public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
var clientId = string.Empty;
var clientSecret = string.Empty;
if (!context.TryGetBasicCredentials(out clientId, out clientSecret))
{
context.TryGetFormCredentials(out clientId, out clientSecret);
}
if (context.ClientId == null)
{
context.Rejected();
context.SetError("invalid_client", "Client credentials could not be retrieved through the Authorization header.");
return;
}
try
{
if (clientId == "MyApp" && clientSecret == "MySecret")
{
var client = new ApplicationClient
{
Id = "MyApp",
AllowedGrant = OAuthGrant.ResourceOwner,
ClientSecretHash = new PasswordHasher().HashPassword("MySecret"),
Name = "My App",
CreatedOn = DateTimeOffset.UtcNow
};
context.OwinContext.Set <ApplicationClient>("oauth:client", client);
context.Validated(clientId);
}
else
{
// Client could not be validated.
context.SetError("invalid_client", "Client credentials are invalid.");
context.Rejected();
}
}
catch (Exception)
{
context.SetError("server_error");
context.Rejected();
}
return;
}
public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
////////////////////////////////////////////////////////
string clientId = "";
string clientSecret = "";
context.TryGetFormCredentials(out clientId, out clientSecret);
if (clientId != "Utn.Ba$")
{
context.Rejected();
}
else
{
context.Validated();
}
}
private Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
string clientId;
string clientSecret;
if (context.TryGetBasicCredentials(out clientId, out clientSecret) ||
context.TryGetFormCredentials(out clientId, out clientSecret))
{
if (clientId == ClientId && clientSecret == ClientSecret)
{
context.Validated();
}
}
return(Task.FromResult(0));
}
public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
string clientId = string.Empty;
string clientSecret = string.Empty;
context.TryGetFormCredentials(out clientId, out clientSecret);
if (!string.IsNullOrEmpty(clientId))
{
context.Validated(clientId);
}
else
{
context.Validated();
}
return(base.ValidateClientAuthentication(context));
}
public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
if (context.TryGetBasicCredentials(out var clientId, out var clientSecret) ||
context.TryGetFormCredentials(out clientId, out clientSecret))
{
var client = await _clientManager.FindClientByIdAndSecretAsync(clientId, clientSecret);
if (client == null)
{
context.SetError("invalid_client");
return;
}
context.Validated(clientId);
}
}
public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
string clientId, clientSecret;
if (context.TryGetFormCredentials(out clientId, out clientSecret))
{
// var typ = context.Parameters.Where(p => p.Key == "grant_type").Select(p => p.Value.FirstOrDefault()).FirstOrDefault();
var secret = ConfigurationManager.AppSettings["as:AudienceSecret"].Split(',');
if (secret.Contains(clientSecret))
{
context.OwinContext.Set <string>("as:client_id", clientId);
}
}
context.Validated();
return(Task.FromResult <object>(null));
}
private Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
string clientId;
string clientSecret;
if (context.TryGetBasicCredentials(out clientId, out clientSecret) ||
context.TryGetFormCredentials(out clientId, out clientSecret))
{
// TODO: Consultar um serviço para validar os id e secret da aplicação
//if (clientId == Clients.Client1.Id && clientSecret == Clients.Client1.Secret)
//{
context.Validated();
//}
}
return(Task.FromResult(0));
}
public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
string clientId;
string clientSecret;
if (!context.TryGetBasicCredentials(out clientId, out clientSecret)) //通过TryGetBasicCredentials获取判断是否有值
{
context.TryGetFormCredentials(out clientId, out clientSecret); //如没有,通过TryGetFormCredentials获取客户端信息
}
if (context.ClientId == null) //如ClientId为空
{
context.SetError("客户端信息为空", "客户端ID为空");
return(Task.FromResult <object>(null));
}
context.Validated();
return(Task.FromResult <object>(null));
}
public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
// appelé pour valider que le client id et client secret sont valides
string clientId;
string clientSecret;
if (context.TryGetFormCredentials(out clientId, out clientSecret))
{
if (clientId == "win8client" && clientSecret == "oauthcadeboite")
{
context.Validated(clientId);
return;
}
}
context.Rejected();
}
//validate client credentials (called when requesting a token by user/password and also when renewing token using a refresh token)
public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
return(Task.Run(() =>
{
