Yesterday I tried to find out what it takes to connect a Nancy application to AuthorizationServer. Given the OWIN promise, the “hard parts” like JWT validation should come for free now:
public class Startup
public void Configuration(IAppBuilder app)
// validate JWT tokens from AuthorizationServer
…and in the Nancy module I simply have to reach into the OWIN context to retrieve the ClaimsPrincipal like this:
public class IdentityModule : NancyModule
Get["/api/identity"] = _ =>
var principal = Context.GetOwinPrincipal();
var claims = from c in principal.Claims
select new ViewClaim
Type = c.Type,
Value = c.Value
This was my first ever Nancy code and writing this sample took me (with the help of @grumpydev and @randompunter – thanks guys) around 20 minutes. Kudos!
Note: I was told that the Nancy/OWIN/Security integration is not done yet. The above code will be more elegant once it is. Things like module level security settings and no direct dependency to ClaimsPrincipal will soon be included.
Nancy makes it really easy to write Web APIs and has has support for view engines outside of IIS *today* – this makes it really compelling IMO!
Sample is here.