How do you reject a Katana Bearer token's iden

2019-05-09 06:03发布

How can I reject An identity? My class inherits from OAuthBearerAuthenticationProvider and I have an override of ValidateIdentity?

I have tried setting context.Rejected(); or context.SetError(); and throwing an exception but my controllers still get called. OAuthBearerAuthenticationHandler does call my class so I know I have the setup correct.

my current failing code

        public void ConfigureAuth ( IAppBuilder app )
        {
            // Enable the application to use a cookie to store information for the signed in user
            // and to use a cookie to temporarily store information about a user logging in with a third party login provider
            app.UseCookieAuthentication(new CookieAuthenticationOptions());
            app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);

            // Enable the application to use bearer tokens to authenticate users
            app.UseOAuthBearerAuthentication ( new OAuthBearerAuthenticationOptions ()
            {
                Provider = new OAuthBearerAuthenticationProvider ()
                {
                    OnValidateIdentity = async ctx => { ctx.Rejected (); }
                }
            } );
            app.UseOAuthBearerTokens(OAuthOptions);
}

标签： c# asp.net-web-api owin katana

1条回答

Summer. ? 凉城

2楼-- · 2019-05-09 06:42

I couldn't repro the issue. Could you check your implementation of OnValidateIdentity is the same?

        OAuthBearerOptions = new OAuthBearerAuthenticationOptions()
        {
            Provider = new OAuthBearerAuthenticationProvider
            {
                OnValidateIdentity = async ctx =>
                    {
                        ctx.Rejected();
                    }
            }
        };

0人赞添加讨论(0) 举报

How do you reject a Katana Bearer token's iden

采纳回答

编辑标签

举报内容

检举类型

检举原因

检举说明(必填)

打开微信“扫一扫”，打开网页后点击屏幕右上角分享按钮

付费偷看金额在0.1-10元之间