{"id":803,"date":"2016-09-16T14:48:55","date_gmt":"2016-09-16T11:48:55","guid":{"rendered":"https:\/\/gokhan-gokalp.com\/?p=803"},"modified":"2016-09-16T14:48:55","modified_gmt":"2016-09-16T11:48:55","slug":"asp-net-web-api-token-based-authentication-refresh-token-kullanimi","status":"publish","type":"post","link":"https:\/\/gokhan-gokalp.com\/tr\/asp-net-web-api-token-based-authentication-refresh-token-kullanimi\/","title":{"rendered":"Asp.Net Web API – Token Based Authentication Refresh Token Kullan\u0131m\u0131"},"content":{"rendered":"

Merhaba arkada\u015flar.<\/p>\n

Biraz aradan sonra tekrar\u00a0bir Asp.Net Web API makalesi ile kar\u015f\u0131n\u0131zday\u0131m. Daha\u00a0\u00f6nceki makalemde\u00a0Asp.Net Web API’da Token Based Authentication<\/a><\/em> nas\u0131l ger\u00e7ekle\u015ftirilir ve implemente edilir\u00a0konusunu ele\u00a0alm\u0131\u015ft\u0131m. Bu makale kapsam\u0131nda ise sizlerden gelen feedback’ler do\u011frultusunda ilerleyerek, Token Based Authentication kullan\u0131rken\u00a0Refresh Token<\/strong>\u00a0nas\u0131l implemente edilir ve nas\u0131l \u00e7al\u0131\u015f\u0131r\u00a0konusunu da ele\u00a0almaya karar verdim.<\/p>\n

\"token-authentication\"<\/a><\/p>\n

Refresh Token Nedir?<\/h4>\n

Refresh Token authorization server taraf\u0131ndan mevcutta olan Access Token’\u0131n expire s\u00fcresi sona ermeye yakla\u015ft\u0131\u011f\u0131nda veya sona erdi\u011finde,\u00a0yeni bir Access Token elde edebilmek\u00a0i\u00e7in client’a verilir. Refresh Token’\u0131n kullan\u0131m\u0131 opsiyonel olup, authorization server taraf\u0131ndan Access Token al\u0131naca\u011f\u0131 zaman, Refresh Token da beraberinde verilir.<\/p>\n

Not<\/strong>:\u00a0Unutulmamal\u0131d\u0131r ki Refresh Token, Access Token’\u0131n aksine sadece authorization server ile kullan\u0131lmak i\u00e7in tasarlanm\u0131\u015f olup, resource server’a g\u00f6nderilmemektedir.<\/p><\/blockquote>\n

Refresh Token Nas\u0131l \u00c7al\u0131\u015f\u0131r?<\/h4>\n

Dilerseniz Refresh Token’\u0131n \u00e7al\u0131\u015fma mant\u0131\u011f\u0131na, a\u015fa\u011f\u0131da \u00e7izmeye \u00e7al\u0131\u015ft\u0131\u011f\u0131m\u00a0sequence diyagram\u0131 \u00fczerinden\u00a0bir bakal\u0131m.<\/p>\n

\"refresh-token-mechanism\"<\/a><\/p>\n

 <\/p>\n

Yukar\u0131daki ak\u0131\u015fa bakt\u0131\u011f\u0131m\u0131zda, client \u00f6nce\u00a0authorization yetkilerini alabilmek i\u00e7in authorization server’a gidiyor ve buradan Access Token’\u0131 ve Refresh Token’\u0131 elde ediyor. Daha sonra Access Token ile birlikte resource server’a eri\u015febiliyor ve istedi\u011fi response’u alabiliyor. Daha sonra tekrardan ayn\u0131 Access Token bilgisi ile resource server’a geri geliyor ve bu sefer “invalid token error” hatas\u0131 ile kar\u015f\u0131la\u015f\u0131yor. Burada client’\u0131n Access Token bilgisinin expire oldu\u011funu g\u00f6r\u00fcyoruz. Client ilgili hatan\u0131n ard\u0131ndan daha \u00f6nce elde etmi\u015f oldu\u011fu Refresh Token’\u0131 kullanarak\u00a0resource server yerine,<\/strong> direkt olarak authorization server’a gidiyor ve yeni bir access token ve opsiyonel olarak varsa bir refresh token da elde ediyor. Ak\u0131\u015f bu \u015fekilde devam etmektedir.<\/p>\n

Refresh Token Implementasyonu<\/h4>\n

