public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
var allowedOrigin = context.OwinContext.Get <string>("as:clientAllowedOrigin");
if (allowedOrigin == null)
{
allowedOrigin = "*";
}
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin });
UnitOfWork u = new UnitOfWork(ReadConfiguration.ConnectionString, ReadConfiguration.DataBaseName);
AuthenticateService authenticateService = new AuthenticateService(u);
// Validate your user and base on validation return claim identity or invalid_grant error
string email = context.UserName;
string password = context.Password;
var requestParameters = await context.Request.ReadFormAsync();
var OTP = requestParameters["OTP"];
var loginType = requestParameters["loginType"];
bool IsExpired = false;
if (loginType == "user")
{
var authenticateResponse = authenticateService.AuthenticateUser(email, password, ref IsExpired);
if (authenticateResponse.Success)
{
UserModel userModel = (UserModel)authenticateResponse.Data;
string userGroups = "";
if (userModel.UserGroups != null && userModel.UserGroups.Count > 0)
{
foreach (string group in userModel.UserGroups)
{
userGroups += group + ",";
}
userGroups = userGroups.Substring(0, userGroups.Length - 1);
}
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
identity.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
identity.AddClaim(new Claim(ClaimTypes.Role, "user"));
identity.AddClaim(new Claim("sub", context.UserName));
identity.AddClaim(new Claim("Email", context.UserName));
identity.AddClaim(new Claim("OrganizationID", userModel.OrganizationID.ToString()));
identity.AddClaim(new Claim("UserID", userModel.UserID));
identity.AddClaim(new Claim("RoleID", userModel.RoleID));
identity.AddClaim(new Claim("DatasourceIds", userModel.CommaSeperatedDatasourceIds));
identity.AddClaim(new Claim("fullName", userModel.FirstName + " " + userModel.LastName));
identity.AddClaim(new Claim("UserGroups", userGroups));
identity.AddClaim(new Claim("PlanPermissionIds", userModel.CommaSeperatedPlanPermissionIds));
var props = new AuthenticationProperties(new Dictionary <string, string> {
{ "userName", context.UserName },
{ "fullName", userModel.FirstName + " " + userModel.LastName },
{ "RoleID", userModel.RoleID },
{ "IsExpired", IsExpired.ToString() },
{ "PlanPermissionIds", userModel.CommaSeperatedPlanPermissionIds },
});
var ticket = new AuthenticationTicket(identity, props);
context.Validated(ticket);
}
else
{
context.SetError("invalid_grant", authenticateResponse.Message);
// context.SetError("invalid_grant", "The user name or password is incorrect.");
return;
}
}
else
{
if (OTP != null)
{
var authenticateResponse = authenticateService.AuthenticateSuperAdmin(email, password, OTP);
// if (((email == "admin") && (password == "admin")) || ((email == "jignesh") && (password == "abc")))
if (authenticateResponse.Success)
{
UserModel userModel = (UserModel)authenticateResponse.Data;
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
identity.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
identity.AddClaim(new Claim(ClaimTypes.Role, "user"));
identity.AddClaim(new Claim("sub", context.UserName));
identity.AddClaim(new Claim("Email", context.UserName));
identity.AddClaim(new Claim("OrganizationID", userModel.OrganizationID.ToString()));
identity.AddClaim(new Claim("UserID", userModel.UserID));
identity.AddClaim(new Claim("RoleID", userModel.RoleID));
//identity.AddClaim(new Claim("DatasourceIds", userModel.CommaSeperatedDatasourceIds));
identity.AddClaim(new Claim("fullName", userModel.FirstName + " " + userModel.LastName));
var props = new AuthenticationProperties(new Dictionary <string, string> {
{ "userName", context.UserName },
{ "fullName", userModel.FirstName + " " + userModel.LastName },
{ "RoleID", userModel.RoleID },
});
var ticket = new AuthenticationTicket(identity, props);
context.Validated(ticket);
authenticateService.EmptyOTP(email, password);
}
else
{
context.SetError("invalid_grant", "The user name or password or OTP is incorrect.");
return;
}
}
else
{
context.SetError("invalid_grant", "Please Enter OTP");
return;
}
}
}
