This project is read-only.

Porting DotNetOpenAuth Samples to Asp.Net Version

Nov 13, 2012 at 9:04 AM

Hi All,

I'm currently implementing OAuth in my WebAPI project and need a few pointers.

I'm looking at the Samples that come with the DotNetOpenAuth and I the sample makes use of two classes in the OAuthAuthorizationServer sample:



INonceStore, ICryptoKeyStore

Where in the Asp.Net version would I find analogies to these so I can follow through the flow to use a nonce store and authorise the client and resource owners?

Are there any samples doing this using the DotNetOpenAuth.Aspnet libraries?


Nov 13, 2012 at 5:22 PM

Those abstractions are used when implementing your own authorization server. ASP.NET currently only has support for acting as an OAuth client for various existing authorization servers (Facebook, Twitter, etc). We don't currently have a turn-key solution for implementing your own authorization server on ASP.NET, but the DotNetOpenAuth sample implementations of these interfaces are probably your best place to start.

Daniel Roth

Nov 13, 2012 at 6:11 PM

Hi Daniel,

Thanks for this.  I've been looking at this all day today and trying to piece together what path to take.

I initialliy pulled all the source for WebSecurity and OAuthWebSecurity into my own source as it didn't cover my requirements to starting to then try and incorporate the approaches in the DotNetOpenAuth started to look tricky.

I've implemented the nonce store and am now looking at the IAuthorizationServerHost in order to start producing AccessTokens.  Glad I'm on the right track and not re-implementing existing functionality.

What were the decisions behind embedding and extending DotNetOpenAuth?


Nov 16, 2012 at 2:30 PM


Here are a couple of sample source files for the two interfaces you asked about:

I hope this helps.