Menu
Using Owin Security, I'm trying to make the API have 2 methods of authentications.
Is there a property in the context variable (OAuthGrantResourceOwnerCredentialsContext) that lets me access the IP address of the client sending the initial request for an auth token to the API?
A basic strip of my auth method looks like so:
public override async Task GrantResourceOwnerCredentials(
OAuthGrantResourceOwnerCredentialsContext context)
{
await Task.Run(() =>
{
var remoteIpAddresss = context.Request.RemoteIpAddress;
var localIpAddress = context.Request.LocalIpAddress;
// ... authenticate process goes here (AddClaim, etc.)
}
}
From what I understand the remoteIpAddress and localIpAddress are the API's (i.e. where the API is hosted). How do I know from what IP address (and port) the request was sent from?
Would the client need to send this information themselves?
Should I add extra parameters to the auth path? (besides the typical username, password, grant_type)?
962
Open Web Interface for . NET (OWIN) defines an abstraction between . NET web servers and web applications. OWIN decouples the web application from the server, which makes OWIN ideal for self-hosting a web application in your own process, outside of IIS.
OWIN (Open Web Interface for . NET) is a standard for an interface between . NET Web applications and Web servers. It is a community-owned open-source project. The OAuth authorization framework enables a third-party application to obtain limited access to a HTTP service.
So, to answer my own question, correct me if I'm wrong but:
var remoteIpAddresss = context.Request.RemoteIpAddress;
is the client's IP Address (the user requesting the auth token), and
var localIpAddress = context.Request.LocalIpAddress;
is the Web Api's IP address (where the API is hosted).
50
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With