I am looking for working examples for a SS restful service that implements oAuth2.0 authorization of requests from *any* kind of client (not just a SS client).
I don't want the web service to support its own authentication like the
socialbootstrapapi sample does.
Authentication needs to be performed by a separate client application (i.e.
ASP.NET MVC 5.0 or Mobile Phone client).
The client should manage the handshake with the authorization provider and get the accesstoken and embed that in the 'Authorization' header of the request to the SS service.
I have studied and experimented with
dylanbeaties excellent example
in github, but this demonstrates authorization only for a custom authorization server.
I like the attribute pattern demonstrated there, I just can't get it working in an integration test for a public provider (i.e. google, facebook, etc).
I'd like to see a working sample of a service that authorizes a request with access token obtained from google or facebook or some other public provider, and the client side code that creates the access token, running from an integration test in VS (that is not a web client, using a google/facebook usn+pwd).
To be clear, what I am trying to create is a web service that should support oAuth2.0 authorisation, where the accesstokens could come from any number of providers (i.e. facebook, google, or my own custom one).
Seems like a pretty common scenario for building a scalable public service these days.
But finding working examples and documentation for this scenario is very difficult.
Could I propose someone builds another version the socialbootstrapapi (or variant of) example that separates client from service?
regards,