Azure Mobile Services token validation in Web API and MVC

1
votes

I have a Xamarin mobile app that uses the Azure Mobile Services SDK to authenticate a user against social providers. I get the token and attach it to http request hitting my Web API ASP.NET application (that I'm deploying as an Azure Cloud Service) as a bearer token.

I need to validate the bearer token and get a ClaimsIdentity to work with in my ApiController. Do I need to use the Mobile Service .NET Backend nuget packages for this? How can I?

EDIT:

  1. Created an empty ASP.NET application Added a Web API controller

  2. Installed Mobile Services .NET Backend nuget package

  3. Set appsettings values for keys MS_MobileServiceName, MS_MasterKey, MS_ApplicationKey from values in Azure Management Console

  4. Set [AuthorizeLevel(AuthorizationLevel.User)] on my HttpGet operation in my ApiController

  5. Cast User to ServiceUser

  6. Create http request with bearer token from Google Auth thru Azure Mobile Service SDK

  7. User is null!

1
c#asp.netasp.net-web-apiazure-mobile-servicesjwt

1 Answers

0
votes

Use attributes such as 

[AuthorizeLevel(AuthorizationLevel.Anonymous)]

[AuthorizeLevel(AuthorizationLevel.User)]

On the methods in your API to validate depending on which role you want.

Then use

var currentUser = User as ServiceUser;

to get the current user in the method, if the AuthorizationLevel is not Anonymous.

And setup your AppSettings as necessary. Change the MasterKey and ApplicationKey if you are testing the MobileService on localhost.

 <appSettings>
    <!-- Use these settings for local development. After publishing to 
    Mobile Services, these settings will be overridden by the values specified
    in the portal. -->
    <add key="MS_MobileServiceName" value="[NAME HERE]" />
    <add key="MS_MasterKey" value="[INSERT HERE]" />
    <add key="MS_ApplicationKey" value="[INSERT HERE]" />
    <add key="MS_MicrosoftClientID" value="Overridden by portal settings" />
    <add key="MS_MicrosoftClientSecret" value="Overridden by portal settings" />
    <add key="MS_FacebookAppID" value="Overridden by portal settings" />
    <add key="MS_FacebookAppSecret" value="Overridden by portal settings" />
    <add key="MS_GoogleClientID" value="Overridden by portal settings" />
    <add key="MS_GoogleClientSecret" value="Overridden by portal settings" />
    <add key="MS_TwitterConsumerKey" value="Overridden by portal settings" />
    <add key="MS_TwitterConsumerSecret" value="Overridden by portal settings" />
    <add key="MS_AadClientID" value="Overridden by portal settings" />
    <add key="MS_AadTenants" value="Overridden by portal settings" />
    <!-- When using this setting, be sure to also set the Notification Hubs connection
    string named "MS_NotificationHubConnectionString". -->
    <add key="MS_NotificationHubName" value="Overridden by portal settings" />
    <add key="Microsoft.ServiceBus.ConnectionString" value="Endpoint=sb://[your namespace].servicebus.windows.net;SharedSecretIssuer=owner;SharedSecretValue=[your secret]" />
  </appSettings>