bearer token authentication with web api 1
I'm working on implementing token based authentication in ASP.NET WebAPI. Is it possible to implement bearer token authentication in WebAPI 1.2?
update:
The problem is all the examples i see is based on WebAPI 2 and OWIN. WebAPI 2 came up with a dedicated authenticate attribute, but i am looking for WebAPI 1.2 it only having authorize attribute. We need to override the onAuthorize method and implement the token validation logic. but i dont know how to implement bearer token and set expiry time for that token. more over how to generate a new token if a token is expired. somewhere do i need to store the generated token inorder to validate?
public class APIAuthentication : AuthorizationFilterAttribute
{
private const string BasicAuthResponseHeader = "WWW-Authenticate";
private const string BasicAuthResponseHeaderValue = "Basic";
public override void OnAuthorization(HttpActionContext actionContext)
{
//logics for perform bearer token auth.
//if auth failed we ill be return 401 and auth type in header
HandleUnAuthorized(actionContext);
}
private void HandleUnAuthorized(HttpActionContext actionContext)
{
actionContext.Response = actionContext.ControllerContext.Request.CreateResponse(HttpStatusCode.Unauthorized);
actionContext.Response.Headers.Add(BasicAuthResponseHeader, BasicAuthResponseHeaderValue);
}
}
Thanks, Gowrish.
链接地址: http://www.djcxy.com/p/3808.html上一篇: ASP.NET Core中基于令牌的身份验证(刷新)
下一篇: 使用web api进行不记名令牌认证1