So we are trying to make oauth authorization with decoupled auth server and many resource servers. We are using ISS servers for them and validating access tokens using machine key.
<machineKey validationKey="VALUE GOES HERE"
decryptionKey="VALUE GOES HERE"
validation="SHA1"
decryption="AES"/>
Now, we have a task to make resource server who is on ubuntu server with nginx and php7. Is it possible to use this machinekey for validation in this server? If yes, then how?
There are many options to implement out there, but ima go straight to the point:
Is it possible to use this machinekey for validation in this server?
Yes, it is... You can use almost anything you want for validation.
If yes, then how?
PHP Logical Operators basically:
if ($key1 == "VALUE GOES HERE" && $key2 == "VALUE GOES HERE" && $key3 == "SHA1" && &key4 == "AES" ) {
echo "Execute my whole code!!!";
} else {
echo "Yeah, maybe we shouldn't execute that code";
}