我正在尝试将外部oauth访问令牌交换为本地令牌。
一切似乎都在正常。但是,我无法成功生成本地誓言令牌。
我得到:
An exception of type 'System.ArgumentNullException' occurred in mscorlib.dll but was not handled in user code
Additional information: Value cannot be null.
在此代码行中:
var accessToken = AltaiStartup.OAuthBearerOptions.AccessTokenFormat.Protect(ticket);
这是负责生成本地令牌的代码: private JObject GenerateLocalAccessTokenResponse(string userName, string userId) {
var tokenExpiration = TimeSpan.FromDays(1);
ClaimsIdentity identity = new ClaimsIdentity();
identity.AddClaim(new Claim(ClaimTypes.Name, userName));
identity.AddClaim(new Claim(ClaimTypes.Sid, userId));
identity.AddClaim(new Claim("role", "user"));
var props = new AuthenticationProperties()
{
IssuedUtc = DateTime.UtcNow,
ExpiresUtc = DateTime.UtcNow.Add(tokenExpiration),
};
var ticket = new AuthenticationTicket(identity, props);
var accessToken = AltaiStartup.OAuthBearerOptions.AccessTokenFormat.Protect(ticket);
JObject tokenResponse = new JObject(
new JProperty("userName", userName),
new JProperty("access_token", accessToken),
new JProperty("token_type", "bearer"),
new JProperty("expires_in", tokenExpiration.TotalSeconds.ToString()),
new JProperty(".issued", ticket.Properties.IssuedUtc.ToString()),
new JProperty(".expires", ticket.Properties.ExpiresUtc.ToString())
);
return tokenResponse;
}
这是我的创业班:
public class AltaiStartup
{
public static OAuthBearerAuthenticationOptions OAuthBearerOptions { get; private set; }
public void Configuration(IAppBuilder app)
{
// WebApi config
HttpConfiguration config = new HttpConfiguration();
config.MapHttpAttributeRoutes();
// SimpleInjector
var container = new SimpleInjector.Container();
container.Options.PropertySelectionBehavior = new ImportPropertySelectionBehavior();
container.Verify();
config.DependencyResolver = new SimpleInjectorWebApiDependencyResolver(container);
// Setup Oauth
ConfigureOAuth(app, container.GetInstance<IAuthModule>());
WebApiConfig.Register(config);
app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll);
app.UseWebApi(config);
}
public void ConfigureOAuth(IAppBuilder app, IAuthModule AuthModule)
{
OAuthBearerOptions = new OAuthBearerAuthenticationOptions();
OAuthAuthorizationServerOptions OAuthServerOptions = new OAuthAuthorizationServerOptions()
{
AllowInsecureHttp = true,
TokenEndpointPath = new PathString("/token"),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(1),
Provider = new AltaiAuthorizationServerProvider(AuthModule)
};
OAuthBearerOptions.AccessTokenFormat = OAuthServerOptions.AccessTokenFormat;
OAuthBearerOptions.AccessTokenFormat = OAuthServerOptions.AccessTokenFormat;
OAuthBearerOptions.AccessTokenProvider = OAuthServerOptions.AccessTokenProvider;
OAuthBearerOptions.AuthenticationMode = OAuthServerOptions.AuthenticationMode;
OAuthBearerOptions.AuthenticationType = OAuthServerOptions.AuthenticationType;
OAuthBearerOptions.Description = OAuthServerOptions.Description;
OAuthBearerOptions.SystemClock = OAuthServerOptions.SystemClock;
// Token Generation
app.UseOAuthAuthorizationServer(OAuthServerOptions);
app.UseOAuthBearerAuthentication(OAuthBearerOptions);
}
}
这似乎解决了它:
ClaimsIdentity identity = new ClaimsIdentity(OAuthDefaults.AuthenticationType);