unosquare / embedio-extras Goto Github PK
View Code? Open in Web Editor NEWAdditional Modules showing how to extend EmbedIO.
Home Page: http://unosquare.github.io/embedio-extras/
License: Other
Additional Modules showing how to extend EmbedIO.
Home Page: http://unosquare.github.io/embedio-extras/
License: Other
I'm using the Bearer Token Module to secure the API module.
How can I get the IHttpContext.User property set to the current user, so that I can access it in my controllers?
Here's the relevant part of the web server setup:
WebServerEmbedded
.WithCors()
.WithBearerToken("/api", "0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9eyJjbGF", new MyAuthorizationServerProvider())
.WithModule(webApiModule)
and here is MyAuthorizationServerProvider:
internal sealed class MyAuthorizationServerProvider: IAuthorizationServerProvider
{
public async Task ValidateClientAuthentication(ValidateClientAuthenticationContext context)
{
var data = await context.HttpContext.GetRequestFormDataAsync().ConfigureAwait(false);
if (data?.ContainsKey("grant_type") == true && data["grant_type"] == "password")
{
var username = data.ContainsKey("username") ? data["username"] : string.Empty;
var password = data.ContainsKey("password") ? data["password"] : string.Empty;
if (ValidateCredentials(username, password))
{
context.Validated(username);
}
else
{
context.Rejected();
}
}
else
{
context.Rejected();
}
}
public long GetExpirationDate() => DateTime.UtcNow.AddHours(12).Ticks;
private static bool ValidateCredentials(string username, string password)
{
var user = BusinessLayer.CheckUserAndPassword(username, password);
return user != null;
}
}
Thanks.
The bearer token generated has a different expiry date to that what was requested by the service provider.
await context.JsonResponseAsync(new BearerToken
{
Token = validationContext.GetToken(SecretKey),
TokenType = "bearer",
ExpirationDate = authorizationServerProvider.GetExpirationDate(),
Username = validationContext.IdentityName,
});
where the line
validationContext.GetToken(SecretKey)
creates a token with a default expiry date.
I did the following to fix the issue
if (validationContext.IsValidated)
{
var expiryDate = DateTime.SpecifyKind(DateTime.FromBinary(authorizationServerProvider.GetExpirationDate()), DateTimeKind.Utc);
await context.JsonResponseAsync(new BearerToken
{
Token = validationContext.GetToken(SecretKey, expiryDate),
TokenType = "bearer",
ExpirationDate = authorizationServerProvider.GetExpirationDate(),
Username = validationContext.IdentityName,
});
}
...
public string GetToken(SymmetricSecurityKey secretKey, DateTime? expires = null)
{
var tokenHandler = new JwtSecurityTokenHandler();
var plainToken = tokenHandler.CreateToken(new SecurityTokenDescriptor
{
Subject = Identity,
Issuer = "Embedio Bearer Token",
Expires = expires,
SigningCredentials = new SigningCredentials(secretKey,
SecurityAlgorithms.HmacSha256Signature),
});
return tokenHandler.WriteToken(plainToken);
}
I hope this helps.
Can this dependency be removed? I'd prefer not to have this in my project.
Hey, thanks for this awesome lib!
Could you please add a license file to this project?
It looks like routes passed to BearerTokenModule are not working with WebApiController routes.
It works if API Controller routes and Bearer token routes are as follows :
The readme.Md examples (apart from the auth token) are not compatible with the extension methods of v3.
I will fork and do some work on updating the readme myself.
The documentation here : https://unosquare.github.io/embedio-extras/#litelib is also similar.
In addition there is no Litelib in the Sample and it has the most specific implementation. So could do with adding the
Lastly it is not clear that the EmbedIO.LiteLibWebApi on Nuget https://www.nuget.org/packages/EmbedIO.LiteLibWebApi/
Is Not compatible with EmbedIOv3
Hello,
i have the error:
System.MissingMethodException: "Missing Method "Void Unosquare.Labs.EmbedIO.WebModuleBase.AddHandler(System.String, Unosquare.Labs.EmbedIO.HttpVerbs, System.Func`3<System.Net.HttpListenerContext,System.Threading.CancellationToken,System.Threading.Tasks.Task`1<Boolean>>)"."
with this code:
var basicAuthProvider = new BasicAuthorizationServerProvider();
var routes = new[] { "/secure.html" };
var server = new WebServer("http://localhost:9696/", RoutingStrategy.Regex);
server.RegisterModule(new BearerTokenModule(basicAuthProvider, routes));
server.RegisterModule(new WebApiModule());
server.Module<WebApiModule>().RegisterController<RequestController>();
server.RunAsync();
Could you please help me? What is wrong?
Hi, when ValidateToken() fails on token lifetime it remains returning a valid securityToken and BearerModule still returning http 200 StatusCode.
I suggest you to handle that setting securityToken var to null when an excetption occours.
Similar to Json Server Extension, but with Couchbase Lite backend.
https://www.dotnetfoundation.org/couchbase-lite-for-.net
Hi,
My .Net 4.5 app is using EmbedIO 1.0.19 and EmbedIO.BearerToken 1.0.0 packages from nuget. With this code:
var basicAuthProvider = new BasicAuthorizationServerProvider();
var routes = new[] { "" };
server.RegisterModule(new BearerTokenModule(basicAuthProvider, routes));
I get error: cannot convert from 'Unosquare.Labs.EmbedIO.BearerToken.BearerTokenModule' to 'Unosquare.Labs.EmbedIO.IWebModule'
How can I correct it?
Hi,
Could you update the EmbedIO.BearerToken nuget package as it's not synced with the github current version.
Thanks
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.