Closed jahnavisdba closed 9 years ago
Look at the OAuth2 resource owner password flow. You'll need a token service like IdentityServer: https://github.com/thinktecture/Thinktecture.IdentityServer.v3/
Hi Brock,
Thank you. I had looked at your WebApiResourceOwner sample and implemented it. How do we extend the Test Controller to implement the registrations, logout, etc for API? Please explain.
Also, WebApiResourceOwner is using Thinktecture in the client. But, "Thinktecture IdentityServer v3 MembershipReboot" project has the server component. Should we be using this framework for API authentication?
We are kind of confused in the approach here. We just want to be able to extend the below approach using your membership framework for API authentication.. http://www.asp.net/web-api/overview/security/individual-accounts-in-web-api
Please advice.
Thanks.
On Wed, Dec 3, 2014 at 7:58 PM, Brock Allen notifications@github.com wrote:
Look at the OAuth2 resource owner password flow. You'll need a token service like IdentityServer: https://github.com/thinktecture/Thinktecture.IdentityServer.v3/
— Reply to this email directly or view it on GitHub https://github.com/brockallen/BrockAllen.MembershipReboot/issues/465#issuecomment-65520914 .
You're on your own for registrations.
Thinktecture is a company name. We produce many libraries. You're talking about IdentityModel in the client -- it's a helper library for obtaining tokens.
IdentityServer is a token service. It can be used instead of the Microsoft Katana OAuth2 authorization server for creating tokens. I'd suggest using IdentityServer instead of the Katana authorization server.
Thanks Brock. We have already implemented per your WebApiResourceOwner sample, on the server side for authenticating based on membership reboot database. We just need to enhance the existing test controller for registration and other user management operations.
From what you say below, we could just use the any registration; something like the registration in singleTenant sample calling membershipReboot userAccountService, correct?
Please suggest.
Thank you...
On Tuesday, December 9, 2014, Brock Allen notifications@github.com wrote:
You're on your own for registrations.
Thinktecture is a company name. We produce many libraries. You're talking about IdentityModel in the client -- it's a helper library for obtaining tokens.
IdentityServer is a token service. It can be used instead of the Microsoft Katana OAuth2 authorization server for creating tokens. I'd suggest using IdentityServer instead of the Katana authorization server.
— Reply to this email directly or view it on GitHub https://github.com/brockallen/BrockAllen.MembershipReboot/issues/465#issuecomment-66371057 .
Sure.
Hi Brock,
So based on the above suggested approach, we are trying to extend the WebApiResourceOwner application to include registration, etc for authenticating the API.
However, we are not able to get the UserAccountService and AuthenticationService instances. In your WebApiResourceOwner ServerApp project, we added a UserAccountController, as below. The control does not go to the first constructor but only to the other one. Are we missing anything here? Or we would like to derive the service from the context but the context is also not coming up.
Can you please guide where we are going wrong in adding authentication to the web API?
//Constructor
public UserAccountController(AuthenticationService
public UserAccountController()
: this(Startup.UserManagerFactory(),
Startup.OAuthOptions.AccessTokenFormat) {
}
public UserAccountController(UserManager<IdentityUser>
userManager,
ISecureDataFormat
}
On Wed, Dec 10, 2014 at 7:38 AM, Brock Allen notifications@github.com wrote:
Sure.
— Reply to this email directly or view it on GitHub https://github.com/brockallen/BrockAllen.MembershipReboot/issues/465#issuecomment-66445614 .
To add more, We are trying to enforce the authentication on each of the controller as suggested in http://www.asp.net/web-api/overview/security/individual-accounts-in-web-api (For local login, Web API uses the resource owner password flow http://oauthlib.readthedocs.org/en/latest/oauth2/grants/password.html defined in OAuth2.)
So, we need to combine this with the membershipReboot solution in WebApiResourceOwner.
Please guide us.
On Thu, Dec 11, 2014 at 5:51 PM, Jahnavi DBA jahnavis.dba@gmail.com wrote:
Hi Brock,
So based on the above suggested approach, we are trying to extend the WebApiResourceOwner application to include registration, etc for authenticating the API.
However, we are not able to get the UserAccountService and AuthenticationService instances. In your WebApiResourceOwner ServerApp project, we added a UserAccountController, as below. The control does not go to the first constructor but only to the other one. Are we missing anything here? Or we would like to derive the service from the context but the context is also not coming up.
Can you please guide where we are going wrong in adding authentication to the web API?
//Constructor public UserAccountController(AuthenticationService
authService, UserAccountService userAccountService) { _userAccountService = userAccountService; _authService = authService; } public UserAccountController() : this(Startup.UserManagerFactory(),
Startup.OAuthOptions.AccessTokenFormat) {
} public UserAccountController(UserManager<IdentityUser>
userManager, ISecureDataFormat
accessTokenFormat) { UserManager = userManager; AccessTokenFormat = accessTokenFormat; //Context = context; }
On Wed, Dec 10, 2014 at 7:38 AM, Brock Allen notifications@github.com wrote:
Sure.
— Reply to this email directly or view it on GitHub https://github.com/brockallen/BrockAllen.MembershipReboot/issues/465#issuecomment-66445614 .
@jahnavisdba How can I contact you regarding this ? I just wanted to ask finally how you have implemented everything ?
Hi Brock,
We have a website that uses membership framework for authentication. Now we are trying to implement a MVC web API. We would like to use the same membership authentication for the API too. Client apps should be able to pass credentials to the API end point and get authenticated. Can you please guide on how this could be implemented?
Thanks.