我有一个项目,我使用MVC5和WebAPI。身份验证使用Owin。我想设置Ninject依赖解析器。我尝试了MVC5的灵魂,与Owin的MVC5,与Owin的WebAPI的WebApi。但我无法将它们结合起来。有没有人有MVC5 + WebApi + Owin + Ninject捆绑包的步骤?
使其适用于WebApi的最后一个解决方案之一我在这里: https://github.com/ninject/Ninject.Web.Common/wiki/Setting-up-a-OWIN-WebApi-application
我添加了最新的NuGet包。 我的启动课程:
public partial class Startup
{
public void Configuration(IAppBuilder app)
{
var webApiConfiguration = new HttpConfiguration();
WebApiConfig.Register(webApiConfiguration);
app.UseNinjectMiddleware(CreateKernel).UseNinjectWebApi(webApiConfiguration);
ConfigureAuth(app);
}
private static StandardKernel CreateKernel()
{
var kernel = new StandardKernel();
kernel.Load(Assembly.GetExecutingAssembly());
return kernel;
}
}
WebApiConfig。我没有添加任何路由配置。正如它在Global.asax中添加的那样:
public partial class Startup
{
public void Configuration(IAppBuilder app)
{
var webApiConfiguration = new HttpConfiguration();
app.UseNinjectMiddleware(CreateKernel).UseNinjectWebApi(webApiConfiguration);
ConfigureAuth(app);
}
private static StandardKernel CreateKernel()
{
var kernel = new StandardKernel();
kernel.Load(Assembly.GetExecutingAssembly());
return kernel;
}
}
WebApi与路由(以及在Global.asax中删除路由注册)它也不起作用。在每次向任何WebApi请求时,我都有" {"消息":"此请求已拒绝授权。"}":
public partial class Startup
{
public void Configuration(IAppBuilder app)
{
var webApiConfiguration = new HttpConfiguration();
// Web API configuration and services
// Configure Web API to use only bearer token authentication.
webApiConfiguration.SuppressDefaultHostAuthentication();
webApiConfiguration.Filters.Add(new HostAuthenticationFilter(OAuthDefaults.AuthenticationType));
webApiConfiguration.MapHttpAttributeRoutes();
webApiConfiguration.Routes.MapHttpRoute("DefaultApi", "api/{controller}/{action}/{id}", new { id = RouteParameter.Optional });
app.UseNinjectMiddleware(CreateKernel).UseNinjectWebApi(webApiConfiguration);
ConfigureAuth(app);
}
private static StandardKernel CreateKernel()
{
var kernel = new StandardKernel();
kernel.Load(Assembly.GetExecutingAssembly());
return kernel;
}
}
ConfigureOAuth。我使用双向身份验证,一个基于cookie,另一个基于Tokne。一个适合WebApi另一个适用于MVC:
public void ConfigureAuth(IAppBuilder app)
{
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Login"),
Provider = new CookieAuthenticationProvider
{
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<UserManager, User>(
validateInterval: TimeSpan.FromMinutes(30),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager,DefaultAuthenticationTypes.ApplicationCookie))
}
});
PublicClientId = "self";
OAuthOptions = new OAuthAuthorizationServerOptions
{
TokenEndpointPath = new PathString("/Token"),
Provider = new ApplicationOAuthProvider(PublicClientId),
AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
AllowInsecureHttp = true
};
}
我的API控制器。
[Authorize(Roles = "Admin")]
public class AdminPanelController : ApiController
{
private readonly IAdminPanelService _service;
public AdminPanelController(IAdminPanelService service)
{
_service = service;
}
}
我总是有异常,AdminPanelController应该是无参数的。如果我向WebApiConfig添加任何路由,我将为AdminPanelController提供相同的例外,而不会授权给其他人(尽管Bearer Token生成并传递给WebApi控制器)