locked
Oauth token RRS feed

  • Question

  • User616860969 posted
    Can we create oauth access token and refresh token With out owin in web api-2?
    Tuesday, November 20, 2018 4:29 PM

Answers

  • User1724605321 posted

    Hi JAY,

    Without OWIN middleware , you need to write your own codes to issue JWT token and how to validate token when the request comes. Please refer to below thread for code sample :

    https://stackoverflow.com/a/40284152/5751404 

    But i would use UseJwtBearerAuthentication in Microsoft.Owin.Security.Jwt  so you can use this  owin middleware  in WebAPI to validate every incoming request automatically.

    Best Regards,

    Nan Yu

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Wednesday, November 21, 2018 3:06 AM

All replies

  • User475983607 posted

    Can we create oauth access token and refresh token With out owin in web api-2?

    Your question is not clear as OWIN is a specification or standard for adding functionality to an ASP.NET application without adding to the .NET framework,.  What problem are you trying to solve exactly?

    Tuesday, November 20, 2018 5:12 PM
  • User616860969 posted
    I want generate oauth access_token and refresh_token based on user name and password ,user can access resurourse with token,
    Tuesday, November 20, 2018 7:03 PM
  • User475983607 posted

    sanjaykumar pushadapu

    I want generate oauth access_token and refresh_token based on user name and password ,user can access resurourse with token,

    Still unclear... Are you looking for an API or OAuth service?  What is stopping you from using an OWIN enabled API?  Are you trying to write an OAuth service and need the OAuth specs?

    https://tools.ietf.org/html/rfc6749

    Tuesday, November 20, 2018 7:51 PM
  • User616860969 posted
    Thank you, 1) how to implement OAuth JSON Web Tokens Authentication using ASP.NET Web API 2.2 and with out owin ???
    Wednesday, November 21, 2018 2:32 AM
  • User1724605321 posted

    Hi JAY,

    Without OWIN middleware , you need to write your own codes to issue JWT token and how to validate token when the request comes. Please refer to below thread for code sample :

    https://stackoverflow.com/a/40284152/5751404 

    But i would use UseJwtBearerAuthentication in Microsoft.Owin.Security.Jwt  so you can use this  owin middleware  in WebAPI to validate every incoming request automatically.

    Best Regards,

    Nan Yu

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Wednesday, November 21, 2018 3:06 AM
  • User616860969 posted

    thank you Nan Yu, how to create refresh token and how to validate in above case?

    Wednesday, November 21, 2018 4:46 AM
  • User1724605321 posted

     Hi JAY ,

    Above link includes code sample for how to validate token . For generate refresh tokens in web api  , you could refer to below article :

    https://leastprivilege.com/2013/11/15/adding-refresh-tokens-to-a-web-api-v2-authorization-server/ 

    Best Regards,

    Nan Yu

    Wednesday, November 21, 2018 6:22 AM