c# 4.0 - OWIN bearer authentication failing in web api 2 -
i trying implement web api 2 based claim based authentication oauth tokens. have created
[assembly: owinstartup(typeof(pmw.api.startup))] public class startup { //private iunitofwork _unitofwork; //private iuserservice _userservice; //private icommonservice _commonservice; public void configuration(iappbuilder app) { httpconfiguration config = new httpconfiguration(); webapiconfig.register(config); app.usecors(microsoft.owin.cors.corsoptions.allowall); app.usewebapi(config); iunitycontainer container = getunitycontainer(); config.dependencyresolver = new unitydependancyresolver(container); //_unitofwork = container.resolve<iunitofwork>(); //_userservice = container.resolve<iuserservice>(); //_commonservice = container.resolve<icommonservice>(); mapautomapper(); configureoauth(app); //var oauthbeareroptions = new oauthbearerauthenticationoptions() //{ // provider = new querystringoauthbearerprovider(), // accesstokenprovider = new authenticationtokenprovider() // { // oncreate = create, // onreceive = receive // }, //}; //app.useoauthbearerauthentication(oauthbeareroptions); } public static action<authenticationtokencreatecontext> create = new action<authenticationtokencreatecontext>(c => { c.settoken(c.serializeticket()); }); public static action<authenticationtokenreceivecontext> receive = new action<authenticationtokenreceivecontext>(c => { c.deserializeticket(c.token); c.owincontext.environment["properties"] = c.ticket.properties; }); private void mapautomapper() { //mapper code } private iunitycontainer getunitycontainer() { //create unitycontainer iunitycontainer container = //unity mapping return container; } public void configureoauth(iappbuilder app) { oauthauthorizationserveroptions oauthserveroptions = new oauthauthorizationserveroptions() { allowinsecurehttp = true, tokenendpointpath = new pathstring("/token"), accesstokenexpiretimespan = timespan.fromdays(1), provider = new simpleauthorizationserverprovider() }; // token generation app.useoauthauthorizationserver(oauthserveroptions); app.useoauthbearerauthentication(new oauthbearerauthenticationoptions()); } } and authorization class defined below
public class simpleauthorizationserverprovider : oauthauthorizationserverprovider { public override async task validateclientauthentication(oauthvalidateclientauthenticationcontext context) { context.validated(); } public override async task grantresourceownercredentials(oauthgrantresourceownercredentialscontext context) { iunitycontainer container = //unity code mapping login related service var _commonservice=container.resolve<icommonservice>() ; var password =// encrypt password userservice _userservice = new userservice(container.resolve<iunitofwork>(), container.resolve<iusermasterrepository>(), container.resolve<iuserdetailrepository>()); var usertopass = new userdto() { emailid = context.username, password = password }; var user = _userservice.authenticateuser(usertopass); if (!user.succeeded) { context.seterror("invalid_grant", "the user name or password incorrect."); return; } var identity = new claimsidentity(context.options.authenticationtype); identity.addclaim(new claim(claimtypes.name, context.username)); identity.addclaim(new claim(claimtypes.role, "user")); context.validated(identity); } } the code working , generating tokens client side application. however, if use authrize attribute shown below . fails error 401 unauthorized.
[authorize] [httpget] public userdto test() { return new userdto(); } here snapshot of request , failing method details. 
please let know missing in order implement flow of authorization properly.
check working sample in article using web api 2. http://www.codeproject.com/articles/742532/using-web-api-individual-user-account-plus-cors-en
Comments
Post a Comment