Implementasyon i\u015flemi t\u0131pk\u0131 Token Based Authentication’da oldu\u011fu gibi gayet basittir. Bu i\u015flemi “Microsoft.Owin.Security.Infrastructure” namespace’i alt\u0131nda bulunan\u00a0IAuthenticationTokenProvider<\/strong> interface’ini implemente ederek ger\u00e7ekle\u015ftirece\u011fiz. Implementasyon i\u015flemine ba\u015flamadan \u00f6nce\u00a0Asp.Net Web API’da Token Based Authentication<\/a>\u00a0<\/em>makalesine\u00a0geri d\u00f6n\u00fcp, makale sonundaki projeyi indirmemiz gerekmektedir. \u00d6rnek projeyi elde etti\u011fimize g\u00f6re, “OAuth>Providers” klas\u00f6r\u00fc alt\u0131nda\u00a0SimpleRefreshTokenProvider<\/strong> isminde yeni bir class ekleyelim.\u00a0IAuthenticationTokenProvider\u00a0<\/strong>interface’ini implemente edelim ve\u00a0Refresh Token’\u0131n olu\u015fturulabilmesini sa\u011flayacak olan “Create” method’unun implementasyonundan a\u015fa\u011f\u0131daki gibi ba\u015flayal\u0131m.<\/p>\n

using System.Linq;\r\nusing System.Threading.Tasks;\r\nusing Microsoft.Owin;\r\nusing Microsoft.Owin.Security.Infrastructure;\r\n\r\nnamespace AspNetWebAPIOAuth.OAuth.Providers\r\n{\r\n    public class SimpleRefreshTokenProvider : IAuthenticationTokenProvider\r\n    {\r\n        public async Task CreateAsync(AuthenticationTokenCreateContext context)\r\n        {\r\n            Create(context);\r\n        }\r\n\r\n        public void Create(AuthenticationTokenCreateContext context)\r\n        {\r\n            object owinCollection;\r\n            context.OwinContext.Environment.TryGetValue(\"Microsoft.Owin.Form#collection\", out owinCollection);\r\n\r\n            var grantType = ((FormCollection)owinCollection)?.GetValues(\"grant_type\").FirstOrDefault();\r\n\r\n            if (grantType == null || grantType.Equals(\"refresh_token\")) return;\r\n\r\n            \/\/Dilerseniz access_token'dan farkl\u0131 olarak refresh_token'\u0131n expire time'\u0131n\u0131 da belirleyebilir, uzatabilirsiniz \r\n            \/\/context.Ticket.Properties.ExpiresUtc = DateTime.UtcNow.AddMinutes(1);\r\n\r\n            context.SetToken(context.SerializeTicket());\r\n        }\r\n    }\r\n}<\/pre>\n
“CreateAsync” method’u i\u00e7erisinden “Create” method’unu \u00e7a\u011f\u0131r\u0131yoruz ve ayn\u0131 i\u015flemler i\u00e7in tekrardan bir kod tekrar\u0131 i\u015flemi ger\u00e7ekle\u015ftirmiyoruz. “Create” method’una bakt\u0131\u011f\u0131m\u0131zda ise “OwinContext.Environment” \u00fczerinden “Microsoft.Owin.Form#collection” key’i ile access_token alabilmek i\u00e7in g\u00f6nderilen parametrelere “FormCollection” \u00fczerinden a\u015fa\u011f\u0131daki gibi eri\u015fiyoruz.<\/p>\n
\"owincollection\"<\/a><\/p>\n
Burada “grant_type” parametresinin refresh_token olup olmad\u0131\u011f\u0131na bak\u0131yoruz ve bu duruma g\u00f6re context’e bir token set ediyoruz veya etmiyoruz. Bu kontrol\u00fc yapmam\u0131zdaki sebep ise access_token expire oldu\u011funda veya olmaya yak\u0131n oldu\u011funda client, refresh_token ile server’a geldi\u011finde tekrardan ge\u00e7erli\u00a0bir access_token daha \u00fcretilirken yeni bir refresh_token daha \u00fcretilmemesi i\u00e7indir. E\u011fer sizler business’\u0131n\u0131z gere\u011fi her seferinde yeni bir access_token \u00fcretilirken refresh_token’da \u00fcretilsin istiyorsan\u0131z, bu kontrol\u00fc bu noktada es ge\u00e7ebilirsiniz.<\/p>\n
Bu i\u015flemlere ek olarak da \u00fcretilen refresh_token’\u0131n expire s\u00fcresi, “Startup.cs” class’\u0131 i\u00e7erisinde daha \u00f6nceden AccessTokenExpireTimeSpan<\/strong> parametresi \u00fczerinden\u00a0access_token i\u00e7in belirlemi\u015f oldu\u011fumuz expire s\u00fcresi ile ayn\u0131 de\u011feri ta\u015f\u0131maktad\u0131r. Bu durumda e\u011fer spesifik olarak herhangi bir de\u011fer atamazsan\u0131z, access_token sona erdi\u011finde refresh_token’da sona erece\u011fi i\u00e7in yeni bir token \u00fcretilemeyecektir. “Create” method’u i\u00e7erisinde a\u015fa\u011f\u0131daki\u00a0kod par\u00e7ac\u0131\u011f\u0131 ile refresh_token’\u0131n expire s\u00fcresini spesifik olarak belirleyebilmek m\u00fcmk\u00fcnd\u00fcr.<\/p>\n
