public ClientContext GetDbContext() { try { string connectionString = string.Empty; using (IMasterDbService dbService = new MasterDbService()) { connectionString = dbService.GetCompanyDetails(GetTenantId()).DatabaseConnectionString; } var client = new ClientContext(connectionString); return(client); } catch (Exception ex) { throw ex; } }
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { var form = await context.Request.ReadFormAsync(); var tenantId = form["tenantId"]; if (string.IsNullOrEmpty(tenantId)) { context.SetError("invalid_grant", "The tenant name is incorrect."); return; } else { //get tenant connection string from master database IMasterDbService dbService = new MasterDbService(); var company = dbService.GetCompanyDetails(tenantId); dbService.Dispose(); if (company == null) { context.SetError("invalid_grant", "The tenant name is incorrect."); return; } else { //Find the the user using username and password using (IUserService userService = new UserService(company.DatabaseConnectionString)) { var loggedInUser = userService.AuthernticateUser(context.UserName, context.Password); if (loggedInUser == null) { context.SetError("invalid_grant", "The user name or password is incorrect."); return; } else { var identity = new ClaimsIdentity(context.Options.AuthenticationType); identity.AddClaim(new Claim(ClaimTypes.Email, loggedInUser.Email)); identity.AddClaim(new Claim("TenantId", company.CompanyId)); var userRoles = new List <string>(); if (loggedInUser.UserLevel == 5) { identity.AddClaim(new Claim(ClaimTypes.Role, UserRole.Administrator.ToString())); userRoles.Add(UserRole.Administrator.ToString()); } //If want to extend to other user level then, need to add the role for other user types var principal = new GenericPrincipal(identity, userRoles.ToArray()); Thread.CurrentPrincipal = principal; context.Validated(identity); } } //Generate Claim } } //var userManager = context.OwinContext.GetUserManager<ApplicationUserManager>(); //ApplicationUser user = await userManager.FindAsync(context.UserName, context.Password); //if (user == null) //{ // context.SetError("invalid_grant", "The user name or password is incorrect."); // return; //} //ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(userManager, // OAuthDefaults.AuthenticationType); //ClaimsIdentity cookiesIdentity = await user.GenerateUserIdentityAsync(userManager, // CookieAuthenticationDefaults.AuthenticationType); //AuthenticationProperties properties = CreateProperties(user.UserName); //AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, properties); //context.Validated(ticket); //context.Request.Context.Authentication.SignIn(cookiesIdentity); }