OAuth 2 Authentication Server in ASP.NET Web API

6

The company that works to develop internal applications, but due to policy issues, we will have a subdomain to handle authentication such as: login.domain.com where you will have an app responsible for administering customer data in a separate bank of the other apps.

In this way I am studying Oauth deeper, to better understand how it works. I did some local testing and from what I understood in simple mode the code snippet below that is located in the Startup.cs class configures the authorization server:

 OAuthAuthorizationServerOptions OAuthServerOptions = new OAuthAuthorizationServerOptions()
        {
            AllowInsecureHttp = true,
            TokenEndpointPath = new PathString("/services/authentication/oauth2/token"),
            AuthorizeEndpointPath = new PathString("/services/authentication/oauth2/token/ExternalLogin"),
            AccessTokenExpireTimeSpan = TimeSpan.FromDays(1),
            Provider = new AuthorizationServerProvider(service)
        };

        app.UseOAuthAuthorizationServer(OAuthServerOptions);

The AuthorizationServerProvider.cs class is responsible for accessing the database and doing the validations.

The first question is: Do I need to use ASP.NET Identity to administer my bank? or can I use the Oauth implementation documentation together with the AuthorizationServerProvider.cs to store manually in the database?

The other question is if I can find a template or a complete post on how to do all this implementation to meet those requirements? Well all I find on the internet is just setting up for other providers like Facebook or Google.

The question is just "Create my own authentication provider," consuming would be another step.

    
asked by anonymous 11.02.2016 / 01:45

0 answers