public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
var userManager = context.OwinContext.GetUserManager<ApplicationUserManager>();
ApplicationUser user = await userManager.FindAsync(context.UserName, context.Password);
// We need the token service to add the below header when the provider issues the token. This code adds a
// response header and specifies a URL. This is the same port where our client application is running. It's
// the same port we granted access to in the angular product controller.
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "http://localhost:56077" });
if (user == null)
{
context.SetError("invalid_grant", "The user name or password is incorrect.");
return;
}
ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(userManager,
OAuthDefaults.AuthenticationType);
ClaimsIdentity cookiesIdentity = await user.GenerateUserIdentityAsync(userManager,
CookieAuthenticationDefaults.AuthenticationType);
AuthenticationProperties properties = CreateProperties(user.UserName);
AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, properties);
context.Validated(ticket);
context.Request.Context.Authentication.SignIn(cookiesIdentity);
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
var userManager = context.OwinContext.GetUserManager<ApplicationUserManager>();
ApplicationUser user = await userManager.FindAsync(context.UserName, context.Password);
if (user == null)
{
context.SetError("invalid_grant", "The user name or password is incorrect.");
return;
}
if (context.Request.Headers["devicetoken"] != null)
{
if (user.DeviceToken != context.Request.Headers["devicetoken"])
{
user.DeviceToken = context.Request.Headers["devicetoken"];
userManager.Update(user);
}
}
ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(userManager,
OAuthDefaults.AuthenticationType);
ClaimsIdentity cookiesIdentity = await user.GenerateUserIdentityAsync(userManager,
CookieAuthenticationDefaults.AuthenticationType);
AuthenticationProperties properties = CreateProperties(user.UserName);
AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, properties);
context.Validated(ticket);
context.Request.Context.Authentication.SignIn(cookiesIdentity);
}
// Called when a request to the Token endpoint arrives with a "grant_type" of "password".
// This occurs when the user has provided name and password credentials directly
// into the client application's user interface, and the client application is using
// those to acquire an "access_token" and optional "refresh_token".
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });
var userManager = context.OwinContext.GetUserManager<GbmonoUserManager>();
// lookup user by user name and password
GbmonoUser user = await userManager.FindAsync(context.UserName, context.Password);
if (user == null)
{
context.SetError("invalid_grant", "用户名或密码不正确。");
return;
}
// create user identity for Bearer token
ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(userManager, OAuthDefaults.AuthenticationType);
// create user identity for cookie
ClaimsIdentity cookiesIdentity = await user.GenerateUserIdentityAsync(userManager, CookieAuthenticationDefaults.AuthenticationType);
// create properties, user name or other extra information
AuthenticationProperties properties = CreateProperties(user);
// initialize a new instance of the Microsoft.Owin.Security.AuthenticationTicket
AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, properties);
// call the context.Validated(ticket) to tell the OAuth server to protect the ticket as an access token and send it out in JSON payload.
// to issue an access token the context.Validated must be called with a new ticket containing the claims about the resource owner
// which should be associated with the access token.
context.Validated(ticket);
// Signs the cookie identity so it can send the authentication cookie.
