Questions tagged [thinktecture-ident-model]

Thinktecture IdentityModel is a versatile helper library to make working with Claims Based Authentication and Windows Identity Foundation easier.

Thinktecture IdentityModel is a versatile helper library to make working with Claims Based Authentication and Windows Identity Foundation easier.

The library is written by Dominick Baier, a security expert involved with the creation of WIF and co-author of Claims Based Identity & Access Control Guide. Source code for the project can be found on Git Hub. Many blog posts on the code can be found on Dominic's blog - leastprivilege.com.

Note - the tag name uses "ident" to fit within 25 character maximum

97 questions
2
votes
1 answer

Using Thinktecture.IdentityModel lib using UseBasicAuthentication with Webapi and OWIN the Identity in my controllers has no claims

I am using Thinktecture.IdentityModel and trying to use the Owin.BasicAuthentication lib with the UseBasicAuthentication with Webapi and OWIN. The Identity in my controllers has no claims and shows not authenticated. I setup the owin config with…
2
votes
1 answer

Verify JWT Claims in WebAPI

Given the Thinktecture AuthenticationConfiguration below: var authConfig = new AuthenticationConfiguration { EnableSessionToken = true, SendWwwAuthenticateResponseHeaders = true, RequireSsl = false, ClaimsAuthenticationManager = new…
morleyc
  • 2,169
  • 10
  • 48
  • 108
2
votes
1 answer

MVC5 allow relying party to use JWT security tokens

I am using Thinktecture IdentityServer v2, the Relying Party token type is set to none. The code runs fine with this setting. I am looking to use JWT tokens so I have a common interface from my MVC app to the API, and also from phone/tab app clients…
2
votes
2 answers

Is it possible to resolve my ClaimsAuthorizationManager using a DI container

I've got my custom ClaimsAuthorizationManager working using the standard configuration file settings but I want to inject a business layer service into my implementation and I can't figure it out.
BenCr
  • 5,991
  • 5
  • 44
  • 68
2
votes
2 answers

Updating BootStrapContext with new SessionSecurityToken when using Sliding sessions in WIF with the SAM and Thinktecture IdentityModel

When using sliding sessions in WIF with the session authentication module (SAM) and Thinktecture IdentityModel as described in brockallen's blog. The session security token issued and written to the cookie has it's "valid to" extended as required…
RonyK
  • 2,644
  • 5
  • 32
  • 42
2
votes
1 answer

How to decode SessionSecurityToken

Is it possible to decode a SessionSecurityToken? I've set up a site to work with ThinkTecture IdentityServer using MachineKeySessionSecurityTokenHandler, and everything works as expected. But now I need to pass the token to another service, but in…
1
vote
0 answers

Handeling different permissions per selected customer

I am going to implement a new login system for our new AngularJS application at work, using IdentityServer3, and Thinktecture.IdentityModel.Owin.ResourceAuthorization.WebApi. Some users will have access to more than one customer. I am trying to…
1
vote
0 answers

Identity Manager throws 401 unauthorized

I am using following configuration for my Identity Manager, everytime I pass my access token - it throws 401 (Unauthorized) app.Map("/admin", adminApp => { var factory = new IdentityManagerServiceFactory(); …
1
vote
0 answers

Getting a token for Web API

Once upon a time I used to install Thinktecture.IdentityModel, call it using basic auth to get a token and then pass this in the headers of ajax calls to Web API. I just tried to do this, and it barfed. Up periscope! Method not found: no match for…
Peter Wone
  • 17,965
  • 12
  • 82
  • 134
1
vote
0 answers

Scenario for STS with symmetric signing key for a Relying party

Please help me to understand the following scenario: The web application is requesting a Token from STS. The STS is Thinktecture Identity server v2. STS is configured with following: General Configuration Only One Relying party Both webapplication…
1
vote
1 answer

Server sessions (IsReference mode) for Thinktecture Id.Srv. 3

With ref. to brockallen.com/2013/02/21/server-side-session-token-caching-in-wif-and-thinktecture-identitymodel I want to use server side sessions with Id.Srv. 3 and have created an implementation of ITokenCacheRepository using a Redis Cache as the…
1
vote
1 answer

IdentityServer3 get user token by username and password post REQUEST

I found this tutorials for authenticate and get token from identity server by username and…
senzacionale
  • 20,448
  • 67
  • 204
  • 316
1
vote
0 answers

HowTo Request an ActAsToken from IdenityServer, holding an OAuth2 JWT bearer token in the WebApi?

We're trying to extend our current infrastructure to be able to use WebApi/OAuth2 for our mobile apps. Currently we have been using SAML tokens for the mobile apps but it's to heavy. I was hoping somebody here could point me to the right direction…
Lord02
  • 121
  • 1
  • 8
1
vote
3 answers

How to mock owin's authorizationManager to test my api controller

I'm using ThinkTecture's resource based authorization in my WebApi. I'm trying to test one of my controller that I needed to check the access inside the function. But now, I can't test the function anymore since, I can't mock an extension method and…
1
vote
1 answer

Thinktecture BasicAuthenticationSecurityTokenHandler returning StatusCode 500, Internal Server Error

I have recently upgraded from the older Thinktecture IdentityModel to the latest IdentityModel that supports Web API 2. The below code works with the previous nuget packages (and lesser webapi version hosting it), when I am using System.Web.Mvc…
morleyc
  • 2,169
  • 10
  • 48
  • 108