2

Giving Temporary Access To Your ASP.NET Web API Using Hawk

During the ASP.NET web development process, asp.net web developers can give temporary access to ASP.NET Web API using Hawk. What is Hawk? Hawk is an HTTP (Hyper Text Transfer Protocol) authentication protocol which is based on HMAC. Hawk helps ASP.NET developers to provide read-only access to a web API for some time. It is done by developers using a taken called ‘bewit’ which can be provided to a client by Web API. This token is valid only for HTTP GET calls. It can be used only for a specific period of time.

You can generate a bewit token using the following code:

var credential = new HawkCredential

{

Id = “dh37fgj492je”,

Key = “werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn”,

Algorithm = “hmacsha256″,

User = “john”

};

var bewit = Hawk.GetBewit(“localhost”,

new Uri(“http://localhost:8091/Api/HelloWorld”),

credential,

60000);

The GetBewit method assumes the following arguments

Host name

  • Complete request URI
  • Hawk credentials with info about the key and alogirthm to be used
  • A time-to-live setting for the token. It should be set for seconds.

This token serves as a string representation that can be added as an extra query string in Web API call.

new HttpRequestMessage(HttpMethod.Get,

“http://localhost:8091/Api/HelloWorld?bewit=” + bewit);

In this manner, you can share a link to your web API with a limited access for a short period of time. You will not have to share any security credentials. When it comes to service side it is very simple just as configuring the HawkMessageHandler as a component of the Web API configuration.

var handler = new HawkMessageHandler((id) =>

{

return new HawkCredential

{

Id = id,

Key = “werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn”,

Algorithm = “hmacsha256″,

User = “john”

};

});

config.MessageHandlers.Add(handler);

After this the handler can detect a bewit token in the query string by default. It will also perform all the necessary validations.

GD Star Rating
loading...
Opt In Image
Sign-up To Our Newsletter....
...And Get This FREE eBook!
  • Understand the phenomenon behind Google Sitelinks.
  • Increase the visibility and popularity of your Website.
  • Find out how you can improve the link structure of your site.
  • Determine how to put your Website on the Google Sitelinks map.
  • Learn how you can use Google Sitelinks to get more targeted-SEO traffic to your Website.
Filed in: Design, Technology Tags: , , , , , , , ,

Get Updates

Share This Post

Related Posts

2 Responses to "Giving Temporary Access To Your ASP.NET Web API Using Hawk"

  1. Ramy says:

    Great article .. i found it so useful for me .. I aslo blog about Programming in my own little blog Search You Are Such A Computer Guy

    GD Star Rating
    loading...
  2. Ramy says:

    Great article . I found is so useful for me .. i also blog IT specially programming .. Search You Are Such A Computer Guy
    Ramy recently posted..Introduction To Model-View-Controller (MVC)My Profile

    GD Star Rating
    loading...

Leave a Reply

Submit Comment

CommentLuv badge

This blog uses premium CommentLuv which allows you to put your keywords with your name if you have had 7 approved comments. Use your real name and then @ your keywords (maximum of 2).

© 2014 TechSling Weblog. All rights reserved.
Designed by TechSling Online.