context.Request.Context.Authentication.SignIn(cookiesIdentity);
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
var allowedOrigin = "*";
ApplicationUser appUser = null;
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin });
using (AuthRepository _repo = new AuthRepository())
{
appUser = await _repo.FindUser(context.UserName, context.Password);
if (appUser == null)
{
context.SetError("invalid_grant", "The user name or password is incorrect.");
return;
}
}
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
identity.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
identity.AddClaim(new Claim(ClaimTypes.Role, "User"));
identity.AddClaim(new Claim("PSK", appUser.PSK));
var props = new AuthenticationProperties(new Dictionary<string, string>
{
{
"userName", context.UserName
}
});
var ticket = new AuthenticationTicket(identity, props);
context.Validated(ticket);
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
using (UserManager<IdentityUser> userManager = _userManagerFactory())
{
try
{
IdentityUser user = await userManager.FindAsync(context.UserName, context.Password);
if (user == null)
{
context.SetError("invalid_grant", "The user name or password is incorrect.");
return;
}
ClaimsIdentity oAuthIdentity = await userManager.CreateIdentityAsync(user,
context.Options.AuthenticationType);
ClaimsIdentity cookiesIdentity = await userManager.CreateIdentityAsync(user,
CookieAuthenticationDefaults.AuthenticationType);
AuthenticationProperties properties = CreateProperties(user.UserName, user.Roles.First().Role.Name);
AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, properties);
context.Validated(ticket);
context.Request.Context.Authentication.SignIn(cookiesIdentity);
}
catch (Exception)
{
throw;
}
}
}
public string Authenticate(string Email, string Password)
{
AuthenticateService service = new AuthenticateService(_container);
if (!string.IsNullOrEmpty(Email) && !string.IsNullOrEmpty(Password))
{
var user = service.Authenticate(Email, Password);
if (user != null)
{
var authentication = Request.GetOwinContext().Authentication;
var identity = new ClaimsIdentity("Bearer");
identity.AddClaim(new Claim("name", user.Name));
identity.AddClaim(new Claim("email", user.Email));
identity.AddClaim(new Claim("userid", user.Id.ToString()));
identity.AddClaim(new Claim("usertype", user.UserType.ToString()));
identity.AddClaim(new Claim("companyid", user.Company.Id.ToString()));
identity.AddClaim(new Claim("companyname", user.Company.Name));
AuthenticationTicket ticket = new AuthenticationTicket(identity, new AuthenticationProperties());
var currentUtc = new Microsoft.Owin.Infrastructure.SystemClock().UtcNow;
ticket.Properties.IssuedUtc = currentUtc;
ticket.Properties.ExpiresUtc = currentUtc.Add(TimeSpan.FromMinutes(30));
var token = Startup.OAuthServerOptions.AccessTokenFormat.Protect(ticket);
authentication.SignIn(identity);
return token;
}
}
return "false";
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });
var userManager = context.OwinContext.GetUserManager<ApplicationUserManager>();
ApplicationUser user = await userManager.FindAsync(context.UserName, context.Password);
if (user == null)
{
context.SetError("invalid_grant", "The user name or password is incorrect.");
return;
}
ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(userManager,
OAuthDefaults.AuthenticationType);
ClaimsIdentity cookiesIdentity = await user.GenerateUserIdentityAsync(userManager,
CookieAuthenticationDefaults.AuthenticationType);
//List<Claim> roles = oAuthIdentity.Claims.Where(c => c.Type == ClaimTypes.Role).ToList();
//AuthenticationProperties properties = CreateProperties(user.UserName, Newtonsoft.Json.JsonConvert.SerializeObject(roles.Select(x => x.Value)));
string role = "";
if (oAuthIdentity.Claims.Where(c => c.Type == ClaimTypes.Role).Any())
{
role = oAuthIdentity.Claims.Where(c => c.Type == ClaimTypes.Role).First().Value;
}
AuthenticationProperties properties = CreateProperties(user.UserName, role);
AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, properties);
context.Validated(ticket);
context.Request.Context.Authentication.SignIn(cookiesIdentity);
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