context.Ticket.Properties.ExpiresUtc = DateTime.UtcNow.AddMinutes(1);<\/pre>\n
Implementasyon i\u015flemine \u015fimdi “Receive” method’u ile devam edece\u011fiz. Bu method ise server’a refresh_token ile gelindi\u011finde, gerekli kontrolleri yaparak yeni bir access_token \u00fcretilmesinden sorumlu olan method’dur. Implementasyon i\u015flemini a\u015fa\u011f\u0131daki gibi ger\u00e7ekle\u015ftirelim.<\/p>\n
using System.Linq;\r\nusing System.Threading.Tasks;\r\nusing Microsoft.Owin;\r\nusing Microsoft.Owin.Security.Infrastructure;\r\n\r\nnamespace AspNetWebAPIOAuth.OAuth.Providers\r\n{\r\n    public class SimpleRefreshTokenProvider : IAuthenticationTokenProvider\r\n    {\r\n        public async Task ReceiveAsync(AuthenticationTokenReceiveContext context)\r\n        {\r\n            Receive(context);\r\n        }\r\n\r\n        public void Receive(AuthenticationTokenReceiveContext context)\r\n        {\r\n            context.DeserializeTicket(context.Token);\r\n\r\n            if (context.Ticket == null)\r\n            {\r\n                context.Response.StatusCode = 400;\r\n                context.Response.ContentType = \"application\/json\";\r\n                context.Response.ReasonPhrase = \"invalid token\";\r\n                return;\r\n            }\r\n\r\n            context.SetTicket(context.Ticket);\r\n        }\r\n    }\r\n}<\/pre>\n
“ReceiveAsync” method’u i\u00e7erisinden “Receive” method’unu \u00e7a\u011f\u0131r\u0131yoruz ve implementasyon\u00a0i\u015flemlerini burada ger\u00e7ekle\u015ftiriyoruz. Burada “context.Token” parametresi ile gelen token’\u0131, “context.DeserializeTicket” method’u ile token’\u0131n deserialization i\u015flemini ger\u00e7ekle\u015ftiriyoruz.\u00a0Deserialization i\u015fleminden sonra “context.Ticket” \u0131n null kontrol\u00fcn\u00fc ger\u00e7ekle\u015ftirip, context i\u00e7erisine “SetTicket” method’u ile token’\u0131\u00a0aktar\u0131yoruz. Bu i\u015flemlerin ard\u0131ndan Owin bizim i\u00e7in ge\u00e7erli di\u011fer kontrolleri de sa\u011flayarak, yeni bir access_token \u00fcretimini ger\u00e7ekle\u015ftirecektir. Null kontrol\u00fcnde ise sizlerinde bildi\u011fi \u00fczere ge\u00e7ersiz bir token gelmi\u015f ve deserialization i\u015flemi null olarak ger\u00e7ekle\u015fmi\u015ftir. Bu durumda context \u00fczerine “context.Ticket” property’sini set edemeyece\u011fimiz i\u00e7in i\u00e7erisinde 400 status koduna sahip “invalid token” response’unu geriye d\u00f6n\u00fcyoruz.<\/p>\n
Implementasyon i\u015flemi bu kadar \u015fimdi sadece olu\u015fturmu\u015f oldu\u011fumuz bu “SimpleRefreshTokenProvider” \u0131n “Startup.cs” i\u00e7erisine tan\u0131t\u0131lmas\u0131 kald\u0131. Bu i\u015flemin \u00f6ncesinde ise dilerseniz provider’\u0131n tam implemente edilmi\u015f bir halini g\u00f6relim.<\/p>\n
using System.Linq;\r\nusing System.Threading.Tasks;\r\nusing Microsoft.Owin;\r\nusing Microsoft.Owin.Security.Infrastructure;\r\n\r\nnamespace AspNetWebAPIOAuth.OAuth.Providers\r\n{\r\n    public class SimpleRefreshTokenProvider : IAuthenticationTokenProvider\r\n    {\r\n        public async Task CreateAsync(AuthenticationTokenCreateContext context)\r\n        {\r\n            Create(context);\r\n        }\r\n\r\n        public void Create(AuthenticationTokenCreateContext context)\r\n        {\r\n            object owinCollection;\r\n            