OAuth授权模式
- 授权码模式 authorization code
- 简化模式 implicit grant type
- 密码模式 resource owner password credentials
- 客户端模式 client credentials grant
四种授权模式代码实现
1.在api项目中添加Nuget引用
1)Microsoft.Owin.Security (添加该引用下面的会默认添加)
2)Microsoft.Owin.Cookies
3)Microsoft.Owin
4)Microsoft.Owin.Host.SystemWeb
2.添加OAuth文件,添加授权类
3.实现类方法
MyOAuthAuthorizationServeProvider.cs类继承 OAuthAuthorizationServerProvider,实现重构授权Provider
代码中的TestUserRepository 是定义的全局用户类,可根据自己项目的情况实现(可以直接查询数据库),实现身份校验
namespace EVMTest.OAuth
{
public class MyOAuthAuthorizationServeProvider : OAuthAuthorizationServerProvider
{
/// <summary>
/// grant_type password,code
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
#region 客户端模式校验
string clientid;
string clientsecret;
if (!context.TryGetBasicCredentials(out clientid, out clientsecret))
context.TryGetFormCredentials(out clientid, out clientsecret);
if (!string.IsNullOrEmpty(context.ClientId))
{
if (clientid != TestUserRepository.client.ClientId)
{
context.SetError("Invalid_clientid", "clientid is not valid");
return Task.FromResult<object>(null);
}
if (!string.IsNullOrWhiteSpace(clientsecret))
context.OwinContext.Set("ClientSecret", clientsecret);
//context.Validated(clientid);
//return base.ValidateClientAuthentication(context);
}
#endregion
context.Validated();
return Task.FromResult<object>(null);
//return base.ValidateClientAuthentication(context);
}
/// <summary>
/// 验证重定向redirect_url 用于验证被注册的url
/// grant_type authorization_code
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
public override async Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
{
if (context.ClientId == TestUserRepository.client.ClientId)
{
context.Validated(TestUserRepository.client.RedirectUrl);
}
}
/// <summary>
/// code
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
public override async Task ValidateAuthorizeRequest(OAuthValidateAuthorizeRequestContext context)
{
if (context.AuthorizeRequest.