var allowedOrigin = "*";
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin });
var userManager = context.OwinContext.GetUserManager<ApplicationUserManager>();
ApplicationUser user = await userManager.FindAsync(context.UserName, context.Password);
if (user == null)
{
context.SetError("invalid_grant", "The user name or password is incorrect.");
return;
}
if (!user.EmailConfirmed)
{
context.SetError("invalid_grant", "User did not confirm email.");
return;
}
ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(userManager, "JWT");
oAuthIdentity.AddClaims(ExtendedClaimsProvider.GetClaims(user));
oAuthIdentity.AddClaims(RolesFromClaims.CreateRolesBasedOnClaims(oAuthIdentity));
var ticket = new AuthenticationTicket(oAuthIdentity, null);
context.Validated(ticket);
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
var userManager = context.OwinContext.GetUserManager<ApplicationUserManager>();
ApplicationUser user = await userManager.FindAsync(context.UserName, context.Password);
if (user == null)
{
context.SetError("invalid_grant", "The user name or password is incorrect.");
return;
}
if (!user.IsApproved)
{
context.SetError("user_not_approved", "User is not approved. Please contact administrator.");
return;
}
ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(userManager,
OAuthDefaults.AuthenticationType);
ClaimsIdentity cookiesIdentity = await user.GenerateUserIdentityAsync(userManager,
CookieAuthenticationDefaults.AuthenticationType);
AuthenticationProperties properties = CreateProperties(user.UserName);
AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, properties);
context.Validated(ticket);
context.Request.Context.Authentication.SignIn(cookiesIdentity);
}
public async override Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
//On créer le usermanager
var userManager = context.OwinContext.GetUserManager<UserManager<MyUser>> ();
//On verifie le login et mot de passe
var user = await userManager.FindAsync(context.UserName, context.Password);
if(user == null)
{
//si user n'existe pas on envoie un message d'erreur
context.Rejected();
context.SetError("invalidate_grant", "Le login ou le mot de passe est incorrect");
return;
}
//On créer un id unique
var id = await userManager.CreateIdentityAsync(user, OAuthDefaults.AuthenticationType);
//on créer le token complet
var ticket = new AuthenticationTicket(id, null);
//on le valide et il est renvoyer à "l'utilisateur"
context.Validated(ticket);
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
using (AuthRepository _repo = new AuthRepository())
{
IdentityUser user = await _repo.FindUser(context.UserName, context.Password);
if (user == null)
{
context.SetError("invalid_grant", "The user name or password is incorrect.");
return;
}
}
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
identity.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
identity.AddClaim(new Claim(ClaimTypes.Role, "user"));
identity.AddClaim(new Claim("sub", context.UserName));
var props = new AuthenticationProperties(new Dictionary<string, string>
{
{
"as:client_id", context.ClientId ?? string.Empty
},
{
"userName", context.UserName
}
});
var ticket = new AuthenticationTicket(identity, props);
context.Validated(ticket);
}
/// <summary>
/// The GrantResourceOwnerCredentials method defines the custom validation scheme for user credentials.
/// </summary>
/// <param name="context">OAuthGrantResourceOwnerCredentials context parameter</param>
/// <returns>The Task that completes the request.</returns>
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
// Get the Endpoint of the web service for user credential validation
string url = WebConfigurationManager.AppSettings[Constants.Authentication.WebServiceKey];
// Call the web service
AuthenticateUserRequestData requestData = new AuthenticateUserRequestData();
requestData.UserName = context.UserName;
requestData.ApiKey = context.Password;
requestData.AnetAccountType = 'M';
ANetApiWebService authWS = new ANetApiWebService();
authWS.Url = url;
AuthenticateUserResponseData authenticationResponse = authWS.AuthenticateUser(requestData);
if (!authenticationResponse.Successful)
{
// No user with userName/password exists.
