Change OWIN storage to redis

Question

0.00/5 (No votes)

See more:

Hello there,

I am developing a web service application with .NET Framework 4.5 / Web API 2 and I am using OWIN for authentication and authorization.

So, for this application we need a load balancer solution then we set up that as you know after that users' tokens are not working properly. Because if a user take token from server A then can't use it on server B.

Because of it, I need use Redis with Redis every application's OWIN will save authentication to redis

Thank you.

What I have tried:

I used https://github.com/ziyasal/Owin.Security.RedisTokenProviders this package, but it does not help. I guess I am missing a point.

Here is the my Configuration Method on Startup.cs

C#

public void Configuration(IAppBuilder appBuilder)
        {
            HttpConfiguration httpConfiguration = new HttpConfiguration();
            httpConfiguration.DependencyResolver = new NinjectResolver(NinjectWebCommon.CreateKernel());

            ConfigureOAuth(appBuilder);

            WebApiConfig.Register(httpConfiguration);
            appBuilder.UseWebApi(httpConfiguration);
        }

and my Server Option in same class

C#

OAuthAuthorizationServerOptions oAuthAuthorizationServerOptions = new OAuthAuthorizationServerOptions()
            {
                TokenEndpointPath = new Microsoft.Owin.PathString("/signin"),
                AccessTokenExpireTimeSpan = TimeSpan.FromHours(1),
                AllowInsecureHttp = true,
                Provider = new SimpleAuthorizationServerProvider(),
                RefreshTokenProvider = new RedisRefreshTokenProvider(new ProviderConfiguration
                {
                    ConnectionString = "12.0.0.145:6379",
                    Db = 0,
                    ExpiresUtc = DateTime.UtcNow.AddMinutes(5),
                    AbortOnConnectFail = true
                })
            };

Posted 22-Mar-19 1:43am

Member 13518243

Add a Solution

Comments

[no name] 22-Mar-19 11:12am

You're "developing" and (already) need a "load balancer" .... What are you "balancing"?

David_Wimbley 23-Mar-19 3:31am

One option that I went with was overriding the machine key via web.config so if you've gotten a token from server A it will work on Server B.

Ex: Note, this is not my machine key, i just generated a new one for this purpose.

<system.web>
    <compilation debug="true" targetFramework="4.6.1"/>
    <httpRuntime targetFramework="4.6"/>
    <machineKey validationKey="DF81295AD0E82DBD0893CFFE4BA71D41C964D3A4AFD27887A36A8C3018C55FB71D524A7107FF27A2BC15CF9B22C5611C4D64308B1F3D039E0269A7461CE70853" decryptionKey="927FFC06AD876B9442AF184E8DAC1B58DEE2E313593B113258551F7B76D19610" validation="SHA1" decryption="AES" /> 
  </system.web>

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)