Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Pass back parameters in ASP.NET Web API GrantResourceOwnerCredentials

Tags:

asp.net-web-api

owin

I am trying to pass back some parameters from ASP.NET Web API after the user has logged in.

I am basing my work on this nice tutorial: http://bitoftech.net/2014/06/01/token-based-authentication-asp-net-web-api-2-owin-asp-net-identity/

I can see on the demo page that he sends back userName for example.

I create my own provider that inherits from OAuthAuthorizationServerProvider And this is what I do:

public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{ 
    ....

    var identity = new ClaimsIdentity(context.Options.AuthenticationType);
    identity.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
    identity.AddClaim(new Claim("role", user.Role));

    var props = new AuthenticationProperties(new Dictionary<string, string>
    {
        { 
            "userName", user.UserName
        },
        { 
            "role", user.Role
        }
    });

    var ticket = new AuthenticationTicket(identity, props);
    context.Validated(ticket);
}

This is how I hook it up:

var OAuthBearerOptions = new OAuthBearerAuthenticationOptions();
var OAuthServerOptions = new OAuthAuthorizationServerOptions()
{
    AllowInsecureHttp = true,
    TokenEndpointPath = new PathString("/token"),
    AccessTokenExpireTimeSpan = TimeSpan.FromDays(1),
    Provider = new SimpleAuthorizationServerProvider()
};

// Token Generation
app.UseOAuthAuthorizationServer(OAuthServerOptions);

As I understand it, the AuthenticationProperties dictionary should be passed back in the JSON response to the client. But for some reason I don't get my additional parameters back. This is what I get:

{"access_token":"G4S1PXdNbtAHLFBo......","token_type":"bearer","expires_in":86399}

I have spent alot of time trying to figure this one out, can anyone see that I am missing?

like image 546
Joel Fransson Avatar asked Aug 11 '14 09:08

Joel Fransson

1 Answers

I found my issue. It seems as if I misunderstood the properties dictionary.

I added this method:

public override Task TokenEndpoint(OAuthTokenEndpointContext context)
{
    foreach (KeyValuePair<string, string> property in context.Properties.Dictionary)
    {
        context.AdditionalResponseParameters.Add(property.Key, property.Value);
    }

    return Task.FromResult<object>(null);
}

It basically takes the entries in the dictionary and adds it to the response. My mistake was to assume that would be done automatically for me.

like image 63
Joel Fransson Avatar answered Sep 28 '22 04:09

Joel Fransson
Sign in to Comment

Related questions

Host Web API as Windows Service using OWIN
Web API and HTTP Module
What is the standard for text encoding for a JSON REST web api?
Web API as a Proxy and Chunked Transfer Encoding
Why do I get, "Culture is not supported" and What, if Anything, Should I Do about it?
Reason behind GET/DELETE cannot have body in webapi
How do you throw HttpResponseException in ASP 5 (vnext)
set web api route handler when using route attributes
Running Selenium on Azure Web App
How to fix - The requested resource does not support http method 'POST'
Web API concurrency and scalability
Instantiate new System.Web.Http.OData.Query.ODataQueryOptions in nunit test of ASP.NET Web API controller
Resource based authorization in .net
ASP.NET Identity in Microservice Architecture
How to override default unhandled exception output in Owin?
How to make IdentityServer to add user identity to the access token?
Creating a variable zip archive on the fly, estimating file size for content-length
ASP.NET Web API format datetime differently between two APIs in the same Web app
how to read multi part form data in .net web api controller
Why does no one disposes DbContext after WebApi controller operation?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!