Serge P Serge P - 2 months ago 60
C# Question

Owin auth - how to get IP address of client requesting the auth token

Using Owin Security, I'm trying to make the API have 2 methods of authentications.

Is there a property in the

context
variable (
OAuthGrantResourceOwnerCredentialsContext
) that lets me access the IP address of the client sending the initial request for an auth token to the API?

A basic strip of my auth method looks like so:

public override async Task GrantResourceOwnerCredentials(
OAuthGrantResourceOwnerCredentialsContext context)
{
await Task.Run(() =>
{
var remoteIpAddresss = context.Request.RemoteIpAddress;
var localIpAddress = context.Request.LocalIpAddress;


// ... authenticate process goes here (AddClaim, etc.)
}
}


From what I understand the
remoteIpAddress
and
localIpAddress
are the API's (i.e. where the API is hosted). How do I know from what IP address (and port) the request was sent from?

Would the client need to send this information themselves?

Should I add extra parameters to the auth path? (besides the typical
username
,
password
,
grant_type
)?

Answer

So, to answer my own question, correct me if I'm wrong but:

var remoteIpAddresss = context.Request.RemoteIpAddress;

is the client's IP Address (the user requesting the auth token), and

var localIpAddress = context.Request.LocalIpAddress;

is the Web Api's IP address (where the API is hosted).

Comments