I have my own OAuthAuthorizationServerProvider, but it looks like there's no place to hook into to see the generated bearer token after it's generated.
Is there a way to grab the to-be-returned token before it's returned? (hack or not)
Here's my setup:
OAuthAuthorizationServerOptions OAuthServerOptions = new OAuthAuthorizationServerOptions()
{
AllowInsecureHttp = true,
TokenEndpointPath = new PathString("/token"),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(1),
Provider = new SimpleAuthorizationServerProvider()
};
// Token Generation
app.UseOAuthAuthorizationServer(OAuthServerOptions);
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
After decompiling, grabbing OAuth source from http://katanaproject.codeplex.com/, and upgrading my NuGet packages to the latest Owin implementation, I can now override a new method in my SimpleAuthorizationServerProvider.
public override Task TokenEndpointResponse(OAuthTokenEndpointResponseContext context)
{
string token = context.AccessToken;
return base.TokenEndpointResponse(context);
}
The above will give the ResponseContext to be returned, which contains everything I need: enctypted token, user identity, claims...
This is a new method in the IOAuthAuthorizationServerProvider interface as of NuGet package 3 (I believe)
이 기사는 인터넷에서 수집됩니다. 재 인쇄 할 때 출처를 알려주십시오.
침해가 발생한 경우 연락 주시기 바랍니다[email protected] 삭제
몇 마디 만하겠습니다