context.OwinContext.Environment.TryGetValue(\"Microsoft.Owin.Form#collection\", out owinCollection);\r\n\r\n            var grantType = ((FormCollection)owinCollection)?.GetValues(\"grant_type\").FirstOrDefault();\r\n\r\n            if (grantType == null || grantType.Equals(\"refresh_token\")) return;\r\n\r\n            \/\/Dilerseniz access_token'dan farkl\u0131 olarak refresh_token'\u0131n expire time'\u0131n\u0131 da belirleyebilir, uzatabilirsiniz \r\n            \/\/context.Ticket.Properties.ExpiresUtc = DateTime.UtcNow.AddMinutes(1);\r\n\r\n            context.SetToken(context.SerializeTicket());\r\n        }\r\n\r\n        public async Task ReceiveAsync(AuthenticationTokenReceiveContext context)\r\n        {\r\n            Receive(context);\r\n        }\r\n\r\n        public void Receive(AuthenticationTokenReceiveContext context)\r\n        {\r\n            context.DeserializeTicket(context.Token);\r\n\r\n            if (context.Ticket == null)\r\n            {\r\n                context.Response.StatusCode = 400;\r\n                context.Response.ContentType = \"application\/json\";\r\n                context.Response.ReasonPhrase = \"invalid token\";\r\n                return;\r\n            }\r\n\r\n            context.SetTicket(context.Ticket);\r\n        }\r\n    }\r\n}<\/pre>\n
\u015eimdi “Startup.cs” i a\u00e7al\u0131m ve “ConfigureOAuth” method’u i\u00e7erisinde “RefreshTokenProvider” property’sini a\u015fa\u011f\u0131daki gibi tan\u0131mlayal\u0131m.<\/p>\n
OAuthAuthorizationServerOptions oAuthAuthorizationServerOptions = new OAuthAuthorizationServerOptions()\r\n{\r\n    TokenEndpointPath = new Microsoft.Owin.PathString(\"\/token\"), \/\/ token alaca\u011f\u0131m\u0131z path'i belirtiyoruz\r\n    AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(1),\r\n    AllowInsecureHttp = true,\r\n    Provider = new SimpleAuthorizationServerProvider(),\r\n    RefreshTokenProvider = new SimpleRefreshTokenProvider()\r\n};<\/pre>\n
Art\u0131k t\u00fcm yap\u0131\u00a0haz\u0131r durumda. Test i\u015flemlerimizi bir \u00f6nceki makalede de oldu\u011fu gibi Postman<\/strong> \u00fczerinden\u00a0ger\u00e7ekle\u015ftirece\u011fiz. \u00d6rne\u011fimizde access_token 1 dakikal\u0131k bir expire s\u00fcresine sahip olurken,\u00a0refresh_token ise 2 dakikal\u0131k bir s\u00fcreye sahip olacak. Projeyi\u00a0\u00e7al\u0131\u015ft\u0131ral\u0131m\u00a0ve Postman \u00fczerinden “http:\/\/localhost:55992\/token<\/em>” URI’\u0131na a\u015fa\u011f\u0131daki gibi bir POST request olu\u015ftural\u0131m.<\/p>\n
Headers\u2019e eklenecek parametreler:<\/p>\n
Header<\/strong>: Accept \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0Value<\/strong>: application\/json
\nHeader<\/strong>: Content-Type \u00a0 \u00a0 Value<\/strong>: application\/x-www-form-urlencoded<\/p>\n
Body k\u0131sm\u0131na eklenecek parametreleri de a\u015fa\u011f\u0131daki gibi set edelim ve POST i\u015flemini ger\u00e7ekle\u015ftirelim.<\/p>\n
\"access_token_1\"<\/a><\/p>\n
POST i\u015fleminin sonucunda “access_token” ve “refresh_token” \u0131 elde ettik. “expires_in” property’sinde ise 1 dakikal\u0131k bir s\u00fcreye sahip olabildi\u011fini g\u00f6rebiliyoruz.<\/p>\n
“access_token” \u0131 kullanarak bir \u00f6nceki makalemizde oldu\u011fu gibi “Orders” resource’unu kullanal\u0131m. Bunun i\u00e7in yine Postman \u00fczerinden “http:\/\/localhost:55992\/api\/orders\/list<\/em>” URI’\u0131na a\u015fa\u011f\u0131daki Headers parametrelerini kullanarak bir GET iste\u011finde bulunal\u0131m ve execute edelim.<\/p>\n
\"access_token_2\"<\/a><\/p>\n