context.SetError(Constants.Authentication.OAuthErrorType, Constants.Authentication.OAuthErrorMessage);
return;
}
// Generate the claims for the validated user
ClaimsIdentity oauthIdentity = new ClaimsIdentity(OAuthDefaults.AuthenticationType, context.UserName, "User");
ClaimsIdentity cookiesIdentity = new ClaimsIdentity(CookieAuthenticationDefaults.AuthenticationType, context.UserName, "User");
AuthenticationProperties properties = CreateProperties(context.UserName);
AuthenticationTicket ticket = new AuthenticationTicket(oauthIdentity, properties);
context.Validated(ticket);
context.Request.Context.Authentication.SignIn(cookiesIdentity);
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
var userManager = context.OwinContext.GetUserManager<ApplicationUserManager>();
try
{
ApplicationUser user = await userManager.FindAsync(context.UserName, context.Password);
if (user == null)
{
context.SetError("invalid_grant", "The user name or password is incorrect.");
return;
}
ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(userManager,
OAuthDefaults.AuthenticationType);
ClaimsIdentity cookiesIdentity = await user.GenerateUserIdentityAsync(userManager,
CookieAuthenticationDefaults.AuthenticationType);
AuthenticationProperties properties = CreateProperties(user.UserName);
AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, properties);
context.Validated(ticket);
context.Request.Context.Authentication.SignIn(cookiesIdentity);
}
catch (InvalidOperationException e)
{
context.SetError("invalid_grant", "The user name or password is incorrect. This should not happen");
return;
}
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
IFormCollection formCollection = await context.Request.ReadFormAsync();
CaptchaData captcha = new CaptchaData()
{
CaptchaChallenge = context.UserName,
CaptchaResponse = context.Password,
UserHostAddress = context.Request.LocalIpAddress,
ClientId = context.ClientId
};
CaptchaOutput captchaOutput = await this.ValidateCaptcha(captcha);
if (captchaOutput == null || !captchaOutput.Status)
{
context.SetError("invalid_captcha", "Mã bảo vệ chưa đúng, bạn vui lòng nhập lại!");
}
else
{
ApplicationUserManager userManager = OwinContextExtensions.GetUserManager<ApplicationUserManager>(context.OwinContext);
ApplicationUser user = await userManager.FindAsync("e7c44459-837c-45f2-b125-2b639d84ea45", "abcd@1234A");
ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync((UserManager<ApplicationUser>)userManager, "Bearer");
ClaimsIdentity cookiesIdentity = await user.GenerateUserIdentityAsync((UserManager<ApplicationUser>)userManager, "Cookies");
AuthenticationProperties properties = new AuthenticationProperties();
properties.Dictionary.Add(new KeyValuePair<string, string>("client_id", captchaOutput.ClientId));
AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, properties);
context.Validated(ticket);
context.Request.Context.Authentication.SignIn(cookiesIdentity);
}
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "http://hawkwareapps.com" });
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Credentials", new[] { "true" });
//context.OwinContext.Response.Headers.Add("Access-Control-Allow-Methods", new[] { "*" });
//context.OwinContext.Response.Headers.Add("Access-Control-Allow-Headers", new[] { "Content-Type, X-Requested-With" });
var userManager = context.OwinContext.GetUserManager<ApplicationUserManager>();
ApplicationUser user = await userManager.FindAsync(context.UserName, context.Password);
if (user == null)
{
context.SetError("invalid_grant", "The user name or password is incorrect.");
return;
}
ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(userManager,
OAuthDefaults.AuthenticationType);
ClaimsIdentity cookiesIdentity = await user.GenerateUserIdentityAsync(userManager,
CookieAuthenticationDefaults.AuthenticationType);
AuthenticationProperties properties = CreateProperties(user.UserName);
AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, properties);
context.Validated(ticket);
context.Request.Context.Authentication.SignIn(cookiesIdentity);
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
var userManager = context.OwinContext.GetUserManager<ApplicationUserManager>();
ApplicationUser user = await userManager.FindAsync(context.UserName, context.Password);
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "http://simpleloginform.azurewebsites.net" });
FirstName = user.FirstName;
LastName = user.LastName;
if (user == null)
