Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How do I use external OAuth authorization in a MVC project that is not twitter, facebook, or microsoft?

I need to update my MVC process to allow for external OAuth process, as described in tutorials such as this one. However, every tutorial I find uses facebook/twitter/Microsoft, which is already built in functions. I need to use a different server and pass in a token. And I'm a client, not a server.

My setup is using the standard SPA project, with a login and etc. I will have to have it redirect to a page with the refresh token and store that refresh token for my future requests to an API. I have no problem with this, I simply cannot do the first OAuth call. And it seems, I'm not the only one having this trouble.

For this request to the OAuth 2.0 provider, I will have to add an access token to the request, then the user can login and click allow/deny.

POST {TokenPath} HTTP/1.1
Host: {AuthorizationServer}
Authorization: Basic {ThirdPartyAuthorizationCode}
Content-Type: application/x-www-form-urlencoded

grant_type = authorization_code

Then I will get a response from the POST with access_token and an expiration date.

So, how can do I do that?

like image 965
Kat Avatar asked Jun 21 '16 19:06

Kat


People also ask

What is OAuth authorization in MVC?

OAuth authorization is an open standard for authorization using third party applications. OAuth or Open standard for Auhtorization has become a standard which is used nowdays in most of the applications. Here we will discuss what is OAuth and how we can implement it using ASP.NET MVC.

Does Visual Studio 2012 provide OAuth support for MVC?

Visual studio 2012 provides OAuth support out of the box for different types of ASP.NET applications such as Web forms and MVC. Following are the steps to create an MVC application that uses OAuth to authenticate the user using his Facebook account. In the new project dialog select the ASP.NET MVC 4 application in the templates list.

How do I make Auth0 aware of my MVC application?

Provide a friendly name for your application (for example, ACME Web App) and choose Regular Web Applications as the application type. Finally, click the Create button. These steps make Auth0 aware of your ASP.NET Core MVC application and will allow you to control access.

How to create an oauthmvc application in Visual Studio?

If you need an introduction to ASP.NET MVC 4, see Intro to ASP.NET MVC 4. In Visual Studio, create a new ASP.NET MVC 4 Web Application, and name it "OAuthMVC". You can target either .NET Framework 4.5 or 4. In the New ASP.NET MVC 4 Project window, select Internet Application and leave Razor as the view engine.


1 Answers

You can use third-party OAuth tokens on Apigee. To use tokens from third-party OAuth systems in Apigee Edge, you need to do these things:

Configure the OAuthV2 policy that generates tokens with the < ExternalAuthorization> element set to true. If this element is false or not present, then Edge validates the client_id and client_secret normally against the Apigee Edge authorization store. Set the internal flow variable oauth_external_authorization_status to true. If this value is false (or if the variable is not present), Edge assumes that the third-party authorization failed and returns an error message.

Typically, this variable is set to true or false based on a service callout to a third-party authorization service. You can look at the service callout response and set the variable accordingly. Take a look at the ServiceCallout policy for details. Another technique for setting this variable is to use an AssignMessage policy with the AssignVariable element, like this:

  <AssignMessage name="AssignMessage-SetVariable">
<DisplayName>Assign Message - Set Variable</DisplayName>
<AssignVariable>
    <Name>oauth_external_authorization_status</Name>
    <Value>true</Value>
</AssignVariable>
<IgnoreUnresolvedVariables>true</IgnoreUnresolvedVariables>

Refer the following Link:

Using third-party OAuth tokens

like image 166
Manraj Avatar answered Dec 06 '22 12:12

Manraj