gpt4 book ai didi

asp.net-mvc - 手动授予访问 token MVC Web API

转载 作者:行者123 更新时间:2023-12-02 01:20:33 24 4
gpt4 key购买 nike

我允许用户从应用程序注册到 MVC Web API。该应用程序传递电子邮件但不传递密码。我添加用户并分配一个随 secret 码,并将其邮寄给用户。

我不希望应用程序两次调用 api 来获取 token 。因此,对于这个请求,我想返回一个由 /token 端点返回的 oauth token 。

我正在尝试此操作,但此请求的 token 被拒绝访问。我在这里缺少什么?如果有更好的方法,不胜感激。

Web API 具有默认配置,如 Web API 模板。没什么定制的。我想保持这种状态。

        ClaimsIdentity identity = new ClaimsIdentity(OAuthDefaults.AuthenticationType);
Claim providerKeyClaim = new Claim(ClaimTypes.Email, model.Email, ClaimValueTypes.String, "DrySignup", "DrySignup");

ExternalLoginData externalLogin = new ExternalLoginData
{
LoginProvider = providerKeyClaim.Issuer,
ProviderKey = providerKeyClaim.Value,
UserName = identity.FindFirstValue(ClaimTypes.Email)
};

var info = new ExternalLoginInfo()
{
DefaultUserName = model.Email,
Login = new UserLoginInfo(providerKeyClaim.Issuer, externalLogin.ProviderKey)
};

result = await UserManager.AddLoginAsync(user.Id, info.Login);
if (!result.Succeeded)
{
return GetErrorResult(result);
}

identity = await UserManager.CreateIdentityAsync(user, OAuthDefaults.AuthenticationType);
IEnumerable<Claim> claims = externalLogin.GetClaims();
identity.AddClaims(claims);
Authentication.SignIn(identity);

AuthenticationTicket ticket = new AuthenticationTicket(identity, new AuthenticationProperties());
var currentUtc = new Microsoft.Owin.Infrastructure.SystemClock().UtcNow;
ticket.Properties.IssuedUtc = currentUtc;
ticket.Properties.ExpiresUtc = currentUtc.Add(TimeSpan.FromDays(365));
var accessToken = Startup.OAuthOptions.AccessTokenFormat.Protect(ticket);
Request.Headers.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer", accessToken);



// Create the response building a JSON object that mimics exactly the one issued by the default /Token endpoint
JObject token = new JObject(
new JProperty("userName", user.UserName),
new JProperty("userId", user.Id),
new JProperty("access_token", accessToken),
new JProperty("token_type", "bearer"),
new JProperty("expires_in", TimeSpan.FromDays(9999).TotalSeconds.ToString()),
new JProperty("issued", currentUtc.ToString("ddd, dd MMM yyyy HH':'mm':'ss 'GMT'")),
new JProperty("expires", currentUtc.Add(TimeSpan.FromDays(365)).ToString("ddd, dd MMM yyyy HH:mm:ss 'GMT'"))
);
return Ok(token);

最佳答案

这有效。

ClaimsIdentity oAuthIdentity = new ClaimsIdentity(Startup.OAuthOptions.AuthenticationType);

oAuthIdentity.AddClaim(new Claim(ClaimTypes.Name, user.UserName));
oAuthIdentity.AddClaim(new Claim(ClaimTypes.NameIdentifier, user.Id));

AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, new AuthenticationProperties());

DateTime currentUtc = DateTime.UtcNow;
ticket.Properties.IssuedUtc = currentUtc;
ticket.Properties.ExpiresUtc = currentUtc.Add(TimeSpan.FromDays(365));

string accessToken = Startup.OAuthOptions.AccessTokenFormat.Protect(ticket);
Request.Headers.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer", accessToken);



// Create the response building a JSON object that mimics exactly the one issued by the default /Token endpoint
JObject token = new JObject(
new JProperty("userName", user.UserName),
new JProperty("userId", user.Id),
new JProperty("access_token", accessToken),
new JProperty("token_type", "bearer"),
new JProperty("expires_in", TimeSpan.FromDays(365).TotalSeconds.ToString()),
new JProperty("issued", currentUtc.ToString("ddd, dd MMM yyyy HH':'mm':'ss 'GMT'")),
new JProperty("expires", currentUtc.Add(TimeSpan.FromDays(365)).ToString("ddd, dd MMM yyyy HH:mm:ss 'GMT'"))
);

return Ok(token);

关于asp.net-mvc - 手动授予访问 token MVC Web API,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/31081190/

24 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com