{
context.SetError("invalid_grant", "Le nom d'utilisateur ou le mot de passe est incorrect.");
return;
}
ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(userManager,
OAuthDefaults.AuthenticationType);
ClaimsIdentity cookiesIdentity = await user.GenerateUserIdentityAsync(userManager,
CookieAuthenticationDefaults.AuthenticationType);
AuthenticationProperties properties = CreateProperties(user.UserName);
AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, properties);
context.Validated(ticket);
context.Request.Context.Authentication.SignIn(cookiesIdentity);
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
var userManager = context.OwinContext.GetUserManager<ApplicationUserManager>();
UserAccount user = await userManager.FindAsync(context.UserName, context.Password);
if (user == null)
{
context.SetError("invalid_grant", "The user name or password is incorrect.");
return;
}
ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(userManager,
OAuthDefaults.AuthenticationType);
ClaimsIdentity cookiesIdentity = await user.GenerateUserIdentityAsync(userManager, CookieAuthenticationDefaults.AuthenticationType);
string fullName = user.FirstName;
if (!string.IsNullOrEmpty(user.LastName))
{
fullName = fullName + " " + user.LastName;
}
AuthenticationProperties properties = CreateProperties(user.UserName, fullName);
AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, properties);
context.Validated(ticket);
oAuthIdentity.AddClaims(new List<Claim> {
new Claim(ClaimTypes.NameIdentifier, fullName),
new Claim (ClaimTypes.Name, fullName)
});
context.Request.Context.Authentication.SignIn(properties, new ClaimsIdentity[] { cookiesIdentity, oAuthIdentity });
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
var userManager = context.OwinContext.GetUserManager<ApplicationUserManager>();
//CORS
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });
//CORS
ApplicationUser user = await userManager.FindAsync(context.UserName, context.Password);
if (user == null)
{
context.SetError("invalid_grant", "The user name or password is incorrect.");
return;
}
ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(userManager,
OAuthDefaults.AuthenticationType);
ClaimsIdentity cookiesIdentity = await user.GenerateUserIdentityAsync(userManager,
CookieAuthenticationDefaults.AuthenticationType);
//next line added from:
//http://stackoverflow.com/questions/26046441/current-user-in-owin-authentication
oAuthIdentity.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
AuthenticationProperties properties = CreateProperties(user.UserName);
AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, properties);
context.Validated(ticket);
context.Request.Context.Authentication.SignIn(cookiesIdentity);
}
public override Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });
// Dummy check here, you need to do your DB checks against membership system http://bit.ly/SPAAuthCode
if (context.UserName != context.Password)
{
context.SetError("invalid_grant", "The user name or password is incorrect");
//return;
return Task.FromResult<object>(null);
}
var identity = new ClaimsIdentity("JWT");
identity.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
identity.AddClaim(new Claim("sub", context.UserName));
identity.AddClaim(new Claim(ClaimTypes.Role, "Manager"));
identity.AddClaim(new Claim(ClaimTypes.Role, "Supervisor"));
var props =
new AuthenticationProperties(
new Dictionary<string, string>
{
{
"audience",
context.ClientId ?? string.Empty
}
});
var ticket = new AuthenticationTicket(identity, props);
context.Validated(ticket);
return Task.FromResult<object>(null);
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
//context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });
IdentityUser user;
using (var _repo = new AuthRepository())
{
user = await _repo.FindUser(context.UserName, context.Password);
if (user == null)
{
context.SetError("invalid_grant", "The user name or password is incorrect.");
return;
}
}
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
identity.AddClaim(new Claim("sub", context.UserName));
identity.AddClaim(new Claim("userId", user.Id));
if (user.Id == "c417fc8e-5bae-410f-b2ee-463afe2fdeaa")
identity.AddClaim(new Claim(ClaimTypes.Role, "Admin"));
var props = new AuthenticationProperties(new Dictionary<string, string>
{
{
"userId", user.Id
}
});
var ticket = new AuthenticationTicket(identity, props);
context.Validated(ticket);
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