string clientId, clientSecret;
//expects client_id, client_secret to be passed in request body
context.TryGetFormCredentials(out clientId, out clientSecret);
if (clientId == clientSecret && !string.IsNullOrWhiteSpace(clientId)) //TODO: Replace Demo Only Check
{
//need to make the client_id available for later security checks
context.OwinContext.Set("as:client_id", clientId);
context.Validated();
return;
}
context.Rejected();
}));
}
private Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
string clientId;
string clientSecret;
if (context.TryGetBasicCredentials(out clientId, out clientSecret) || context.TryGetFormCredentials(out clientId, out clientSecret))
{
context.Validated();
//var task = Task.Run(async () => await Application.GetApplicationByName(clientId));
//var application = "Service Request";
//if (clientId == "Service Request" && clientSecret == "7890ab")
//{
// context.Validated();
//}
}
return(Task.FromResult(0));
}
public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
context.Validated();
string id, secret;
if (context.TryGetFormCredentials(out id, out secret))
{
context.OwinContext.Set <string>("as:client_id", id);
context.Validated();
//if (secret == "secret")
//{
// // need to make the client_id available for later security checks
// context.OwinContext.Set<string>("as:client_id", id);
// context.Validated();
//}
}
}
/// <summary>
/// 验证 client 信息
/// </summary>
public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
string clientId;
string clientSecret;
if (!context.TryGetBasicCredentials(out clientId, out clientSecret))
{
context.TryGetFormCredentials(out clientId, out clientSecret);
}
if (string.IsNullOrEmpty(clientId) || string.IsNullOrEmpty(clientSecret))
{
clientId = context.Parameters.Get("client_id");
clientSecret = context.Parameters.Get("client_secret");
}
bool canOper = false;//是否可继续操作
string cacheClientId = ToolHelper.CacheData.GetSysParamValue("AliGenieClientId_" + clientId);
string cacheClientSecret = ToolHelper.CacheData.GetSysParamValue("AliGenieClientSecret_" + clientId);
string commonClientId = ToolHelper.CacheData.GetSysParamValue("AliGenieClientId");
string commonClientSecret = ToolHelper.CacheData.GetSysParamValue("AliGenieClientSecret");
canOper = (clientId.Equals(cacheClientId) && clientSecret.Equals(cacheClientSecret)) || (clientId.Equals(commonClientId) && clientSecret.Equals(commonClientSecret));
if (!canOper)
{
context.SetError("invalid_client", "client or clientSecret is not valid");
return;
}
context.Validated();
}
/// <summary>
/// 验证 client 信息
/// </summary>
public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
string clientId;
string clientSecret;
if (!context.TryGetBasicCredentials(out clientId, out clientSecret))
{
context.TryGetFormCredentials(out clientId, out clientSecret);
}
if (clientId == null || clientSecret != clientService.FindClientSecret(clientId))
{
context.SetError("invalid_client", "client is not valid");
return;
}
context.Validated();
}
public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
string clientId;
string clientSecret;
Client client;
if (!context.TryGetBasicCredentials(out clientId, out clientSecret))
{
context.TryGetFormCredentials(out clientId, out clientSecret);
}
if (context.ClientId == null)
{
//Remove the comments from the below line context.SetError, and invalidate context
//if you want to force sending clientId/secrects once obtain access tokens.
context.Validated();
//context.SetError("invalid_clientId", "ClientId should be sent.");
return(Task.FromResult <object>(null));
}
//using (AuthService _repo = new AuthService(_configurationManager))
//{
client = _authService.FindClient(context.ClientId);
//}
if (client == null)
{
context.SetError("invalid_clientId", $"Client '{context.ClientId}' is not registered in the system.");
return(Task.FromResult <object>(null));
}
if (!client.Active)
{
context.SetError("invalid_clientId", "Client is inactive.");
return(Task.FromResult <object>(null));
}
context.OwinContext.Set("as:clientAllowedOrigin", client.AllowedOrigin);
context.OwinContext.Set("as:clientRefreshTokenLifeTime", client.RefreshTokenLifeTime.ToString());
context.Validated();
return(Task.FromResult <object>(null));
}
public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
string clientId;
string clientSecret;
context.TryGetBasicCredentials(out clientId, out clientSecret);
context.TryGetFormCredentials(out clientId, out clientSecret);
// Resource owner password credentials does not provide a client ID.
