Reputation: 2322
OAuth2 without MVC/ASP.NET in a class (IHttpModule)
I'm trying to implement an OAuth2 validation module in .net 4.5.
We have an application that is receiving an access token from another website.
We need to validate this token and map the corresponding user (from claim information) to an internal user in our own system, then create the access cookies for our own system as if the user is already logged in.
We are NOT using ASP.NET, MVC, WebForms or anything else that allows us to use the IAppBuilder required by OpenIdConnect. We are simply implementing an IHttpModule (IIS Plugin) which will do the validation and pre-authentication manually.
I've tried System.IdentityModel.Tokens.Jwt (etc), but all examples on validating access tokens I can find (anywhere) all point to using openIdConnect which requires the MVC model (and the IAppBuilder).
We have the configuration document (https://.../.well-known/openid-configuration) and the keys etc. but no idea how to call the functionality manually to validate the access-token we are given.
I have the access-token in a string. How do I do the validation from scratch?
Any examples, or even links would be helpful.
I'm currently attempting to use the nuget package "IdentityModel.WPF" but am still rather stuck.
Upvotes: 1
Views: 347
Answers (0)
Related Questions
- Need to generate/validate OAuth tokens in ASP.NET 5
- How to write OAuth2 Web API Client in Asp.net MVC
- OAuth Asp.NET MVC
- signingCredentials Iusse JWT/OAuth/Identity in MVC
- Oauth2 without MVC in webforms
- Implement JWT authentication
- OAuth v2.0 in combination with ASP.NET MVC 4 Web API
- Simple OpenID authentication code for .NET MVC
- ASP.NET MVC solution for OpenID + OAuth + trivial authentication
- Building a C# / ASP.NET API using oAuth for API Authentication