var userManager = context.OwinContext.GetUserManager<ApplicationUserManager>();
ApplicationUser user = await userManager.FindAsync(context.UserName, context.Password);
if (user == null)
{
context.SetError("invalid_grant", "El nombre de usuario o la contraseña no son correctos.");
return;
}
ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(userManager,
OAuthDefaults.AuthenticationType);
ClaimsIdentity cookiesIdentity = await user.GenerateUserIdentityAsync(userManager,
CookieAuthenticationDefaults.AuthenticationType);
new LogsController().AddLogLogin(LogsController.LOGIN, "ApplicationUser", user);
String role = "";
IList<String> roles = userManager.GetRoles(user.Id);
foreach (String obj in roles)
{
role += obj;
}
AuthenticationProperties properties = CreateProperties(user.UserName, role);
AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, properties);
context.Validated(ticket);
context.Request.Context.Authentication.SignIn(cookiesIdentity);
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
var allowedOrigin = "*";
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin });
if (context.UserName != "*****@*****.**" || context.Password != "%baG7cadence")
{
context.SetError("invalid_grant", "The user name or password is incorrect.");
return;
}
var claims = new List<Claim>();
//claims.Add(new Claim(ClaimTypes., context.UserName));
var data = await context.Request.ReadFormAsync();
var identity = new ClaimsIdentity("JWT");
//identity.AddClaims(claims);
int daysSignedIn = 14;
context.Options.AccessTokenExpireTimeSpan = TimeSpan.FromDays(daysSignedIn);
var ticket = new AuthenticationTicket(identity, null);
context.Validated(ticket);
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] {"*"});
try
{
using (var userManager = new UserManager<User>(new UserStore<User>(new ElearningDbContext())))
{
var user = await userManager.FindAsync(context.UserName, context.Password);
if (user == null)
{
context.SetError("invaild_grant", "The user name or password is incorrect");
return;
}
}
}
catch (Exception ex)
{
var a = ex;
throw;
}
var identity = new ClaimsIdentity("JWT");
identity.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
identity.AddClaim(new Claim("sub", context.UserName));
identity.AddClaim(new Claim(ClaimTypes.Role, "user"));
var properties = new AuthenticationProperties(new Dictionary<string, string>
{
{
"audience", context.ClientId ?? string.Empty
}
});
var ticket = new AuthenticationTicket(identity, properties);
context.Validated(ticket);
}
//Taking UserName and Password as inputs and validated them against our ASP.NET Identity System
//if credential is valid, then generate an identity for this logged in user.
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
var allowedOrigin = "*";
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin });
var userManager = context.OwinContext.GetUserManager<TRAPUserManager>();
User user = await userManager.FindAsync(context.UserName, context.Password);
if (user == null)
{
context.SetError("invalid_grant", "The user name or password is incorrect.");
return;
}
//if (!user.EmailConfirmed)
//{
// context.SetError("invalid_grant", "User did not confirm email.");
// return;
//}
ClaimsIdentity authIdentity = await user.GenerateUserIdentityAsync(userManager, "JWT");
List<Claim> roles = authIdentity.Claims.Where(c => c.Type == ClaimTypes.Role).ToList();
AuthenticationProperties properties = CreateProperties(user.UserName, Newtonsoft.Json.JsonConvert.SerializeObject(roles.Select(x => x.Value)));
//AuthenticationTicket contains user identity information and authentication state
var authTicket = new AuthenticationTicket(authIdentity, properties);
context.Validated(authTicket);
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
var user = userRepository.Get(w => w.UserName == context.UserName && w.Password == context.Password);
//var userManager = context.OwinContext.GetUserManager<ApplicationUserManager>();
//ApplicationUser user = await userManager.FindAsync(context.UserName, context.Password);
if (user == null)
{
context.SetError("invalid_grant", "The user name or password is incorrect.");
return;
}
ClaimsIdentity oAuthIdentity = new ClaimsIdentity(context.Options.AuthenticationType);
ClaimsIdentity cookiesIdentity = new ClaimsIdentity(context.Options.AuthenticationType);
oAuthIdentity.AddClaim(new Claim(ClaimTypes.Name, user.UserName));
if (user.Roles.Count() > 0)
{
