我有一个项目,我使用MVC5和WebAPI。认证使用Owin。我想要设置Ninject依赖关系解析器。我尝试使用MVC5,使用Owin使用MVC5,使用Owin使用WebAPI使用WebAPI。但我无法将它们结合起来。有没有人有MVC5 + WebApi + Owin + Ninject捆绑的步骤?MVC5 + WebAPI + Owin + Ninject
一个最后的解决方案,使之可行的的WebAPI我也跟着在这里: https://github.com/ninject/Ninject.Web.Common/wiki/Setting-up-a-OWIN-WebApi-application
我加入最新的NuGet包。 My Startup class:
public partial class Startup
{
public void Configuration(IAppBuilder app)
{
var webApiConfiguration = new HttpConfiguration();
WebApiConfig.Register(webApiConfiguration);
app.UseNinjectMiddleware(CreateKernel).UseNinjectWebApi(webApiConfiguration);
ConfigureAuth(app);
}
private static StandardKernel CreateKernel()
{
var kernel = new StandardKernel();
kernel.Load(Assembly.GetExecutingAssembly());
return kernel;
}
}
WebApiConfig。我没有添加任何路由配置。由于它是在Global.asax中添加:
public partial class Startup
{
public void Configuration(IAppBuilder app)
{
var webApiConfiguration = new HttpConfiguration();
app.UseNinjectMiddleware(CreateKernel).UseNinjectWebApi(webApiConfiguration);
ConfigureAuth(app);
}
private static StandardKernel CreateKernel()
{
var kernel = new StandardKernel();
kernel.Load(Assembly.GetExecutingAssembly());
return kernel;
}
}
的WebAPI用路由(在Global.asax中删除路由注册)它没有工作过。在每个请求ANY的WebAPI我有 “{” 消息 “:” 授权已被拒绝了这个请求。 “}”:
public partial class Startup
{
public void Configuration(IAppBuilder app)
{
var webApiConfiguration = new HttpConfiguration();
// Web API configuration and services
// Configure Web API to use only bearer token authentication.
webApiConfiguration.SuppressDefaultHostAuthentication();
webApiConfiguration.Filters.Add(new HostAuthenticationFilter(OAuthDefaults.AuthenticationType));
webApiConfiguration.MapHttpAttributeRoutes();
webApiConfiguration.Routes.MapHttpRoute("DefaultApi", "api/{controller}/{action}/{id}", new { id = RouteParameter.Optional });
app.UseNinjectMiddleware(CreateKernel).UseNinjectWebApi(webApiConfiguration);
ConfigureAuth(app);
}
private static StandardKernel CreateKernel()
{
var kernel = new StandardKernel();
kernel.Load(Assembly.GetExecutingAssembly());
return kernel;
}
}
ConfigureOAuth。我使用基于Tokne的另一种基于Tokne的双向身份验证。一个适合WebApi另一个MVC:
public void ConfigureAuth(IAppBuilder app)
{
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Login"),
Provider = new CookieAuthenticationProvider
{
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<UserManager, User>(
validateInterval: TimeSpan.FromMinutes(30),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager,DefaultAuthenticationTypes.ApplicationCookie))
}
});
PublicClientId = "self";
OAuthOptions = new OAuthAuthorizationServerOptions
{
TokenEndpointPath = new PathString("/Token"),
Provider = new ApplicationOAuthProvider(PublicClientId),
AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
AllowInsecureHttp = true
};
}
和我的API控制器。
[Authorize(Roles = "Admin")]
public class AdminPanelController : ApiController
{
private readonly IAdminPanelService _service;
public AdminPanelController(IAdminPanelService service)
{
_service = service;
}
}
我总是有例外,AdminPanelController应该是无参数的。如果我添加任何路由到WebApiConfig,我将具有相同的AdminPanelController异常,并且未经其他授权(虽然无标记令牌生成并传递给WebApi控制器)
我有这个设置,它确实有效。当你说你不能合并他们时,哪一部分不工作?到目前为止,你有什么? – ngm
@ngm。我更新了我的消息。你可否请检讨它。 – Archon