search

rfaisal / ASPWebAPI_Example_OAuth_CORs

An Skeleton Project by ASP.NET Web API 2 (oAuth 2.0 and CORs support)
MIT License
29 stars 13 forks source link

Split sample in AuthServer and ResorceServer #2

Open AbraaoAlves opened 9 years ago

AbraaoAlves commented 9 years ago

What are the steps to separate the Skeleton.WebAPI on two projects (csproj) with independent database: AuthServer and ResourceServer ?

rfaisal commented 9 years ago

Basically the problem we need to solve is how to make one server accept the token generated by another server. Since token is signed by a unique key, if both servers use the same key to for signing then we solved the problem:

  1. Make a copy of the project and change ports and run both.
  2. Get a token from 1st server and use it to call an API of the 2nd server. Make sure it fails.
  3. Generate machine key from websites like: http://www.developerfusion.com/tools/generatemachinekey/ and put the code in inside your web.config file for both server.
  4. Repeat step2 and this time it should succeed.

Let me know, if it doesn't work. I will try it during weekends.