标签:style called inter overview https tutorial limit party tcl
The OAuth 2.0 framework enables a third-party app to obtain limited access to an HTTP service. Instead of using the resource owner‘s credentials to access a protected resource, the client obtains an access token (which is a string denoting a specific scope, lifetime, and other access attributes). Access tokens are issued to third-party clients by an authorization server with the approval of the resource owner.
This tutorial will cover:
app.UseOAuthAuthorizationServer(new OAuthAuthorizationServerOptions {Provider = new OAuthAuthorizationServerProvider { OnValidateClientRedirectUri = ValidateClientRedirectUri, OnValidateClientAuthentication = ValidateClientAuthentication, OnGrantResourceOwnerCredentials = GrantResourceOwnerCredentials, OnGrantClientCredentials = GrantClientCredetails }};
 // Summary:
        //     Called when a request to the Token endpoint arrives with a "grant_type" of "client_credentials".
        //     This occurs when a registered client application wishes to acquire an "access_token"
        //     to interact with protected resources on it‘s own behalf, rather than on behalf
        //     of an authenticated user. If the web application supports the client credentials
        //     it may assume the context.ClientId has been validated by the ValidateClientAuthentication
        //     call. To issue an access token the context.Validated must be called with a new
        //     ticket containing the claims about the client application which should be associated
        //     with the access token. The application should take appropriate measures to ensure
        //     that the endpoint isn’t abused by malicious callers. The default behavior is
        //     to reject this grant type. See also http://tools.ietf.org/html/rfc6749#section-4.4.2
public Func<OAuthGrantClientCredentialsContext, Task> OnGrantClientCredentials { get; set; }
OWIN OAuth 2.0 Authorization Server
标签:style called inter overview https tutorial limit party tcl
原文地址:https://www.cnblogs.com/chucklu/p/10346661.html