【开发日志】2014年10月9日

1. 写一个web程序，一个webapi程序，webapi部署在虚拟目录下。 OK 2014-10-9 10:54:50

Index.cshtml

<script>

    $(document).ready( function() {
        $.getJSON("localhost:4040/api/messages")
            .done(function (data) {
                alert(data);
            })
            .fail(function () {
                alert('error!');
            });
    });

</script>

把routeTemplate中的api前缀去掉

            config.Routes.MapHttpRoute(
                name: "DefaultApi",
                routeTemplate: "{controller}/{id}",
                defaults: new { id = RouteParameter.Optional }
            );

    public class MessagesController : ApiController
    {
        public string Get()
        {
            return "Hello World!";
        }
    }

#if DEBUG
    [EnableCors(origins: "*", headers: "*", methods: "*")]
#endif

2. access token



Hello,

I'm trying out IdentityServer and I'm stuck on this scenario. I'm using the MVC OWIN Client and I'm fine with the flow implemented there, except that I'd like to build a single page application and thus I would like to also use the token in Ajax requests I issue from the browser. Using the Implicit Javascript client is a bit too much token handling code on the client side for my taste and I'd prefer to carry out the flow on the server and make the token available to the client. I captured the token using notifications:

Notifications = new OpenIdConnectAuthenticationNotifications
{
    SecurityTokenReceived = async n =>
    {
        var token = n.SecurityToken;

        if (!string.IsNullOrEmpty(token))
        {
            n.OwinContext.Set<string>("idsrv:token", token);
        }
    },
    SecurityTokenValidated = async n =>
        {

            var token = n.OwinContext.Get<string>("idsrv:token");

            if (!string.IsNullOrEmpty(token))
            {
                n.AuthenticationTicket.Identity.AddClaim(
                    new Claim("access_token", token));
            }
        }
}

and then I'm also making the access token available to the HTML page. I also enabled OWIN CORS in the Web API sample and finally I'm trying to call the Web API app from the client, like this, where token is the token is put in the claims before as "access_token":

$.ajax('@Constants.AspNetWebApiSampleApi' + 'identity', {
    headers: { 'authorization': 'Bearer ' + token },
    accepts: 'application/json',
    success: function(data) {
        console.log('data from web api request', data);
    }
});

Unfortunately this doesn't seem to work as I always get a 401 from the Web API.

Any idea about what I might be doing wrong?



发布debug版本的api
Copy-Item -Force -Recurse -Verbose G:\Work2\API\WordoorAPI\bin\* H:\DoorAPI\bin



需要仔细阅读

http://stackoverflow.com/questions/978061/http-get-with-request-body

javascript object  !== json

3. 添加评论后，需要返回评论和转发（如果是转发的话）