今天给大家分享在Web API下,如何利用ASP.NET Identity实现基本认证(Basic Authentication),在博客园子搜索了一圈Web API的基本认证,基本都是做的Forms认证,很少有Claims认证(声明式认证),而我们在用ASP.NET Ident ...
今天给大家分享在Web API下,如何利用get='_blank'>ASP.NET Identity实现基本认证(Basic Authentication),在博客园子搜索了一圈Web API的基本认证,基本都是做的Forms认证,很少有Claims认证(声明式认证),而我们在用ASP.NET Identity实现登录,认证,授权的时候采用的是Claims认证。
在Web API2.0中认证接口为IAuthenticationFilter,我们只需实现该接口就行。创建BasicAuthenticationAttribute抽象基类,实现IAuthenticationFilter接口:
1 public abstract class BasicAuthenticationAttribute : Attribute, IAuthenticationFilter 2 { 3 protected abstract Task<IPrincipal> AuthenticateAsync(string userName, string password, HttpAuthenticationContext context, 4 CancellationToken cancellationToken); 5 public async Task AuthenticateAsync(HttpAuthenticationContext context, CancellationToken cancellationToken) 6 { 7 context.Principal = null; 8 AuthenticationHeaderValue authenticationHeader = context.Request.Headers.Authorization; 9 if (authenticationHeader != null && authenticationHeader.Scheme == "Basic")10 {11 if (!string.IsNullOrEmpty(authenticationHeader.Parameter))12 {13 Tuple<string, string> data = GetUserNameAndPassword(authenticationHeader.Parameter);14 context.Principal = await AuthenticateAsync(data.Item1, data.Item2,context, cancellationToken);15 }16 }17 18 if (context.Principal == null)19 {20 context.ErrorResult = new UnauthorizedResult(new[] {new AuthenticationHeaderValue("Basic")},21 context.Request);22 }23 }24 public Task ChallengeAsync(HttpAuthenticationChallengeContext context, CancellationToken cancellationToken)25 {26 return Task.FromResult(0);27 }28 public bool AllowMultiple29 {30 get { return false; }31 }32 private Tuple<string, string> GetUserNameAndPassword(string authenticationParameter)33 {34 if (!string.IsNullOrEmpty(authenticationParameter))35 {36 var data = Encoding.ASCII.GetString(Convert.FromBase64String(authenticationParameter)).Split(':');37 return new Tuple<string, string>(data[0], data[1]);38 }39 return null;40 }41 }
原标题:Web API 基于ASP.NET Identity的Basic Authentication
关键词:ASP.NET
*特别声明:以上内容来自于网络收集,著作权属原作者所有,如有侵权,请联系我们:
admin#shaoqun.com
(#换成@)。