I am developing a Web service using the ASP.NET Web API. I am using ASP.NET identification for authentication and token generation. I need to back an extended property in token response json So far, I am able to return an extended string property, in which I am sending Jason String from serialing the custom class object in json. After my certification provider code:
public class ApplicationOAuthProvider: OAuthAuthorizationServerProvider {Task ValidateClientAuthentication (OAuthValidateClientAuthenticationContext reference) async public override {wait Task.Run (() = & gt; {context.Validated () ;}); } Task GrantResourceOwnerCredentials (OAuthGrantResourceOwnerCredentialsContext Reference) {wait Task.Run (() = & gt async public override; {var loginResponse = new account manager () login (context.UserName, context.Password); if (loginResponse == tap ) {reference .SetError ( "invalid_grant", Resources.Messages.InvalidGrant); return;} var identity = new ClaimsIdentity (context.Options.AuthenticationType); IDictionary & LT; string, string & gt; data = new dictionary & LT; string, string & gt; {{ "UserData", JsonConvert.SerializeObject (loginResponse)}}; Pramanikrnpriport properties = new Pramanikrnpraptian (data); Microsoft.Owin.Security.AuthenticationTicket Ticket = New Microsoft.Owin.Security.AuthenticationTicket (Identity, Properties); Reference. Valid (Ticket);}); } Public override Task TokenEndpoint (OAuthTokenEndpointContext context) {foreach (KeyValuePair & LT; string, string & gt; property context.Properties.Dictionary) {context.AdditionalResponseParameters.Add (property.Key, property.Value); } Return work. Formarsult & lt; Object & gt; (Empty); }} Now I have a property in my reply "userData": " While I wanted to specify the userData json object (not the JSON string) is it possible?
I do not recommend keeping inside the JSON object ticket properties, it will be larger token size , And you are transmitting this token with each request. It may be better that if you define a protected standalone endpoint after obtaining an access token, then this task is to be done. After successful login, you will issue additional additional requests, but you will keep the token size low.
Comments
Post a Comment