search

rfaisal / ASPWebAPI_Example_OAuth_CORs

An Skeleton Project by ASP.NET Web API 2 (oAuth 2.0 and CORs support)
MIT License
29 stars 13 forks source link

readme

An Skeleton Project by ASP.NET Web API 2 (oAuth 2.0 and CORS support)

Discussion Link: http://rfaisalblog.wordpress.com/2014/01/14/building-your-own-api-and-securing-it-with-oauth-2-0-in-asp-net-webapi-2/

Objectives:

  1. Make a true RESTful Web API (enable CRUD functions by HTTP POST, GET, PUT, and DELETE).
  2. Enable Cross-Origin Resource Sharing, i.e., CORS (the API must be accessible from elsewhere like a mobile app).
  3. Enable Secure Authorization for API calls (use the OAuth 2.0 authorization framework).
  4. Enable Transport Layer Security, i.e., SSL (reject every non-HTTPS request).

Required Tools:

  1. A Windows Computer.
  2. Microsoft Visual Studio Express 2013 for Web (free download).
  3. Access to AWS for cloud deployment (optional, free EC2 access available).

Recommended Knowledge:

  1. Securing (ASP.NET) Web API based architectures (video).

AND/OR

  1. ASP.NET Web API 2 (tutorials).
  2. OAuth 2.0 Authorization Framework (specification).
  3. Open Web Interface for .NET (OWIN).
  4. Writing an OWIN Middleware in the IIS integrated pipeline (tutorial).
  5. Enabling Cross-Origin Requests in ASP.NET Web API (tutorial).