geekboyUK
Reputation: 498
Validate OAuth bearer token with form post
I've created a OData based web back-end using Web API 2. This works really well, using AuthorizeAttribute on controllers.
I'd like to be able to upload a files, via a standard html form and a submit.
We are passing the OAuth token, which would normally be passed in the header of an OData request, as a hidden input field.
Question: How do you validate this in the controller?
Upvotes: 2
Views: 2498
Answers (1)
Taiseer Joudeh
Reputation: 9043
Then you need to un-protect the token, then from the "ticket" you check if there is principal and if it is authenticated (check property IsAuthenticated). Use the code below inside your controller:
string token = "Your token goes here";
Microsoft.Owin.Security.AuthenticationTicket ticket = Startup.OAuthBearerOptions.AccessTokenFormat.Unprotect(token);
Upvotes: 4
Related Questions
- How can I validate my custom Oauth2 access token in server-side
- Asp.Net Core 2 Validating bearer token
- OAuth bearer token validation by Authorize Attribute
- Web Api OWIN - How to validate token on each request
- How to customize WebApi OAuth token validation?
- .NET Web API 2 OWIN Bearer Token Authentication direct call
- Explicitly token validation
- How to make Bearer token invalid
- Web API authorization access_token validation
- Bearer Token Authentication with ASP.net API