出门莫恨无人随,书中车马多如簇。这篇文章主要讲述使用Live Id从Universal App登录到Web Api相关的知识,希望能为你提供帮助。
我正在尝试实现以下功能:
- 用户从Windows Phone 8.1(或Universal)应用程序登录Live Id帐户。
- App访问我使用ASP.NET Web Api 2开发的Web Api
- 在此Web Api中,我需要对用户进行身份验证。
- 稍后,我想在Web应用程序中验证同一用户
在我的Windows Phone应用程序中:
var authClient = new LiveAuthClient("http://myservice.cloudapp.net");
LiveLoginResult result = await authClient.LoginAsync(new string[] { "wl.signin" });
if (result.Status == LiveConnectSessionStatus.Connected)
{
connected = true;
var identity = await ConnectToApi(result.Session.AuthenticationToken);
Debug.WriteLine(identity);
}
然后
private async Task<
string>
ConnectToApi(string token)
{
using (var client = new HttpClient())
{
client.BaseAddress = new Uri("http://myservice.cloudapp.net/");
client.DefaultRequestHeaders.Accept.Clear();
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token);
// HTTP GET
HttpResponseMessage response = await client.GetAsync("api/values");
if (response.IsSuccessStatusCode)
{
string result = await response.Content.ReadAsStringAsync();
return result;
}
else
return response.ReasonPhrase;
}
}
然后在我的网络API中我有以下内容
public void ConfigureAuth(IAppBuilder app)
{app.UseMicrosoftAccountAuthentication(
clientId: "my client id",
clientSecret: "my secret");
}
我将http://myservice.cloudapp.net注册为重定向网址。
问题是身份验证不起作用,web api操作无法识别用户。
答案我完全错了。首先,我实际上需要使用app.UseJwtBearerAuthentication方法。这个例子在这里找到http://code.lawrab.com/2014/01/securing-webapi-with-live-id.html。但是当我尝试时,我在输出中出现了这个错误
IDX10500: Signature validation failed. Unable to resolve SecurityKeyIdentifier: 'SecurityKeyIdentifier
(
IsReadOnly = False,
Count = 1,
Clause[0] = System.IdentityModel.Tokens.NamedKeySecurityKeyIdentifierClause
)
【使用Live Id从Universal App登录到Web Api】这个花了我一段时间来弄清楚,直到我发现这篇文章:JwtSecurityTokenHandler 4.0.0 Breaking Changes?
把这些东西放在一起,我得到的解决方案现在似乎在我的测试环境中工作:
public void ConfigureAuth(IAppBuilder app)
{
var sha256 = new SHA256Managed();
var sKey = "<
Secret key>
" + "JWTSig";
var secretBytes = new UTF8Encoding(true, true).GetBytes(sKey);
var signingKey = sha256.ComputeHash(secretBytes);
var securityKeyProvider = new SymmetricKeyIssuerSecurityTokenProvider("urn:windows:liveid", signingKey);
var securityKey = securityKeyProvider.SecurityTokens.First().SecurityKeys.First();
var jwtOptions = new JwtBearerAuthenticationOptions()
{
//AllowedAudiences = new[] { "<
url>
" },
//IssuerSecurityTokenProviders = new[]
//{
//new SymmetricKeyIssuerSecurityTokenProvider("urn:windows:liveid",signingKey)
//},
TokenValidationParameters = new System.IdentityModel.Tokens.TokenValidationParameters()
{
IssuerSigningKeyResolver = (token, securityToken, keyIdentifier, validationParameters) =>
{
return securityKey;
},
ValidAudience = "<
url>
",
ValidIssuer = securityKeyProvider.Issuer
}};
app.UseJwtBearerAuthentication(jwtOptions);
}
推荐阅读
- 为什么Android Chrome中的边框会消失()
- 为什么'src'出现在Angular App的地址栏中()
- 使用EF Database-First Application部署ASP.NET Web API
- 尝试从asp.net web api调用获取响应时android studio中的超时异常
- Android http发布到ASP.NET Web API不会插入数据
- SpringMVC配置applicationContext.xml应该导入some-servlet.xml
- 如何在android中解析查询搜索案例不敏感()
- google drive Oauth 2.0 for java web application
- 在C#中的AdjustFileBeforeAppend方法中获取log4net config的自定义xml节点值