“Orders” resource’unu access_token ile ba\u015far\u0131l\u0131 bir \u015fekilde consume edebildik. 1 dakikan\u0131n sonunda ise ayn\u0131 access_token ile ayn\u0131 resource’a tekrardan bir GET iste\u011finde bulunal\u0131m ve response’a bir bakal\u0131m.<\/p>\n
\"access_token_3\"<\/a><\/p>\n
Ge\u00e7en 1 dakikan\u0131n ard\u0131ndan g\u00f6rd\u00fc\u011f\u00fcm\u00fcz gibi access_token expire oldu\u011fu i\u00e7in “Authorization has been denied for this request.” hatas\u0131n\u0131 ald\u0131k. Hat\u0131rlarsak refresh_token’\u0131n expire s\u00fcresini ise 2 dakika olarak belirleyece\u011fiz demi\u015ftik. Hemen tekrardan “http:\/\/localhost:55992\/token<\/em>” URI’\u0131na refresh_token’\u0131 kullanarak a\u015fa\u011f\u0131daki gibi bir POST iste\u011finde bulunal\u0131m.<\/p>\n
Headers\u2019e eklenecek parametreler:<\/p>\n
Header<\/strong>: Accept \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0Value<\/strong>: application\/json
\nHeader<\/strong>: Content-Type \u00a0 \u00a0 Value<\/strong>: application\/x-www-form-urlencoded<\/p>\n
Body k\u0131sm\u0131na eklenecek parametreleri de a\u015fa\u011f\u0131daki gibi set edelim ve POST i\u015flemini ger\u00e7ekle\u015ftirelim.<\/p>\n
\"access_token_4\"<\/a><\/p>\n
Body k\u0131sm\u0131nda ise bu sefer “grant_type” \u0131 “refresh_token” olarak set ederken, “refresh_token” parametresini ise ilk access_token al\u0131rken elde etti\u011fimiz de\u011feri set ettik. Bu i\u015flemlerin sonucunda ise yukar\u0131daki resimde oldu\u011fu gibi yeni bir access_token elde ettik.<\/p>\n
Bir konunun daha\u00a0sonuna geldik,\u00a0umar\u0131m herkes i\u00e7in faydal\u0131 bir yaz\u0131 olmu\u015ftur. Ge\u00e7mi\u015f kurban bayram\u0131n\u0131z\u0131 kutlar ve takipte kalman\u0131z\u0131 temenni ederim.<\/p>\n
\u00d6rnek uygulamaya a\u015fa\u011f\u0131dan eri\u015febilirsiniz.<\/p>\n
aspnetwebapioauth<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
Merhaba arkada\u015flar. Biraz aradan sonra tekrar\u00a0bir Asp.Net Web API makalesi ile kar\u015f\u0131n\u0131zday\u0131m. Daha\u00a0\u00f6nceki makalemde\u00a0Asp.Net Web API’da Token Based Authentication nas\u0131l ger\u00e7ekle\u015ftirilir ve implemente edilir\u00a0konusunu ele\u00a0alm\u0131\u015ft\u0131m. Bu makale kapsam\u0131nda ise sizlerden gelen feedback’ler do\u011frultusunda ilerleyerek, Token Based Authentication kullan\u0131rken\u00a0Refresh Token\u00a0nas\u0131l implemente edilir ve nas\u0131l \u00e7al\u0131\u015f\u0131r\u00a0konusunu da…<\/p>\n
Devam\u0131n\u0131 okuyunAsp.Net Web API – Token Based Authentication Refresh Token Kullan\u0131m\u0131<\/span><\/a><\/div>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[48],"tags":[116,119,272,275,117,115,112,113,114,271,273,276,118,274],"class_list":["post-803","post","type-post","status-publish","format-standard","hentry","category-asp-net-web-api","tag-access-token","tag-asp-net-web-api-guvenlik","tag-asp-net-web-api-refresh-token","tag-asp-net-web-api-refresh-token-kullanimi","tag-asp-net-web-api-token-based-authentication","tag-bearer-token","tag-oauth","tag-oauth-2-0","tag-owin-oauth","tag-refresh-token","tag-refresh-token-kullanimi","tag-refresh-token-nedir","tag-token-based-authentication","tag-token-based-authentication-refresh-token-kullanimi","entry"],"translation":{"provider":"WPGlobus","version":"3.0.2","language":"tr","enabled_languages":["en","tr"],"languages":{"en":{"title":true,"content":true,"excerpt":false},"tr":{"title":false,"content":false,"excerpt":false}}},"yoast_head":"\nAsp.Net Web API - Token Based Authentication Refresh Token Kullan\u0131m\u0131 - G\u00f6khan