private static void ConfigureOAuthTokenGeneration( this IAppBuilder app, bool allowInsecureHttp, string tokenEndpointPath, TimeSpan accessTokenExpireTimeSpan, AllowedOrigins allowedOrigins, string issuer, string audienceId, byte[] audienceSecret, Func <UserName, Password, Task <bool> > verifyCredentials, Func <UserName, ClaimsIdentity, Task> fillClaims) { var oAuthServerOptions = new OAuthAuthorizationServerOptions { TokenEndpointPath = new PathString(tokenEndpointPath), AccessTokenExpireTimeSpan = accessTokenExpireTimeSpan, Provider = new JwtOAuthProvider(allowedOrigins, verifyCredentials, fillClaims), AccessTokenFormat = new JwtTokenFormat(issuer, audienceId, audienceSecret) }; if (allowInsecureHttp) { oAuthServerOptions.AllowInsecureHttp = true; } app.UseOAuthAuthorizationServer(oAuthServerOptions); }
/// <summary> /// Creates a new instance of <see cref="JwtOAuthProvider"/> /// </summary> /// <param name="allowedOrigins">A list of allowed origins represented by an instance of type <see cref="AllowedOrigins"/></param> /// <param name="verifyCredentials">Async function call which verifies credentials</param> /// <param name="fillClaims">Async function call which adds claims to the <see cref="ClaimsIdentity"/> object</param> public JwtOAuthProvider( AllowedOrigins allowedOrigins, Func <UserName, Password, Task <bool> > verifyCredentials, Func <UserName, ClaimsIdentity, Task> fillClaims) { this.allowedOrigins = allowedOrigins; this.verifyCredentials = verifyCredentials; this.fillClaims = fillClaims; }
/// <summary> /// Allows origins by adding them to the response header with the "Access-Control-Allow-Origin" key /// </summary> /// <param name="context">The context to allow origins on</param> /// <param name="allowedOrigins">A list of allowed origins represented by an instance of type <see cref="AllowedOrigins"/></param> public static void AllowOrigins( this OAuthGrantResourceOwnerCredentialsContext context, AllowedOrigins allowedOrigins) { context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", allowedOrigins); }