Using fiddler to test ASP NET Web API token based authentication
202.5 هزار بار بازدید -
8 سال پیش
-
In this video we will
In this video we will discuss how to test ASP.NET Web API token based authentication using fiddler.
Text version of the video
http://csharp-video-tutorials.blogspo...
Healthy diet is very important both for the body and mind. If you like Aarvi Kitchen recipes, please support by sharing, subscribing and liking our YouTube channel. Hope you can help.
@aarvikitchen5572
Slides
http://csharp-video-tutorials.blogspo...
All ASP .NET Web API Text Articles and Slides
http://csharp-video-tutorials.blogspo...
All ASP .NET Web API Videos
ASP.NET Web API tutorial for beginners
All Dot Net and SQL Server Tutorials in English
https://www.youtube.com/user/kudvenka...
All Dot Net and SQL Server Tutorials in Arabic
kudvenkatarabic
In our previous video we have registered a new user with the following email address and password. The username is also the email address.
Email : [email protected]
Password : Test123!
Now let's use fiddler and generate the access token using the above username and password. Use the Composer tab in Fiddler to compose a request.
Issue a POST request to /token
In the request body include username and the password.
We also need to set grant_type=password. This indicates that we are presenting password for acquiring access token.
With the above configuration in place, click the Execute button in Fiddler. Notice we get the access token back. You can also see when the token is issued and when it expires.
Now let's understand how the access token is generated.
The code that generates the access token is provided by ASP.NET Web API out of the box. To see this code open the file "Startup.Auth.cs" that is present in App_Start folder. Notice in the ConfigureAuth() method
1. An instance of OAuthAuthorizationServerOptions is created
2. The /Token end point to which we have posted username and password is specified in here
3. The token expiry is specified using AccessTokenExpireTimeSpan property. In this case the token expires 14 days after it is issued. You can change this to meet your application needs.
4. The Provider property is initialized with a new instance of ApplicationOAuthProvider class. This class has GrantResourceOwnerCredentials() method which verifies if the provided username and password are valid. If valid an access token is issued. The token is generated when context.Validated(ticket) method is called.
Now let us see how to call EmployeesController and retrieve employees data.
If we issue a GET request to /api/employees we get 401 Unauthorized error. Since the EmployeesController is decorated with [Authorize] attribute, the request needs to be authenticated. So with every request we have to send the Bearer token using Authorization header
In our next video we will discuss implementing the Login page for the sample application that we have been working with in this series.
Text version of the video
http://csharp-video-tutorials.blogspo...
Healthy diet is very important both for the body and mind. If you like Aarvi Kitchen recipes, please support by sharing, subscribing and liking our YouTube channel. Hope you can help.
@aarvikitchen5572
Slides
http://csharp-video-tutorials.blogspo...
All ASP .NET Web API Text Articles and Slides
http://csharp-video-tutorials.blogspo...
All ASP .NET Web API Videos
ASP.NET Web API tutorial for beginners
All Dot Net and SQL Server Tutorials in English
https://www.youtube.com/user/kudvenka...
All Dot Net and SQL Server Tutorials in Arabic
kudvenkatarabic
In our previous video we have registered a new user with the following email address and password. The username is also the email address.
Email : [email protected]
Password : Test123!
Now let's use fiddler and generate the access token using the above username and password. Use the Composer tab in Fiddler to compose a request.
Issue a POST request to /token
In the request body include username and the password.
We also need to set grant_type=password. This indicates that we are presenting password for acquiring access token.
With the above configuration in place, click the Execute button in Fiddler. Notice we get the access token back. You can also see when the token is issued and when it expires.
Now let's understand how the access token is generated.
The code that generates the access token is provided by ASP.NET Web API out of the box. To see this code open the file "Startup.Auth.cs" that is present in App_Start folder. Notice in the ConfigureAuth() method
1. An instance of OAuthAuthorizationServerOptions is created
2. The /Token end point to which we have posted username and password is specified in here
3. The token expiry is specified using AccessTokenExpireTimeSpan property. In this case the token expires 14 days after it is issued. You can change this to meet your application needs.
4. The Provider property is initialized with a new instance of ApplicationOAuthProvider class. This class has GrantResourceOwnerCredentials() method which verifies if the provided username and password are valid. If valid an access token is issued. The token is generated when context.Validated(ticket) method is called.
Now let us see how to call EmployeesController and retrieve employees data.
If we issue a GET request to /api/employees we get 401 Unauthorized error. Since the EmployeesController is decorated with [Authorize] attribute, the request needs to be authenticated. So with every request we have to send the Bearer token using Authorization header
In our next video we will discuss implementing the Login page for the sample application that we have been working with in this series.
8 سال پیش
در تاریخ 1395/09/16 منتشر شده
است.
202,514
بـار بازدید شده