public ClientContext GetDbContext()
{
try
{
string connectionString = string.Empty;
using (IMasterDbService dbService = new MasterDbService())
{
connectionString = dbService.GetCompanyDetails(GetTenantId()).DatabaseConnectionString;
}
var client = new ClientContext(connectionString);
return(client);
}
catch (Exception ex)
{
throw ex;
}
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
var form = await context.Request.ReadFormAsync();
var tenantId = form["tenantId"];
if (string.IsNullOrEmpty(tenantId))
{
context.SetError("invalid_grant", "The tenant name is incorrect.");
return;
}
else
{
//get tenant connection string from master database
IMasterDbService dbService = new MasterDbService();
var company = dbService.GetCompanyDetails(tenantId);
dbService.Dispose();
if (company == null)
{
context.SetError("invalid_grant", "The tenant name is incorrect.");
return;
}
else
{
//Find the the user using username and password
using (IUserService userService = new UserService(company.DatabaseConnectionString))
{
var loggedInUser = userService.AuthernticateUser(context.UserName, context.Password);
if (loggedInUser == null)
{
context.SetError("invalid_grant", "The user name or password is incorrect.");
return;
}
else
{
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
identity.AddClaim(new Claim(ClaimTypes.Email, loggedInUser.Email));
identity.AddClaim(new Claim("TenantId", company.CompanyId));
var userRoles = new List <string>();
if (loggedInUser.UserLevel == 5)
{
identity.AddClaim(new Claim(ClaimTypes.Role, UserRole.Administrator.ToString()));
userRoles.Add(UserRole.Administrator.ToString());
}
//If want to extend to other user level then, need to add the role for other user types
var principal = new GenericPrincipal(identity, userRoles.ToArray());
Thread.CurrentPrincipal = principal;
context.Validated(identity);
}
}
//Generate Claim
}
}
//var userManager = context.OwinContext.GetUserManager<ApplicationUserManager>();
//ApplicationUser user = await userManager.FindAsync(context.UserName, context.Password);
//if (user == null)
//{
// context.SetError("invalid_grant", "The user name or password is incorrect.");
// return;
//}
//ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(userManager,
// OAuthDefaults.AuthenticationType);
//ClaimsIdentity cookiesIdentity = await user.GenerateUserIdentityAsync(userManager,
// CookieAuthenticationDefaults.AuthenticationType);
//AuthenticationProperties properties = CreateProperties(user.UserName);
//AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, properties);
//context.Validated(ticket);
//context.Request.Context.Authentication.SignIn(cookiesIdentity);
}
