/// <inheritdoc /> public override Task HandleTokenRequest(HandleTokenRequestContext context) { // Only handle grant_type=password token requests and let the // OpenID Connect server middleware handle the other grant types. if (context.Request.IsPasswordGrantType()) { // Validate the credentials here (e.g using ASP.NET Core Identity). // You can call Reject() with an error code/description to reject // the request and return a message to the caller. // ReSharper disable once NotAccessedVariable UserDto user; var credential = new NetworkCredential(context.Request.Username, context.Request.Password); try { // ReSharper disable once RedundantAssignment user = _loginProvider.GetUser(credential.UserName, credential.Password); } catch (AuthenticationException err) { context.Reject( error: OpenIdConnectConstants.Errors.InvalidClient, description: err.Message); return(Task.CompletedTask); } var identity = new ClaimsIdentity(); identity.AddClaim(OpenIdConnectConstants.Claims.Subject, "[unique identifier]"); // By default, claims are not serialized in the access and identity tokens. // Use the overload taking a "destinations" parameter to make sure // your claims are correctly serialized in the appropriate tokens. identity.AddClaim("urn:customclaim", "value", OpenIdConnectConstants.Destinations.AccessToken, OpenIdConnectConstants.Destinations.IdentityToken); var ticket = new AuthenticationTicket( new ClaimsPrincipal(identity), new AuthenticationProperties(), "Role"); // Call SetResources with the list of resource servers // the access token should be issued for. ticket.SetResources("resource_server_1"); // Call SetScopes with the list of scopes you want to grant // (specify offline_access to issue a refresh token). ticket.SetScopes("profile", "offline_access"); context.Validate(ticket); } return(Task.CompletedTask); }
public async Task <IHttpActionResult> me() { UTRGVUserProfile user = _loginProvider.GetUser(User.Identity.Name); var dbUser = await db.Users.Where(u => u.Cn == user.Cn).FirstOrDefaultAsync(); if (dbUser != null) { user.Role = dbUser.Role.Name; } else { user.Role = "Faculty"; } return(Ok(user)); }