Implementing .NET OAuth 2.0 Provider. 2 Legged DotNotOpenAuth samples?

Question

I need a bit of help implementing an OAuth 2 provider for a rest service built on the new ASP.NET Web API. I'm aware there are some similar questions on Stack Overflow but they're more or less links to OAuth libraries. What I'd really like is some sample code or a sample project to get my started. Can anyone point me in the right direction?

I'm looking at DotNotOpenAuth and I believe the 4.0 beta supports OAuth 2 providers. Unfortunately I can't seem to find any code demonstrating how to implement it.

What I need some assistance with is actually getting a 2.0 provider up and running. Once I have that it should be easy enough to integrate it via a HTTP Module or a filter.

I'm interested in 2 legged authentication for API to API communication.

Answer 1

Until DotNetOpenAuth ships a distribution that includes OAuth 2 and the samples together, the best you can do is install the DNOA 4.0 resource server and authorization server roles via NuGet, and then check out the resource server and authorization server samples on GitHub.

But there are currently no samples for the "client secret" grant type, which is the one that best fits your "2 legged" concept for API-to-API communication. In fact the library itself doesn't (yet) support it, but the next NuGet release will and should be available in the next week or so.