Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
ASP.NET Web API Using Hawk
1. Giving Temporary Access To Your ASP.NET Web API Using Hawk
During the ASP.NET web development process, asp.net web developers can give temporary access
to ASP.NET Web API using Hawk. What is Hawk? Hawk is an HTTP (Hyper Text Transfer Protocol)
authentication protocol which is based on HMAC. Hawk helps ASP.NET developers to provide
read-only access to a web API for some time. It is done by developers using a taken called 'bewit'
which can be provided to a client by Web API. This token is valid only for HTTP GET calls. It can be
used only for a specific period of time.
You can generate a bewit token using the following code:
var credential = new HawkCredential
{
Id = "dh37fgj492je",
Key = "werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn",
Algorithm = "hmacsha256",
User = "john"
};
var bewit = Hawk.GetBewit("localhost",
new Uri("http://localhost:8091/Api/HelloWorld"),
credential,
60000);
The GetBewit method assumes the following arguments
Host name
• Complete request URI
• Hawk credentials with info about the key and alogirthm to be used
• A time-to-live setting for the token. It should be set for seconds.
This token serves as a string representation that can be added as an extra query string in Web API
call.
new HttpRequestMessage(HttpMethod.Get,
"http://localhost:8091/Api/HelloWorld?bewit=" + bewit);
In this manner, you can share a link to your web API with a limited access for a short period of
time. You will not have to share any security credentials. When it comes to service side it is very
simple just as configuring the HawkMessageHandler as a component of the Web API
configuration.
var handler = new HawkMessageHandler((id) =>
{
return new HawkCredential
{
Id = id,
Key = "werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn",
Algorithm = "hmacsha256",
User = "john"
};
});
config.MessageHandlers.Add(handler);
After this the handler can detect a bewit token in the query string by default. It will also perform
all the necessary validations.
For More information Click here
Thanks & Regards