if (context.ClientId == null)
{
context.Validated();
}
return(Task.FromResult <object>(null));
}
/// <summary>
/// 验证客户端
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
string clientId;
string clientSecret;
context.TryGetFormCredentials(out clientId, out clientSecret);
//context.TryGetBasicCredentials(out clientId, out clientSecret); //Basic认证
//TODO:读库,验证
if (clientId != "malfy" && clientSecret != "111111")
{
context.SetError("invalid_client", "client is not valid");
return;
}
context.OwinContext.Set("as:client_id", clientId);
context.Validated(clientId);
}
/// <summary>
/// 验证 client 信息
/// </summary>
public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
string clientId;
string clientSecret;
if (!context.TryGetBasicCredentials(out clientId, out clientSecret))
{
context.TryGetFormCredentials(out clientId, out clientSecret);
}
if (clientId != "xishuai" || clientSecret != "123")
{
context.SetError("invalid_client", "client or clientSecret is not valid");
return;
}
context.Validated();
}
public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
string clientId;
string clientSecret;
if (context.TryGetBasicCredentials(out clientId, out clientSecret) ||
context.TryGetFormCredentials(out clientId, out clientSecret))
{
var scope = context.OwinContext.GetAutofacLifetimeScope();
var clientService = scope.Resolve <IClientService>();
if (await clientService.IsValidClientAsync(clientId, clientSecret))
{
context.Validated();
}
}
}
public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
string clientId;
string clientSecret;
if (!context.TryGetBasicCredentials(out clientId, out clientSecret))
{
context.TryGetFormCredentials(out clientId, out clientSecret);
}
var client = _clientRepository.Read().FirstOrDefault(e => e.ClientId == clientId && e.ClientSecret == clientSecret);
if (client != null)
{
context.Validated();
}
}
private Task OnValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
// this method is called for "/token"
string clientId;
string clientSecret;
if (context.TryGetBasicCredentials(out clientId, out clientSecret) ||
context.TryGetFormCredentials(out clientId, out clientSecret))
{
// check clientId and clientSecret here.
context.Validated();
}
return(Task.CompletedTask);
}
/// <summary>
/// 验证 client 信息
/// </summary>
public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
string clientId;
string clientSecret;
if (!context.TryGetBasicCredentials(out clientId, out clientSecret))
{
context.TryGetFormCredentials(out clientId, out clientSecret);
}
var client = await new DictManager().GetFirstOrDefault(o => o.Code == "client");
if (client == null || clientId != client.Value || clientSecret != client.Value1)
{
context.SetError("invalid_client", "client or clientSecret is not valid");
return;
}
context.Validated();
}
public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
if (!context.TryGetBasicCredentials(out _, out _))
{
context.TryGetFormCredentials(out _, out _);
}
if (context.ClientId == null)
{
context.SetError("invalid_clientId", "ClientId should be sent.");
}
else
{
context.Validated();
}
return(Task.FromResult <object>(null));
}
/// <summary>
/// 验证客户端
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
string clientId = "";
string clientSecret = "";
if (context.Parameters["grant_type"] == "client_credentials")
{
context.TryGetFormCredentials(out clientId, out clientSecret);
if (!GetUser(clientId, clientSecret))
{
context.SetError("invalid_client", "client is not valid");
return;
}
}
context.OwinContext.Set("as:client_id", clientId);
context.Validated(clientId);
}
public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
string clientId = string.Empty;
string clientSecret = string.Empty;
string symmetricKeyAsBase64 = string.Empty;
if (!context.TryGetBasicCredentials(out clientId, out clientSecret))
{
context.TryGetFormCredentials(out clientId, out clientSecret);
}
if (context.ClientId == null)
{
context.SetError("invalid_clientId", "client_Id não pode ser nulo");
return(Task.FromResult <object>(null));
}
context.Validated();
return(Task.FromResult <object>(null));
}
public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
if (!context.TryGetBasicCredentials(out _, out _))
{
context.TryGetFormCredentials(out _, out _);
}
// Resource owner password credentials does not provide a client ID.
if (context.ClientId == null)
{
//Remove the comments from the below line context.SetError, and invalidate context
//if you want to force sending clientId/secrects once obtain access tokens.
context.Validated();
context.SetError("invalid_clientId", "ClientId should be sent.");
return(Task.FromResult <object>(null));
}
Application oAplicaciones = null;
using (var repo = new AuthRepository())
{
oAplicaciones = repo.FindAplicacion(context.ClientId);
}
if (oAplicaciones == null)
{
context.SetError("invalid_clientId", $"Application '{context.ClientId}' is not registered in the system.");
return(Task.FromResult <object>(null));
}
else
{
if (!oAplicaciones.Active)
{
context.SetError("inactive_clientId", $"Application '{oAplicaciones.Name}' is inactive in the system.");
return(Task.FromResult <object>(null));
}
}
context.OwinContext.Set <string>("as:clientAllowedOrigin", oAplicaciones.AllowedOrigin);
context.OwinContext.Set <string>("as:clientRefreshTokenLifeTime", oAplicaciones.RefreshTokenLifeTime.ToString());
context.Validated();
return(Task.FromResult <object>(null));
}
public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
await base.ValidateClientAuthentication(context);
// Resource owner password credentials does not provide a client ID.
string clientId;
string clientSecret;
if (!context.TryGetBasicCredentials(out clientId, out clientSecret))
{
context.TryGetFormCredentials(out clientId, out clientSecret);
}
if (context.ClientId == null)
{
//Remove the comments from the below line context.SetError, and invalidate context
//if you want to force sending clientId/secrects once obtain access tokens.