G\u00f6kalp<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/gokhan-gokalp.com\/asp-net-web-api-token-based-authentication-refresh-token-kullanimi\/\" \/>\n<meta property=\"og:locale\" content=\"tr_TR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Asp.Net Web API - Token Based Authentication Refresh Token Kullan\u0131m\u0131 - G\u00f6khan G\u00f6kalp\" \/>\n<meta property=\"og:url\" content=\"https:\/\/gokhan-gokalp.com\/asp-net-web-api-token-based-authentication-refresh-token-kullanimi\/\" \/>\n<meta property=\"og:site_name\" content=\"G\u00f6khan G\u00f6kalp\" \/>\n<meta property=\"article:published_time\" content=\"2016-09-16T11:48:55+00:00\" \/>\n<meta name=\"author\" content=\"G\u00f6khan G\u00f6kalp\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Yazan:\" \/>\n\t<meta name=\"twitter:data1\" content=\"G\u00f6khan G\u00f6kalp\" \/>\n\t<meta name=\"twitter:label2\" content=\"Tahmini okuma s\u00fcresi\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 dakika\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/gokhan-gokalp.com\\\/asp-net-web-api-token-based-authentication-refresh-token-kullanimi\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/gokhan-gokalp.com\\\/asp-net-web-api-token-based-authentication-refresh-token-kullanimi\\\/\"},\"author\":{\"name\":\"G\u00f6khan G\u00f6kalp\",\"@id\":\"https:\\\/\\\/gokhan-gokalp.com\\\/#\\\/schema\\\/person\\\/7e2a7fa98babd22a5fdae563c4b8cdbe\"},\"headline\":\"Asp.Net Web API – Token Based Authentication Refresh Token Kullan\u0131m\u0131\",\"datePublished\":\"2016-09-16T11:48:55+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/gokhan-gokalp.com\\\/asp-net-web-api-token-based-authentication-refresh-token-kullanimi\\\/\"},\"wordCount\":1305,\"commentCount\":20,\"publisher\":{\"@id\":\"https:\\\/\\\/gokhan-gokalp.com\\\/#\\\/schema\\\/person\\\/7e2a7fa98babd22a5fdae563c4b8cdbe\"},\"keywords\":[\"Access Token\",\"Asp.Net Web API G\u00fcvenlik\",\"Asp.Net Web API Refresh Token\",\"Asp.Net Web API Refresh Token Kullan\u0131m\u0131\",\"Asp.net Web API Token Based Authentication\",\"Bearer Token\",\"OAuth\",\"OAuth 2.0\",\"Owin OAuth\",\"Refresh Token\",\"Refresh Token Kullan\u0131m\u0131\",\"Refresh Token Nedir\",\"Token Based Authentication\",\"Token Based Authentication Refresh Token Kullan\u0131m\u0131\"],\"articleSection\":[\"Asp.Net Web API\"],\"inLanguage\":\"tr\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/gokhan-gokalp.com\\\/asp-net-web-api-token-based-authentication-refresh-token-kullanimi\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/gokhan-gokalp.com\\\/asp-net-web-api-token-based-authentication-refresh-token-kullanimi\\\/\",\"url\":\"https:\\\/\\\/gokhan-gokalp.com\\\/asp-net-web-api-token-based-authentication-refresh-token-kullanimi\\\/\",\"name\":\"Asp.Net Web API - Token Based Authentication Refresh Token Kullan\u0131m\u0131 - G\u00f6khan G\u00f6kalp\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/gokhan-gokalp.com\\\/#website\"},\"datePublished\":\"2016-09-16T11:48:55+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/gokhan-gokalp.com\\\/asp-net-web-api-token-based-authentication-refresh-token-kullanimi\\\/#breadcrumb\"},\"inLanguage\":\"tr\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/gokhan-gokalp.com\\\/asp-net-web-api-token-based-authentication-refresh-token-kullanimi\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/gokhan-gokalp.com\\\/asp-net-web-api-token-based-authentication-refresh-token-kullanimi\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/gokhan-gokalp.