1

I'm attempting to use Thinktecture identity server to secure a web api with an angularjs front end. I'm able to get an OAuth token from Identity Server via the api controller with the following code: 

    [HttpPost]
    public async Task<JObject> LogOn(UserModel userModel)
    {
        System.Net.ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };

        var client = new OAuth2Client(
            new Uri("https://identity.app.net/issue/oauth2/token"),
            "dd",
            "secret");

        var result =
            await
                client.RequestResourceOwnerPasswordAsync(userModel.UserName, userModel.Password,
                    @"http://my.app.net/");
        return result.Json ;
    }

This returns a token. I cannot seem to figure out how to get the [Authorize] tag to work when the token if passed in the header of the request.

Rajdeep Dosanjh
  • 1,157
  • 1
  • 9
  • 20

1 Answers1

2

Old question - I hope you figured out the answer?

You need to add the token as a bearer token to the client calling the web api. From a .Net client it would be something like this (where "token" would be "result" from your call to RequestResourceOwnerPasswordAsync):

var client = new HttpClient();    
client.SetBearerToken(token);
var response = client.GetStringAsync(<yourUrl>).Result;

In Angular you probably need to intercept stuff (I'm not much of a front-end guy ;-)): http://www.codeproject.com/Articles/784106/AngularJS-Token-Authentication-using-ASP-NET-Web-A

Henrik N.
  • 556
  • 5
  • 13