public object Get(OAuthAuthenticateRequest request)
{
// check if the user is authorized
if (!userIsAllowed (request.Username, request.Password)) {
// unauthorized
Logger.WarnFormat ("Failed to authenticate user {0}", request.Username);
Response.StatusCode = 403;
Response.StatusDescription ="Authorization failed";
Response.Write (
"<html><h1 style='margin-top: 1em'>Authorization failed for user "
+ "<b>" + request.Username + "</b>"
+ " (maybe wrong password?).</h1></html>"
);
Response.Close ();
return null;
}
// authentication successful
Logger.InfoFormat ("Successfully authorized user: {0}", request.Username);
return TokenExchangeAfterAuthentication (request.Username, request.Password, request.RequestToken);
}
public object Post(OAuthAuthenticateRequest request)
{
// check if the user is authorized
string username = request.Username;
if (username == null || !userIsAllowed (username, request.Password, out username)) {
// unauthorized
Logger.WarnFormat ("Failed to authenticate user {0}", username);
Response.StatusCode = 403;
Response.StatusDescription ="Authorization failed";
Response.ApplyGlobalResponseHeaders ();
Response.Write (
"<html><h1 style='margin-top: 1em'>Authorization failed for user "
+ "<b>" + request.Username + "</b>"
+ " (maybe wrong password?).</h1></html>"
);
Response.EndServiceStackRequest ();
return null;
}
// authentication successful
Logger.InfoFormat ("Successfully authorized user: {0}", username);
return TokenExchangeAfterAuthentication (username, request.Password, request.RequestToken);
}