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Asp.Net Web API – Token Based Authentication Refresh Token Kullan\u0131m\u0131\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/gokhan-gokalp.com\\\/#website\",\"url\":\"https:\\\/\\\/gokhan-gokalp.com\\\/\",\"name\":\"G\u00f6khan G\u00f6kalp\",\"description\":\"C# & Python lover\",\"publisher\":{\"@id\":\"https:\\\/\\\/gokhan-gokalp.com\\\/#\\\/schema\\\/person\\\/7e2a7fa98babd22a5fdae563c4b8cdbe\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/gokhan-gokalp.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"tr\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\\\/\\\/gokhan-gokalp.com\\\/#\\\/schema\\\/person\\\/7e2a7fa98babd22a5fdae563c4b8cdbe\",\"name\":\"G\u00f6khan G\u00f6kalp\",\"pronouns\":\"he\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"tr\",\"@id\":\"https:\\\/\\\/gokhan-gokalp.com\\\/wp-content\\\/litespeed\\\/avatar\\\/e645f66b6264ced10d7b6d8b1f85509b.jpg?ver=1777985325\",\"url\":\"https:\\\/\\\/gokhan-gokalp.com\\\/wp-content\\\/litespeed\\\/avatar\\\/e645f66b6264ced10d7b6d8b1f85509b.jpg?ver=1777985325\",\"contentUrl\":\"https:\\\/\\\/gokhan-gokalp.com\\\/wp-content\\\/litespeed\\\/avatar\\\/e645f66b6264ced10d7b6d8b1f85509b.jpg?ver=1777985325\",\"caption\":\"G\u00f6khan G\u00f6kalp\"},\"logo\":{\"@id\":\"https:\\\/\\\/gokhan-gokalp.com\\\/wp-content\\\/litespeed\\\/avatar\\\/e645f66b6264ced10d7b6d8b1f85509b.jpg?ver=1777985325\"},\"sameAs\":[\"https:\\\/\\\/gokhan-gokalp.com\"],\"url\":\"https:\\\/\\\/gokhan-gokalp.com\\\/tr\\\/author\\\/gok-gokalp\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Asp.Net Web API - Token Based Authentication Refresh Token Kullan\u0131m\u0131 - G\u00f6khan G\u00f6kalp","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/gokhan-gokalp.com\/asp-net-web-api-token-based-authentication-refresh-token-kullanimi\/","og_locale":"tr_TR","og_type":"article","og_title":"Asp.Net Web API - Token Based Authentication Refresh Token Kullan\u0131m\u0131 - G\u00f6khan G\u00f6kalp","og_url":"https:\/\/gokhan-gokalp.com\/asp-net-web-api-token-based-authentication-refresh-token-kullanimi\/","og_site_name":"G\u00f6khan G\u00f6kalp","article_published_time":"2016-09-16T11:48:55+00:00","author":"G\u00f6khan G\u00f6kalp","twitter_card":"summary_large_image","twitter_misc":{"Yazan:":"G\u00f6khan G\u00f6kalp","Tahmini okuma s\u00fcresi":"8 dakika"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/gokhan-gokalp.com\/asp-net-web-api-token-based-authentication-refresh-token-kullanimi\/#article","isPartOf":{"@id":"https:\/\/gokhan-gokalp.com\/asp-net-web-api-token-based-authentication-refresh-token-kullanimi\/"},"author":{"name":"G\u00f6khan G\u00f6kalp","@id":"https:\/\/gokhan-gokalp.com\/#\/schema\/person\/7e2a7fa98babd22a5fdae563c4b8cdbe"},"headline":"Asp.Net Web API – Token Based Authentication Refresh Token Kullan\u0131m\u0131","datePublished":"2016-09-16T11:48:55+00:00","mainEntityOfPage":{"@id":"https:\/\/gokhan-gokalp.com\/asp-net-web-api-token-based-authentication-refresh-token-kullanimi\/"},"wordCount":1305,"commentCount":20,"publisher":{"@id":"https:\/\/gokhan-gokalp.com\/#\/schema\/person\/7e2a7fa98babd22a5fdae563c4b8cdbe"},"keywords":["Access Token","Asp.Net Web API G\u00fcvenlik","Asp.Net Web API Refresh Token","Asp.Net Web API Refresh Token Kullan\u0131m\u0131","Asp.net Web API Token Based Authentication","Bearer Token","OAuth","OAuth 2.0","Owin OAuth","Refresh Token","Refresh Token Kullan\u0131m\u0131","Refresh Token Nedir","Token Based Authentication","Token Based Authentication Refresh Token Kullan\u0131m\u0131"],"articleSection":["Asp.Net