I am building RESTful web API for my ASP.NET MVC4 web application using ASP.NET WebAPI. I want to use OAuth 1.0 to provide authorization. I'm looking toward of DotNetOpenAuth library. Can anyone help me to understand how to use the service provider of this library with ASP.NET WebAPI?
I'm in a similar situation as you.
I would recommend you to take a look at Thinktecture's IdentityModel Authorization extensions for Web API (and MVC).
It's a open source project hosted on GitHub, with samples to take a look at as well.
You can also grab a lot of useful info from Dominick Baier's blog
Have you looked at the OAuthServiceProvider sample that comes with DotNetOpenAuth? It demonstrates a WCF service that is protected by OAuth 1.0.
Related
I am working on developing ASP.NET Core WEB API based microservices which will be consumed by multiple client applications like Angular app, iOS and Android app.
While looking on the security aspects of the microservices I do see that there is a need to prevent the microservices from XSRF attacks. On analysis I found that there is a way for ASP.NET Core MVC application as mentioned in the below URL:
https://andrewlock.net/automatically-validating-anti-forgery-tokens-in-asp-net-core-with-the-autovalidateantiforgerytokenattribute/
Can anyone help me to know is there any way to automatically validating anti-forgery tokens in ASP.NET Core WEB APIs?
Any links with some sample code will help me a lot.
I am having a bit of an issue with integrating with NetSuite API on .Net Core using VS2017 and it has no option to add Web Service. When I consumed their web service using add connected services some objects and classes are missing.
In .Net 4.5, the classes and object are available. My manager wants me to write the API in .Net Core.
I took the sample code from NetSuite and the very first thing is class NetSuiteService which has important Passport property for login.
Anyone had a solution to this?
It's fairly easy to integrate SuiteTalk with Dot NetCore, all you need to do is import the WSDL into .NetCore project via adding it as ConnectedService reference and it will set you up with WCF.
The DEMO code that NetSuite people have provided will not match the code generated on your machine. I would recommend you using TBA instead of other authentications.
(just copy paste the code provided by NetSuite's folks for authentication as that is the convention, you can change the crypt algorithm if you want to, just generate the Keys, put them in your configs and you're good to go)
Class "NetSuitePortTypeClient" will contain your endpoints for all types of communication to NetSuite web services.
Read the first 50-100 pages of the documentation manual that NetSuite provides for learning the conventions to be used throughout your journey.
Hope this will give you a headstart.
I am trying to build a zend framework application tied to angular. So I am thinking to go with the RESTful approach. Do you have any references on examples on how to this securely?
I would suggest looking at Apigility (Created by Zend and built on top of the framework) https://apigility.org/ if you want to build RESTful API's with Zend Framework.
If you want to build APIs direct with Zend Framework you could lift a lot of ideas for authentication and authorization from the Apilgity docs https://apigility.org/documentation/auth/intro
How do I offer OAuth 2.0 provider services using swift? I would like to use swift as a rest API but missing this integral component. Would probably be able to build something from the spec but don't have budget on this particular project. Would be a great component to Perfect framework but I don't see it on the roadmap at present?
There are OAuth2 client libs: https://github.com/PerfectlySoft/Perfect-OAuth2
OAuth2 demo: https://github.com/PerfectExamples/Perfect-Authentication-Demo
A work in progress OAuth2 Server: https://github.com/PerfectServers/AuthenticationServer
I cannot find any Swift based OAuth identity provider solutions yet. Found a few libraries that might either be ported or built into a Swift solution, but it seems like the simplest path at the moment would be to implement something like Auth0 or OAuth.io as the provider
Does anyone have any links for building RESTful web services with the ASP.NET Web API. So far I have built a very basic web service using WCF and would now like to try the web api to see which one suits for Azure based web services.
I will start from:
ASP.NET Web API: you can find screencasts, getting started info, etc (funny enough it is down at the mo)
And move on to these blogs:
Henrik Nielsen's blog (ASP.NET Web API architect)
Gunnar Piepman's blog
Pedro Reys blog
Tugberk Ugurlu's blog
My own blog
For asking questions, you can try here (SO) and Web API.
FYI, I'm a sucker for a good conference presentation video (RIP MIX...)
This was my introduction to the subject and it gave me a very good crash course on the whys and hows of Web API.
WCF Web APis: "There's a URI for That"
A note of caution: The video is referencing an alpha status of the project so it may include some old terminology. But as Web API is still in beta, I think that point is kind-of moot.