• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    公众号

ASP.NETMVCWEBAPIOAuth2Authorize

原作者: [db:作者] 来自: [db:来源] 收藏 邀请
using System;
using System.Net;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
using System.Security.Principal;
using System.ServiceModel.Channels;
using System.Threading;
using System.Web.Http;
using System.Web.Http.Controllers;
using System.Web.Http.Filters;
using DotNetOpenAuth.OAuth2;
 
namespace ProjectName.Web.Controllers.ActionFilters
{
/// <summary>
/// ActionFilter to authorize requests using OAuth2
/// </summary>
public class OAuth2Authorize : AuthorizationFilterAttribute
{
/// <summary>
/// Called when [authorization].
/// </summary>
public override void OnAuthorization(HttpActionContext actionContext)
{
// get public / private key from certificate
var store = new X509Store(StoreLocation.LocalMachine);
store.Open(OpenFlags.ReadOnly);
var certCollection = store.Certificates;
var currentCerts = certCollection.Find(X509FindType.FindByTimeValid, DateTime.Now, false);
var signingCert = currentCerts.Find(X509FindType.FindBySubjectDistinguishedName, "CN=*.yourdomain.com, OU=Domain Control Validated, O=*.yourdomain.com", false);
var cert = signingCert[0];
store.Close();
 
var publicKey = (RSACryptoServiceProvider)cert.PublicKey.Key;
var privateKey = (RSACryptoServiceProvider)cert.PrivateKey;
 
using (var signing = publicKey)
using (var encrypting = privateKey)
{
base.OnAuthorization(actionContext);
 
// TODO FIXME dnoa doesn't support HttpRequestMessage - manually creating HttpRequestMessageProperty until they do
var request = new HttpRequestMessageProperty();
request.Headers[HttpRequestHeader.Authorization] = actionContext.Request.Headers.Authorization.ToString();
var requestUri = actionContext.Request.RequestUri;
 
var resourceServer = new ResourceServer(new StandardAccessTokenAnalyzer(signing, encrypting));
IPrincipal result;
 
var response = resourceServer.VerifyAccess(request, requestUri, out result);
 
if (response != null)
{
actionContext.Response = actionContext.ControllerContext.Request.CreateResponse(HttpStatusCode.Forbidden);
return;
}
 
var principal = null; // create your principal using result.Identity.Name if needed
Thread.CurrentPrincipal = principal;
}
}
}
}

鲜花

握手

雷人

路过

鸡蛋
该文章已有0人参与评论

请发表评论

全部评论

专题导读
上一篇:
asp.net调用window.print执行打印发布时间:2022-07-10
下一篇:
微信公众平台主动推送消息(asp.net)发布时间:2022-07-10
热门推荐
热门话题
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap