locked
Encode Type of Token Based Authentication RRS feed

  • Question

  • User1690434716 posted

    As my subject.

    Thank everybody.

    Wednesday, February 17, 2016 1:33 AM

Answers

  • User36583972 posted

    Hi Ken.N,

    Each access token type definition specifies the additional attributes (if any) sent to the client together with the "access_token" response parameter. It also defines the HTTP authentication method used to include the access token when making a protected resource request.

    The following article describes a Bearer Token and MAC Token, you can refer to it. I think you'll learn a lot.

    OAuth 2.0 Bearer Token Profile Vs MAC Token Profile:

    https://dzone.com/articles/oauth-20-bearer-token-profile

    The article about The OAuth 2.0 Authorization Framework: Bearer Token Usage
    http://self-issued.info/docs/draft-ietf-oauth-v2-bearer.html#anchor9

    Best Regards,

    Yohann Lu

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Friday, February 19, 2016 1:24 PM

All replies

  • User36583972 posted

    Hi Ken.N,

    As far as I know, Token as an identification: the identifier, resource extraction after certification codes, you can use your favorite type of encryption and decryption code.

    For example, we can use Base64 encoding:

    var token = Convert.ToBase64String(guid.ToByteArray()).TrimEnd('=');

    More different Types Of Encoding Schemes:
    http://www.skorks.com/2009/08/different-types-of-encoding-schemes-a-primer/

    There are many ways to achieve Token. Here are several ways for your reference in the below. They have their own set of algorithms Token.

    1: JSON Web Token(JWT)

    JSON Web Tokens are an open, industry standard RFC 7519 method for representing claims securely between two parties.JWT.IO allows you to decode, verify and generate JWT.

    https://jwt.io/

    2: RSACryptoServiceProvider

    You can read the tutorial in the following:

    https://msdn.microsoft.com/en-us/library/system.security.cryptography.rsacryptoserviceprovider(v=vs.90).aspx

    Best Regards,

    Yohann Lu

    Wednesday, February 17, 2016 5:53 AM
  • User1690434716 posted

    Thank you, Yohann Lu.

    But i means that i use "token based authentication" in link  http://bitoftech.net/2014/06/01/token-based-authentication-asp-net-web-api-2-owin-asp-net-identity/. I don't understand  type of encryption of "Token".

    Wednesday, February 17, 2016 8:49 AM
  • User36583972 posted

    Hi Ken.N,

    Each access token type definition specifies the additional attributes (if any) sent to the client together with the "access_token" response parameter. It also defines the HTTP authentication method used to include the access token when making a protected resource request.

    The following article describes a Bearer Token and MAC Token, you can refer to it. I think you'll learn a lot.

    OAuth 2.0 Bearer Token Profile Vs MAC Token Profile:

    https://dzone.com/articles/oauth-20-bearer-token-profile

    The article about The OAuth 2.0 Authorization Framework: Bearer Token Usage
    http://self-issued.info/docs/draft-ietf-oauth-v2-bearer.html#anchor9

    Best Regards,

    Yohann Lu

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Friday, February 19, 2016 1:24 PM