Web API"],"inLanguage":"tr","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/gokhan-gokalp.com\/asp-net-web-api-token-based-authentication-refresh-token-kullanimi\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/gokhan-gokalp.com\/asp-net-web-api-token-based-authentication-refresh-token-kullanimi\/","url":"https:\/\/gokhan-gokalp.com\/asp-net-web-api-token-based-authentication-refresh-token-kullanimi\/","name":"Asp.Net Web API - Token Based Authentication Refresh Token Kullan\u0131m\u0131 - G\u00f6khan G\u00f6kalp","isPartOf":{"@id":"https:\/\/gokhan-gokalp.com\/#website"},"datePublished":"2016-09-16T11:48:55+00:00","breadcrumb":{"@id":"https:\/\/gokhan-gokalp.com\/asp-net-web-api-token-based-authentication-refresh-token-kullanimi\/#breadcrumb"},"inLanguage":"tr","potentialAction":[{"@type":"ReadAction","target":["https:\/\/gokhan-gokalp.com\/asp-net-web-api-token-based-authentication-refresh-token-kullanimi\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/gokhan-gokalp.com\/asp-net-web-api-token-based-authentication-refresh-token-kullanimi\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/gokhan-gokalp.com\/"},{"@type":"ListItem","position":2,"name":"Asp.Net Web API – Token Based Authentication Refresh Token Kullan\u0131m\u0131"}]},{"@type":"WebSite","@id":"https:\/\/gokhan-gokalp.com\/#website","url":"https:\/\/gokhan-gokalp.com\/","name":"G\u00f6khan G\u00f6kalp","description":"C# & Python lover","publisher":{"@id":"https:\/\/gokhan-gokalp.com\/#\/schema\/person\/7e2a7fa98babd22a5fdae563c4b8cdbe"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/gokhan-gokalp.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"tr"},{"@type":["Person","Organization"],"@id":"https:\/\/gokhan-gokalp.com\/#\/schema\/person\/7e2a7fa98babd22a5fdae563c4b8cdbe","name":"G\u00f6khan G\u00f6kalp","pronouns":"he","image":{"@type":"ImageObject","inLanguage":"tr","@id":"https:\/\/gokhan-gokalp.com\/wp-content\/litespeed\/avatar\/e645f66b6264ced10d7b6d8b1f85509b.jpg?ver=1777985325","url":"https:\/\/gokhan-gokalp.com\/wp-content\/litespeed\/avatar\/e645f66b6264ced10d7b6d8b1f85509b.jpg?ver=1777985325","contentUrl":"https:\/\/gokhan-gokalp.com\/wp-content\/litespeed\/avatar\/e645f66b6264ced10d7b6d8b1f85509b.jpg?ver=1777985325","caption":"G\u00f6khan G\u00f6kalp"},"logo":{"@id":"https:\/\/gokhan-gokalp.com\/wp-content\/litespeed\/avatar\/e645f66b6264ced10d7b6d8b1f85509b.jpg?ver=1777985325"},"sameAs":["https:\/\/gokhan-gokalp.com"],"url":"https:\/\/gokhan-gokalp.com\/tr\/author\/gok-gokalp\/"}]}},"_links":{"self":[{"href":"https:\/\/gokhan-gokalp.com\/tr\/wp-json\/wp\/v2\/posts\/803","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/gokhan-gokalp.com\/tr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/gokhan-gokalp.com\/tr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/gokhan-gokalp.com\/tr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/gokhan-gokalp.com\/tr\/wp-json\/wp\/v2\/comments?post=803"}],"version-history":[{"count":5,"href":"https:\/\/gokhan-gokalp.com\/tr\/wp-json\/wp\/v2\/posts\/803\/revisions"}],"predecessor-version":[{"id":819,"href":"https:\/\/gokhan-gokalp.com\/tr\/wp-json\/wp\/v2\/posts\/803\/revisions\/819"}],"wp:attachment":[{"href":"https:\/\/gokhan-gokalp.com\/tr\/wp-json\/wp\/v2\/media?parent=803"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/gokhan-gokalp.com\/tr\/wp-json\/wp\/v2\/categories?post=803"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/gokhan-gokalp.com\/tr\/wp-json\/wp\/v2\/tags?post=803"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}