Geek Answers Handbook

Context.Request.User is null in OWIN OAuthAuthorizationServerProvider

I am trying to implement OAuth using OWIN for the Web API v2 endpoint on the local LAN. The API is hosted in IIS using Integrated Windows Authentication. In short, this is what I want.

When I ask for my token / token

  • Get WindowsPrincipal out of OWIN Context

  • Use the SID from WindowsPrincipal to find some roles for this user in the SQL table.

  • Create a new ClaimsIdentity property that stores the username and roles

  • Turn this into a Json Web Token (JWT) which I sent bak

When I request a resource from my API using my token

  • Convert JWT Token Token Back to ClaimsIdentity

  • Use this ClaimsIdentity property to authorize resource requests through a Role.

  • This way, I donโ€™t need to do a database search for user roles on every query. He just baked it in JWT.

I think Iโ€™ll set everything right. My Startup.Configuration method is as follows.

public void Configuration(IAppBuilder app)
{

    // token generation
    // This is what drives the action when a client connects to the /token route
    app.UseOAuthAuthorizationServer(new OAuthAuthorizationServerOptions
    {
        // for demo purposes
        AllowInsecureHttp = true,

        TokenEndpointPath = new PathString("/token"),
        AccessTokenExpireTimeSpan = TimeSpan.FromHours(8),
        AccessTokenFormat = GetMyJwtTokenFormat(),
        Provider = new MyAuthorizationServerProvider()
    });



    //// token consumption
    app.UseOAuthBearerAuthentication(
        new OAuthBearerAuthenticationOptions()
        {
            Realm = "http://www.ccl.org",
            Provider = new OAuthBearerAuthenticationProvider(),
            AccessTokenFormat = GetMyJwtTokenFormat()
        }
    );


    app.UseWebApi(WebApiConfig.Register());

}

MyAuthorizationServerProvider looks like this:

    public class MyAuthorizationServerProvider: OAuthAuthorizationServerProvider
    {

        public override async Task GrantResourceOwnerCredentials (OAuthGrantResourceOwnerCredentialsContext context)
        {

            // Since I'm hosting in IIS with Windows Auth enabled
            // I'm expecting my WindowsPrincipal to be here, but it null :(
            var windowsPrincipal = context.OwinContext.Request.User.Identity;

            // windowsPrincipal is null here. Why?

            // Call SQL to get roles for this user

            // create the identity with the roles
            var id = new ClaimsIdentity(stuff, more stuff);

            context.Validated(id);
        }
    }

, context.Request.User null. WindowsPrincipal. , WindowsPrincipal. null ? - ?

+4
1

UseOAuthAuthorizationServer UseOAuthBearerAuthentication. UseOAuthBearerAuthentication UseStageMarker(PipelineStage.Authenticate);, ( , ) ASP.NET. null .

+11

More articles:


All Articles