public async Task ValidateAsync(ResourceOwnerPasswordValidationContext context)
        {
            var user = await _userManager.FindByNameAsync(context.UserName);

            if (user != null)
            {
                if (await _signInManager.CanSignInAsync(user))
                {
                    if (_userManager.SupportsUserLockout &&
                        await _userManager.IsLockedOutAsync(user))
                    {
                        context.Result = new GrantValidationResult(IdentityServer4.Models.TokenRequestErrors.InvalidGrant);
                    }
                    else if (await _userManager.CheckPasswordAsync(user, context.Password))
                    {
                        if (_userManager.SupportsUserLockout)
                        {
                            await _userManager.ResetAccessFailedCountAsync(user);
                        }

                        var sub = await _userManager.GetUserIdAsync(user);

                        context.Result = new GrantValidationResult(sub, AuthenticationMethods.Password);
                    }
                    else if (_userManager.SupportsUserLockout)
                    {
                        await _userManager.AccessFailedAsync(user);
                    }
                }
            }
        }
Beispiel #2
0
        public async Task <ProjectSecurityResult> ValidatePermissions(
            string projectId,
            string userName,
            string providedPassword,
            CancellationToken cancellationToken)
        {
            var displayName     = string.Empty;
            var isAuthenticated = false;
            var canEditPosts    = false;
            var canEditPages    = false;
            var timeZoneId      = userManager.Site.TimeZoneId;

            var authUser = await userManager.FindByNameAsync(userName);

            if (authUser != null)
            {
                isAuthenticated = await userManager.CheckPasswordAsync(authUser, providedPassword);
            }

            if (isAuthenticated)
            {
                var claimsPrincipal = await signInManager.CreateUserPrincipalAsync(authUser);

                if (string.IsNullOrEmpty(projectId))
                {
                    projectId = claimsPrincipal.GetProjectId();
                }

                if (string.IsNullOrEmpty(projectId))
                {
                    var project = await projectResolver.GetCurrentProjectSettings(cancellationToken);

                    if (project != null)
                    {
                        projectId = project.Id;
                    }
                }
                if (!string.IsNullOrEmpty(projectId))
                {
                    canEditPosts = await claimsPrincipal.CanEditBlog(projectId, authorizationService);

                    canEditPages = await claimsPrincipal.CanEditPages(projectId, authorizationService);
                }

                //displayName = claimsPrincipal.GetDisplayName();
                displayName = claimsPrincipal.Identity.Name;
                if (!string.IsNullOrWhiteSpace(authUser.TimeZoneId))
                {
                    timeZoneId = authUser.TimeZoneId;
                }
            }

            var blogSecurity = new ProjectSecurityResult(displayName, projectId, isAuthenticated, canEditPosts, canEditPages, timeZoneId);

            return(blogSecurity);
        }