/// <summary>
/// Called for each request to the Token endpoint to determine if the request is valid and should continue.
/// The default behavior when using the OAuthAuthorizationServerProvider is to assume well-formed requests, with
/// validated client credentials, should continue processing. An application may add any additional constraints.
/// </summary>
/// <param name="context">The context of the event carries information in and results out.</param>
/// <returns>Task to enable asynchronous execution</returns>
public override async Task ValidateTokenRequest(OAuthValidateTokenRequestContext context)
{
this.options.Logger.Debug("Token request is valid");
// Store grant type in context
context.OwinContext.GetOAuthContext().GrantType = context.TokenRequest.GrantType;
context.Validated();
}
/// <summary>
/// 验证 access_token 的请求
/// </summary>
public override async Task ValidateTokenRequest(OAuthValidateTokenRequestContext context)
{
if (context.TokenRequest.IsAuthorizationCodeGrantType || context.TokenRequest.IsRefreshTokenGrantType)
{
context.Validated();
}
else
{
context.Rejected();
}
}
public override async Task ValidateTokenRequest(OAuthValidateTokenRequestContext context)
{
// valide la requète de token
// dans note cas on accepte les requètes de type "authorize code" et "refresh_token"
if (context.TokenRequest.IsAuthorizationCodeGrantType || context.TokenRequest.IsRefreshTokenGrantType)
{
context.Validated();
}
else
{
context.Rejected();
}
}
/// <summary>
/// 验证 access_token 的请求
/// </summary>
public override Task ValidateTokenRequest(OAuthValidateTokenRequestContext context)
{
if (context.TokenRequest.IsAuthorizationCodeGrantType || context.TokenRequest.IsClientCredentialsGrantType || context.TokenRequest.IsRefreshTokenGrantType || context.TokenRequest.IsResourceOwnerPasswordCredentialsGrantType)
{
context.Validated();
}
else
{
context.Rejected();
}
return(Task.FromResult <object>(null));
}
/// <summary>
/// 验证 access_token 的请求
/// </summary>
public override async Task ValidateTokenRequest(OAuthValidateTokenRequestContext context)
{
if (context.TokenRequest.IsAuthorizationCodeGrantType ||
context.TokenRequest.IsRefreshTokenGrantType ||
context.TokenRequest.IsResourceOwnerPasswordCredentialsGrantType ||
context.TokenRequest.IsClientCredentialsGrantType)
{
context.Validated();
}
else
{
context.Rejected();
}
}
public override Task ValidateTokenRequest(OAuthValidateTokenRequestContext context)
{
if (context.TokenRequest.IsResourceOwnerPasswordCredentialsGrantType)
{
var svc = context.OwinContext.Environment.GetUserAccountService <UserAccount>();
var client = svc.GetByUsername("clients", context.ClientContext.ClientId);
var scopes = context.TokenRequest.ResourceOwnerPasswordCredentialsGrant.Scope;
if (scopes.All(scope => client.HasClaim("scope", scope)))
{
context.Validated();
}
}
return(Task.FromResult <object>(null));
}
/// <summary>
/// 验证Token请求,限制授权模式
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
public override Task ValidateTokenRequest(OAuthValidateTokenRequestContext context)
{
//设置暂时只支持密码模式
if (context.TokenRequest.IsResourceOwnerPasswordCredentialsGrantType)
{
context.Validated();
}
else
{
context.Rejected();
return(Task.FromResult <object>(null));
}
return(base.ValidateTokenRequest(context));
}
public override async Task ValidateTokenRequest(OAuthValidateTokenRequestContext context)
{
if (!ObjectId.TryParse(context.ClientContext.ClientId, out var mongoObjectId))
{
context.SetError("invalid_request");
return;
}
var client = await _clientManager.FindClientByIdAsync(context.ClientContext.ClientId);
if (client == null)
{
context.SetError("invalid_client");
}
else
{
context.Validated();
}
}
public override Task ValidateTokenRequest(OAuthValidateTokenRequestContext context)
{
