Web API 基于ASP.NET Identity的Basic Authentication

　　今天给大家分享在Web API下，如何利用get='_blank'>ASP.NET Identity实现基本认证（Basic Authentication），在博客园子搜索了一圈Web API的基本认证，基本都是做的Forms认证，很少有Claims认证（声明式认证），而我们在用ASP.NET Identity实现登录，认证，授权的时候采用的是Claims认证。

　　在Web API2.0中认证接口为IAuthenticationFilter，我们只需实现该接口就行。创建BasicAuthenticationAttribute抽象基类，实现IAuthenticationFilter接口：

 1 public abstract class BasicAuthenticationAttribute : Attribute, IAuthenticationFilter  2   { 3     protected abstract Task<IPrincipal> AuthenticateAsync(string userName, string password, HttpAuthenticationContext context, 4       CancellationToken cancellationToken); 5     public async Task AuthenticateAsync(HttpAuthenticationContext context, CancellationToken cancellationToken) 6     { 7       context.Principal = null; 8       AuthenticationHeaderValue authenticationHeader = context.Request.Headers.Authorization; 9       if (authenticationHeader != null && authenticationHeader.Scheme == "Basic")10       {11         if (!string.IsNullOrEmpty(authenticationHeader.Parameter))12         {13           Tuple<string, string> data = GetUserNameAndPassword(authenticationHeader.Parameter);14           context.Principal = await AuthenticateAsync(data.Item1, data.Item2,context, cancellationToken);15         }16       }17 18       if (context.Principal == null)19       {20         context.ErrorResult = new UnauthorizedResult(new[] {new AuthenticationHeaderValue("Basic")},21           context.Request);22       }23     }24     public Task ChallengeAsync(HttpAuthenticationChallengeContext context, CancellationToken cancellationToken)25     {26       return Task.FromResult(0);27     }28     public bool AllowMultiple29     {30       get { return false; }31     }32     private Tuple<string, string> GetUserNameAndPassword(string authenticationParameter)33     {34       if (!string.IsNullOrEmpty(authenticationParameter))35       {36         var data = Encoding.ASCII.GetString(Convert.FromBase64String(authenticationParameter)).Split(':');37         return new Tuple<string, string>(data[0], data[1]);38       }39       return null;40     }41   }

原标题：Web API 基于ASP.NET Identity的Basic Authentication

关键词：ASP.NET