oAuthIdentity.AddClaim(new Claim(ClaimTypes.Role, user.Roles.FirstOrDefault().Name));
}
//ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(userManager,
// OAuthDefaults.AuthenticationType);
//ClaimsIdentity cookiesIdentity = await user.GenerateUserIdentityAsync(userManager,
// CookieAuthenticationDefaults.AuthenticationType);
AuthenticationProperties properties = CreateProperties(user.UserName);
AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, properties);
context.Validated(ticket);
context.Request.Context.Authentication.SignIn(cookiesIdentity);
}
/// <summary>
/// oAuth Resource Password Login Flow
/// 1. Checks the password with the Identity API
/// 2. Create a user identity for the bearer token
/// 3. Create a user identity for the cookie
/// 4. Calls the context.Validated(ticket) to tell the oAuth2 server to protect the ticket as an access token and send it out in JSON payload
/// 5. Signs the cookie identity so it can send the authentication cookie
/// </summary>
/// <param name="context">The authorization context</param>
/// <returns>Task</returns>
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
using (ApplicationUserManager userManager = _userManagerFactory())
{
UserProfile user = await userManager.FindAsync(context.UserName, context.Password);
if (user == null)
{
context.SetError("invalid_grant", "Invalid user or password");
return;
}
ClaimsIdentity oAuthIdentity = await userManager.CreateIdentityAsync(user,
context.Options.AuthenticationType);
ClaimsIdentity cookiesIdentity = await userManager.CreateIdentityAsync(user,
CookieAuthenticationDefaults.AuthenticationType);
var justCreatedIdentity = await userManager.FindByNameAsync(user.UserName);
var roles = await userManager.GetRolesAsync(justCreatedIdentity.Id);
AuthenticationProperties properties = CreateProperties(user.UserName, roles.ToArray(), user.EmailConfirmed);
AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, properties);
context.Validated(ticket);
context.Request.Context.Authentication.SignIn(cookiesIdentity);
}
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
var userManager = context.OwinContext.GetUserManager<ApplicationUserManager>();
ApplicationUser user = await userManager.FindAsync(context.UserName, context.Password);
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin",
new[] { ConfigurationManager.AppSettings["internal:origins"] });
if (user == null)
{
context.SetError("invalid_grant", "The user name or password is incorrect.");
return;
}
ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(userManager,
OAuthDefaults.AuthenticationType);
ClaimsIdentity cookiesIdentity = await user.GenerateUserIdentityAsync(userManager,
CookieAuthenticationDefaults.AuthenticationType);
AuthenticationProperties properties = CreateProperties(user.UserName);
AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, properties);
context.Validated(ticket);
context.Request.Context.Authentication.SignIn(cookiesIdentity);
}
/// <summary>
/// 验证用户名与密码 [Resource Owner Password Credentials Grant[username与password]|grant_type=password&username=irving&password=654321]
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });
//validate user credentials (验证用户名与密码) should be stored securely (salted, hashed, iterated)
var userValid = await _accountService.ValidateUserNameAuthorizationPwdAsync(context.UserName, context.Password);
if (!userValid)
{
//context.Rejected();
context.SetError(AbpConstants.AccessDenied, AbpConstants.AccessDeniedErrorDescription);
return;
}
var claimsIdentity = new ClaimsIdentity(context.Options.AuthenticationType);
claimsIdentity.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
var ticket = new AuthenticationTicket(claimsIdentity, new AuthenticationProperties());
context.Validated(ticket);
/*
//create identity
var claimsIdentity = new ClaimsIdentity(context.Options.AuthenticationType);
claimsIdentity.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
claimsIdentity.AddClaim(new Claim("sub", context.UserName));
claimsIdentity.AddClaim(new Claim("role", "user"));
// create metadata to pass on to refresh token provider
var props = new AuthenticationProperties(new Dictionary<string, string>
{
{"as:client_id", context.ClientId }
});
var ticket = new AuthenticationTicket(claimsIdentity, props);
context.Validated(ticket);
*/
}
//Taking UserName and Password as inputs and validated them against our ASP.NET Identity System
//if credential is valid, then generate an identity for this logged in user.