if (context.TokenRequest.IsResourceOwnerPasswordCredentialsGrantType)
{
var svc = context.OwinContext.Environment.GetUserAccountService <UserAccount>();
//var client = svc.GetByUsername("users", context.Request.ReadFormAsync().Result["username"]);
//var scopes = context.TokenRequest.ResourceOwnerPasswordCredentialsGrant.Scope;
//if (scopes.All(scope=>client.HasClaim("role", "people")))
//{
// context.Validated();
//}
/* Custom validation for authenticated client to request access token */
var client = svc.GetByUsername(context.TokenRequest.ResourceOwnerPasswordCredentialsGrant.UserName);
if (svc.Authenticate("users", context.TokenRequest.ResourceOwnerPasswordCredentialsGrant.UserName, context.TokenRequest.ResourceOwnerPasswordCredentialsGrant.Password))
{
context.Validated();
}
}
return(Task.FromResult <object>(null));
}
/// <summary>
/// 验证 access_token 的请求
/// </summary>
public override async Task ValidateTokenRequest(OAuthValidateTokenRequestContext context)
{
logger.Debug("ValidateTokenRequest");
if (
context.TokenRequest.IsAuthorizationCodeGrantType ||
context.TokenRequest.IsClientCredentialsGrantType ||
context.TokenRequest.IsRefreshTokenGrantType ||
context.TokenRequest.IsResourceOwnerPasswordCredentialsGrantType
)
{
/*
* Marks this context as validated by the application. IsValidated becomes true
* and HasError becomes false as a result of calling.
*/
var validateResult = await Task.FromResult(context.Validated());
}
else
{
context.Rejected();
}
}
public override Task ValidateTokenRequest(OAuthValidateTokenRequestContext context)
{
context.Validated();
return(base.ValidateTokenRequest(context));
}
/// <summary>
/// 验证令牌
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
public override Task ValidateTokenRequest(OAuthValidateTokenRequestContext context)
{
context.Validated();
return(Task.FromResult <object>(context));
}
public override async Task ValidateTokenRequest(OAuthValidateTokenRequestContext context)
{
// valide la requète de token
// dans note cas on accepte les requètes de type "authorize code" et "refresh_token"
if (context.TokenRequest.IsAuthorizationCodeGrantType || context.TokenRequest.IsRefreshTokenGrantType)
{
context.Validated();
}
else
{
context.Rejected();
}
}
public override Task ValidateTokenRequest(OAuthValidateTokenRequestContext context)
{
if (context.TokenRequest.IsResourceOwnerPasswordCredentialsGrantType)
{
var svc = context.OwinContext.Environment.GetUserAccountService<UserAccount>();
var client = svc.GetByUsername("clients", context.ClientContext.ClientId);
var scopes = context.TokenRequest.ResourceOwnerPasswordCredentialsGrant.Scope;
if (scopes.All(scope=>client.HasClaim("scope", scope)))
{
context.Validated();
}
}
return Task.FromResult<object>(null);
}
public override async Task ValidateTokenRequest(OAuthValidateTokenRequestContext context)
{
await Task.FromResult(context.Validated());
}
public override Task ValidateTokenRequest(OAuthValidateTokenRequestContext context)
{
if (context.TokenRequest.IsResourceOwnerPasswordCredentialsGrantType)
{
var svc = context.OwinContext.Environment.GetUserAccountService<UserAccount>();
//var client = svc.GetByUsername("users", context.Request.ReadFormAsync().Result["username"]);
//var scopes = context.TokenRequest.ResourceOwnerPasswordCredentialsGrant.Scope;
//if (scopes.All(scope=>client.HasClaim("role", "people")))
//{
// context.Validated();
//}
/* Custom validation for authenticated client to request access token */
var client = svc.GetByUsername(context.TokenRequest.ResourceOwnerPasswordCredentialsGrant.UserName);
if (svc.Authenticate("users", context.TokenRequest.ResourceOwnerPasswordCredentialsGrant.UserName, context.TokenRequest.ResourceOwnerPasswordCredentialsGrant.Password))
{
context.Validated();
}
}
return Task.FromResult<object>(null);
}