Validate our “Owin OAuth2 Bearer Token” from other Application

Question

I successfully authenticate and obtain a Token from my Owin TokenEnpoint (Katana implementation), but when i then call let's say.. my Java Api I would like to validate the issued Token.

So I would like to be able to call my Owin endpoint and just validate my Token, without authenticating again.

Facebook or Google provide something like:

https://graph.facebook.com/debug_token?input_token={0}&access_token={1} https://www.googleapis.com/oauth2/v1/tokeninfo?access_token={0}

score 0 · Accepted Answer · answered Sep 06 '17 at 09:16

Just sharing some info on how I solved this..

Just create a new endpoint in your Web.Api or you can even filter your context.Request.Path for your "/tokencheck/" path.

then you can finally:

context.DeserializeTicket(context.Token);
context.OwinContext.Environment["Properties"] = context.Ticket.Properties;

This question will help you develop a working solution:

Get IPrincipal from OAuth Bearer Token in OWIN

Validate our “Owin OAuth2 Bearer Token” from other Application

1 Answers1