我正在为 ServiceStack 编写一个 AuthProvider 以针对我们自己的 OAuth2 服务器进行身份验证,并且在 ServiceStack 与我的提供者交互的方式上遇到了问题。
根据 https://groups.google.com/d/msg/servicestack/e3kkh-qRDYs/DF9Y05ibl-MJ
There are generally 2 ways for extending, if you want to provide your own OAuth implementation you would sub class AuthProvider (or implement IAuthProvider) and override the Authenticate() method which holds the entire implementation of your service. The AuthService now has no real implementation of its own, it just checks the Auth Provider .IsAuthorized() method to see if the user is already authenticated, if not it calls the Authenticate() method. [my emphasis]
我现在的整个身份验证提供程序如下所示:
using System;
using ServiceStack.ServiceInterface;
using ServiceStack.ServiceInterface.Auth;
namespace SpotAuth.ResourceServer.Services {
public class SpotlightOAUthProvider : AuthProvider {
public override bool IsAuthorized(IAuthSession session, IOAuthTokens tokens, Auth request = null) {
return (false);
}
public override object Authenticate(IServiceBase authService, IAuthSession session, Auth request) {
// A breakpoint on this line is never reached; the service just returns Unauthorized.
throw new NotImplementedException();
}
}
}
为什么从不调用 Authenticate 方法?上面链接的论坛帖子已有近一年的历史,但我找不到任何表明此行为已被弃用的信息。
最佳答案
这个答案可能来得有点晚,但我现在偶然发现了你的问题。
在你问你的问题前几周,我尝试实现我自己的 AuthProvider并有类似的问题:
How to get ServiceStack authentication to work? (with iPhone clients)
(在问题底部附近,是我的 MyBasicAuthProvider )
到底I found out what I did wrong ,我认为你犯了和我一样的错误:
我需要覆盖 TryAuthenticate而不是 Authenticate .
一旦我改变了它,我的提供者就开始工作了。
关于authentication - 为什么我的 ServiceStack AuthProvider 从不调用 Authenticate(),即使 IsAuthorized() 返回 false?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/18311483/