An Skeleton Project by ASP.NET Web API 2 (oAuth 2.0 and CORS support)
Discussion Link: http://rfaisalblog.wordpress.com/2014/01/14/building-your-own-api-and-securing-it-with-oauth-2-0-in-asp-net-webapi-2/
Objectives:
- Make a true RESTful Web API (enable CRUD functions by HTTP POST, GET, PUT, and DELETE).
- Enable Cross-Origin Resource Sharing, i.e., CORS (the API must be accessible from elsewhere like a mobile app).
- Enable Secure Authorization for API calls (use the OAuth 2.0 authorization framework).
- Enable Transport Layer Security, i.e., SSL (reject every non-HTTPS request).
Required Tools:
- A Windows Computer.
- Microsoft Visual Studio Express 2013 for Web (free download).
- Access to AWS for cloud deployment (optional, free EC2 access available).
Recommended Knowledge:
- Securing (ASP.NET) Web API based architectures (video).
AND/OR
- ASP.NET Web API 2 (tutorials).
- OAuth 2.0 Authorization Framework (specification).
- Open Web Interface for .NET (OWIN).
- Writing an OWIN Middleware in the IIS integrated pipeline (tutorial).
- Enabling Cross-Origin Requests in ASP.NET Web API (tutorial).