Skip to main content

Richard Webb

Richard Webb's Public Library

  • setting the content type to anything other than application/x-www-form-urlencoded, multipart/form-data, or text/plain will trigger the browser to send a preflight OPTIONS request to the server.
  • $http.post(url,data,{  headers : {  'Content-Type' : 'application/x-www-form-urlencoded; charset=UTF-8'  }   });

  • Inject filters
     

      

    Usage: <name>Filter
     Example: maxFilter uniqFilter

      
    angular.module('app', ['angular.filter'])   .controller('MainCtrl', function($scope, maxFilter) {     $scope.list = [1,23,100,64,-79];     $scope.max = maxFilter($scope.list);     //...   })   //or   .factory('SomeFactory', function($filter) {     var maxFilter = $filter('max');     //...   });

  • part of the mechanics, the middleware won’t kick in unless the current HTTP response is a 401 status code. When the external provider middleware you’ve triggered sees the 401 response from your application, it initiates the protocol to the external provider
  • calls back into the AuthenticationManager to obtain the identity of the user from the external cookie. Once we have that, we immediately revoke the cookie by calling SignOut.
  •         app.Properties["Microsoft.Owin.Security.Constants.DefaultSignInAsAuthenticationType"] = "ExternalCookie";
            app.UseCookieAuthentication(new CookieAuthenticationOptions
            {
                AuthenticationType = "ExternalCookie",
                AuthenticationMode = Microsoft.Owin.Security.AuthenticationMode.Passive,
            });

  • By default, Web API code running in a host will inherit the host’s authentication model.
  • Web API 2 introduced a new RequestContext class that contains a Principal property. This is now the proper location to look for the identity of the caller. This replaces the prior mechanisms of Thread.CurrentPrincipal and/or HttpContext.User. This is also what you would assign to if you are writing code to authenticate the caller in Web API.
  • Web API 2 added a feature to ignore the host level authentication called SuppressDefaultHostAuthentication.

4 more annotations...

  • One improvement the OWIN cookie authentication middleware has over the previous Forms authentication is that it is claims-aware.

  • As tokenformat: Startup.OAuthOptions.AccessTokenFormat is used. Since we want to provide a refeshtoken this needs te be changed to: Startup.OAuthOptions.RefreshTokenFormat

  • Called when a request to the Token endpoint arrives with a "grant_type" of "authorization_code".
1 - 20 of 4712 Next › Last »
20 items/page

Diigo is about better ways to research, share and collaborate on information. Learn more »

Join Diigo