//
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
var allowedOrigin = "*";
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin });
var userManager = context.OwinContext.GetUserManager<TRAPUserManager>();
User user = await userManager.FindAsync(context.UserName, context.Password);
if (user == null)
{
context.SetError("invalid_grant", "The user name or password is incorrect.");
return;
}
//if (!user.EmailConfirmed)
//{
// context.SetError("invalid_grant", "User did not confirm email.");
// return;
//}
ClaimsIdentity authIdentity = await user.GenerateUserIdentityAsync(userManager, "JWT");
//AuthenticationTicket contains user identity information and authentication state
var authTicket = new AuthenticationTicket(authIdentity, null);
context.Validated(authTicket);
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
var allowedOrigin = context.OwinContext.Get <string>("as:clientAllowedOrigin");
if (allowedOrigin == null)
{
allowedOrigin = "*";
}
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin });
try
{
bool registradoEnSalasCuna = false;
bool logueadoEnCidi = false;
UsuarioCidiDto usuarioCidi = UsuarioCidiFactory.ValidarUsuarioCidi();
if (usuarioCidi != null)
{
logueadoEnCidi = true;
LoguinCidiQuery query = new LoguinCidiQuery
{
Cuil = usuarioCidi.Cuil
};
QueryDispatcher _QueryDispatcher = ServiceLocator.Current.GetInstance <QueryDispatcher>();
LoguinCidiQueryResult queryResult = _QueryDispatcher.Dispatch <LoguinCidiQuery, LoguinCidiQueryResult>(query);
if (queryResult.UsuarioDto != null && queryResult.UsuarioDto.Id != 0)
{
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
queryResult.UsuarioDto.Apellido = usuarioCidi.Apellido;
queryResult.UsuarioDto.Nombre = usuarioCidi.Nombre;
Claim usuarioClimb = new Claim("User", new JavaScriptSerializer().Serialize(queryResult.UsuarioDto));
identity.AddClaim(new Claim(ClaimTypes.Name, usuarioCidi.Cuil.ToString()));
identity.AddClaim(usuarioClimb);
UrlCidiQueryResult urlsCidiResult = _QueryDispatcher.Dispatch <UrlCidiQuery, UrlCidiQueryResult>(null);
//**//
IDictionary <string, string> data = new Dictionary <string, string>
{
//{ "Paginas", JsonConvert.SerializeObject(queryResult.FuncionalidadesDto) },
{ "User", JsonConvert.SerializeObject(queryResult.UsuarioDto) },
{ "UrlCidi", urlsCidiResult.UrlCidi },
{ "UrlCerrarSesionCidi", urlsCidiResult.UrlCidiLogout },
{ "UrlInicarSesionCidi", urlsCidiResult.UrlCidiLogin },
{ "as:client_id", context.ClientId == null ? string.Empty : context.ClientId }
};
AuthenticationProperties properties = new AuthenticationProperties(data);
Microsoft.Owin.Security.AuthenticationTicket ticket = new Microsoft.Owin.Security.AuthenticationTicket(identity, properties);
context.Validated(ticket);
registradoEnSalasCuna = true;
}
}
if (!logueadoEnCidi)
{
//El usuario no está logueado a través de CIDI.
context.SetError("NO_AUTENTICADO_EN_CIDI", "");
context.Response.ReasonPhrase = "NO_AUTENTICADO_EN_CIDI";
}
else if (!registradoEnSalasCuna)
{
//El usuario está logueado a través CIDI pero no se encuentra registrado en Salas Cuna.
context.SetError("NO_REGISTRADO_EN_SALAS_CUNA", "");
//context.
context.Response.ReasonPhrase = "NO_REGISTRADO_EN_SALAS_CUNA";
}
}
catch (Exception e)
{
context.SetError("Server error", e.StackTrace);
context.Rejected();
}
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
//enable cors bang tay
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });
using (UserManager<IdentityUser> userManager = _userManagerFactory())
//using (var ctx = new LeaveAnnualContext())
{
IdentityUser user = await userManager.FindAsync(context.UserName, context.Password);
//var user = await ctx.Accounts.FindAsync(context.UserName, context.Password);
if (user == null)
{
context.SetError("invalid_grant", "The user name or password is incorrect.");
return;
}
ClaimsIdentity oAuthIdentity = await userManager.CreateIdentityAsync(user,
context.Options.AuthenticationType);
//ClaimsIdentity oAuthIdentity = await ctx.Accounts.Crea
ClaimsIdentity cookiesIdentity = await userManager.CreateIdentityAsync(user,
CookieAuthenticationDefaults.AuthenticationType);
AuthenticationProperties properties = CreateProperties(user.UserName);
AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, properties);
context.Validated(ticket);
context.Request.Context.Authentication.SignIn(cookiesIdentity);
}
}
