorized(actionContext);
    }

    private void HandleUnAuthorized(HttpActionContext actionContext)
    {
        actionContext.Response = actionContext.ControllerContext.Request.CreateResponse(HttpStatusCode.Unauthorized);
        actionContext.Response.Headers.Add(BasicAuthResponseHeader, BasicAuthResponseHeaderValue);
    }
}

Thanks, Gowrish.

链接地址: http://www.djcxy.com/p/3808.html

上一篇: ASP.NET Core中基于令牌的身份验证（刷新）

下一篇: 使用web api进行不记名令牌认证1