Add Query String token for web api authentication

Create this class to retrieve access token from query string and add to ApplicationOAuthProvider.cs

public class QueryStringOAuthBearerProvider : OAuthBearerAuthenticationProvider
    public override Task RequestToken(OAuthRequestTokenContext context)
        var value = context.Request.Query.Get("access_token");

        if (!string.IsNullOrEmpty(value))
            context.Token = value;

        return Task.FromResult<object>(null);

Edit this code in Startup.Auth.cs

OAuthOptions = new OAuthAuthorizationServerOptions
    TokenEndpointPath = new PathString("/Token"),
    Provider = new ApplicationOAuthProvider(PublicClientId),
    AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"),
    AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
    // In production mode set AllowInsecureHttp = false
    AllowInsecureHttp = true                

// Enable the application to use bearer tokens to authenticate users

//app.UseOAuthBearerTokens(OAuthOptions);   // Commented this line.

app.UseOAuthAuthorizationServer(OAuthOptions); // Added this line

// Enable the application to retrieve tokens from query string to authenticate users
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions()
    Provider = new QueryStringOAuthBearerProvider()

Now build and we are done. Use both the method for login.

Author Profile

Tech Lover , Open Src Dev , Dotnet Core, Ionic, Xamarin, Node, Angular2, Python, Opencv, AI, ML, Robotics, SignalR, Iot, Love Music, Cooking, Girls, Innovation.
Like Love Haha Wow Sad Angry

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.