1
I created a web api with token validation that works correctly, my problem is:
I would like to put a message after the mandatory information, I leave attached an example image(I would like to add that "validated") and also my code.
Grateful!
namespace BRWAdmPanel.Services
public class ProviderDeTokensDeAcesso : OAuthAuthorizationServerProvider
{
public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
context.Validated();
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
if (UserSecurity.Login(context.UserName, context.Password))
{
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
identity.AddClaim(new Claim("sub", context.UserName));
identity.AddClaim(new Claim("role", "user"));
context.Validated(identity);
}
else
{
context.SetError("acesso inválido", "As credenciais do usuário não conferem....");
return;
}
}
}
Adding other parts of the code for better understanding:
public class Startup
{
public void Configuration(IAppBuilder app)
{
//config da webapi
var config = new HttpConfiguration();
//config de rota
config.MapHttpAttributeRoutes();
config.Routes.MapHttpRoute(
name: "DefaultApi",
routeTemplate: "api/{controller}/{id}",
defaults: new { id = RouteParameter.Optional }
);
//ativando CORS
app.UseCors(CorsOptions.AllowAll);
//ativando a geração de token
AtivarGeracaoTokenAcesso(app);
//ativando webapi
app.UseWebApi(config);
}
private void AtivarGeracaoTokenAcesso(IAppBuilder app)
{
var opcoesConfiguracaoToken = new OAuthAuthorizationServerOptions()
{
AllowInsecureHttp = true,
TokenEndpointPath = new PathString("/token"),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(1),
Provider = new ProviderDeTokensDeAcesso()
};
app.UseOAuthAuthorizationServer(opcoesConfiguracaoToken);
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
}
}
Last part:
public static bool Login(string login, string password)
{
MD5 md5Hash = MD5.Create();
// Converter a String para array de bytes, que é como a biblioteca trabalha.
byte[] data = md5Hash.ComputeHash(Encoding.UTF8.GetBytes(password));
// Cria-se um StringBuilder para recompôr a string.
StringBuilder sBuilder = new StringBuilder();
// Loop para formatar cada byte como uma String em hexadecimal
for (int i = 0; i < data.Length; i++)
{
sBuilder.Append(data[i].ToString("x2"));
}
using (BRWAdmPanelEntities entities = new BRWAdmPanelEntities())
{
password = sBuilder.ToString();
return entities.OHEM.Any(user =>
user.pager.Equals(login, StringComparison.OrdinalIgnoreCase)
&& user.U_BRWPassword == password);
}
}
}
It has to be with put in the part of the code referring to the construction of the token that is not that code at least as far as I know is in the return of that data. Where is all the code?
– novic
Good morning Virgilio, thanks for responding, I will update with all the token generation code, as I am beginner did not understand very well where is this part of construction but I hope I can send you the correct ones.
– Douglas Souza