//context.Validated();
context.SetError("invalid_clientId", "ClientId should be sent.");
return;
}
AuthClient client = await _authClientRepository.Get(t => t.Name == context.ClientId).FirstOrDefaultAsync();
if (client == null)
{
context.SetError("invalid_clientId", $"Client '{context.ClientId}' is not registered in the system.");
return;
}
if (!client.Active)
{
context.SetError("invalid_clientId", "Client is inactive.");
return;
}
context.OwinContext.Set("as:clientAllowedOrigin", client.AllowedOrigin);
context.OwinContext.Set("as:clientRefreshTokenLifeTime", client.RefreshTokenLifeTime);
context.Validated();
}
public static Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
string clientId;
string clientSecret;
if (context.TryGetBasicCredentials(out clientId, out clientSecret) ||
context.TryGetFormCredentials(out clientId, out clientSecret))
{
var validateResult = false;
var grant_type = context.Parameters.Get("grant_type");
if (!grant_type.IsNullOrEmpty())
{
if (grant_type.Equals("refresh_token"))
{
validateResult = true;
}
if (grant_type.Equals("ssoLogin") && IocManager.Instance.IsRegistered <ISSOAuthorization>() &&
IocManager.Instance.Resolve <ISSOAuthorization>().CheckTicket(context.Parameters.Get("token"), context.Parameters.Get("username")))
{
validateResult = true;
}
if (grant_type.Equals("password") && IocManager.Instance.IsRegistered <IPasswordAuthorization>() &&
IocManager.Instance.Resolve <IPasswordAuthorization>().CheckAuthentication(context.Parameters.Get("username"), context.Parameters.Get("password")))
{
validateResult = true;
}
if (grant_type.Equals("client_credentials") && IocManager.Instance.IsRegistered <IClientAuthorization>() &&
IocManager.Instance.Resolve <IClientAuthorization>().CheckAuthentication(clientId, clientSecret))
{
validateResult = true;
}
}
if (validateResult)
{
context.Validated();
}
}
return(Task.FromResult(0));
}
public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
string clientId = string.Empty;
string clientSecret = string.Empty;
User_TuTU client = null;
if (!context.TryGetBasicCredentials(out clientId, out clientSecret))
{
context.TryGetFormCredentials(out clientId, out clientSecret);
}
if (context.ClientId == null)
{
//Remove the comments from the below line context.SetError, and invalidate context
//if you want to force sending clientId/secrects once obtain access tokens.
context.Validated();
//context.SetError("invalid_clientId", "ClientId should be sent.");
return(Task.FromResult <object>(null));
}
using (AuthRepository _repo = new AuthRepository())
{
client = _repo.FindClient(context.ClientId);
}
if (client == null)
{
context.SetError("invalid_clientId", string.Format("Client '{0}' is not registered in the system.", context.ClientId));
return(Task.FromResult <object>(null));
}
//if (!client.Active)
//{
// context.SetError("invalid_clientId", "Client is inactive.");
// return Task.FromResult<object>(null);
//}
//context.OwinContext.Set<string>("as:clientAllowedOrigin", client.AllowedOrigin);
//context.OwinContext.Set<string>("as:clientRefreshTokenLifeTime", client.RefreshTokenLifeTime.ToString());
//context.Validated();
return(Task.FromResult <object>(null));
}
/// <summary>
/// 验证 client 信息
/// 如果此方法不进行客户端校验,只依靠下面的校验,则为单纯的密码授权
/// </summary>
public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
//从用户的请求参数中获取clientId与clientsecret
string clientId;
string clientSecret;
if (!context.TryGetBasicCredentials(out clientId, out clientSecret))
{
context.TryGetFormCredentials(out clientId, out clientSecret);
}
//验证client是否存在
if (string.IsNullOrEmpty(clientId) || clientSecret != await clientServce.FindClientSecretAsync(clientId))
{
context.SetError("invalid_client", "client is not valid");
return;
}
//client存在则通过校验
context.Validated();
}