Microsoft.Owin.Security.OAuth Version=3.0.0 Tokens support #1592
Comments
From @horbel on January 4, 2018 17:14 I think I find a kind of solution. I use AspNet.Security.OAuth.Validation assembly: http://prntscr.com/hw1u5m But I still don't find out how to use machine key to "decode" bearer token from my Auth server |
Closing because there are no plans to support this. You can use a 3rd party token server such as Identity Server to issue tokens that work with both systems. Or, you can write custom code for ASP.NET Core to handle the OWIN/Katana-style tokens. |
As someone in a similar situation and workint for a customer that has to approove code changes with budgets: Thanks to tell me to fuck off because you don't care about compability. Now I have 2 choices: Write MORE code using Owin.SecurityOauth (and drop dotnet core for some time), or go through the whole nightmare of trying to get a budget to replace that part of the system. Not that I won't get it - ine likely 2-3 months, which means.... not using dotnetcore. WELL DONE. There was a time, Microsoft cared about comptability. Obviously not anymore. Seriously, there are many shops out there that followed past guidance and you just tell them to bugger off. You just broke compatibility. |
Dropping this here for anyone coming along this thread. Certainly not the only solution; but one of the more OEM ones: https://long2know.com/2017/05/sharing-cookies-and-tokens-between-owin-and-net-core/ |
From @horbel on January 4, 2018 9:56
Hi all. I have Authorization server which built on .NET 4.5.1 and use Microsoft.Owin.Security.OAuth Version=3.0.0
http://prntscr.com/hvwhl4
Tokens protected via machinkey (OAuthAuthorizationServerOptions.AccessTokenFormat is null). I also have few application-consumers(resource servers) on .NET 4.5.1 which validate these tokens via custom AuthorizeAttribute (System.Web.Http Version=5.2.3.0) http://prntscr.com/hvwwdu http://prntscr.com/hvwiwr . I also can read claims from token using this attribute. All these applications have the same machinkey in web.config
Now I try to build .net core 2.0 application and I need to use the same tokens from my Auth server(.net 4.5.1 owin 3.0.0). How can I validate and read claims from Microsoft.Owin.Security.OAuth(3.0.0) tokens in .net core 2.0?
Copied from original issue: aspnet/Identity#1553
The text was updated successfully, but these errors were encountered: