public async Task <IActionResult> Token([FromBody] ResourceOwnerPasswordCredentialsGrantRequestModel model)
{
if ("password".Equals(model.GrantType, StringComparison.OrdinalIgnoreCase))
{
var signinCommand = new PasswordAuthenticateCommand
{
UserName = model.UserName,
Password = model.Password
};
var authResult = await _sagaBus.InvokeAsync <PasswordAuthenticateCommand, AuthenticationResult>(signinCommand);
if (!authResult.IsCredentialVaild)
{
return(Unauthorized());
}
var authorizeCommand = new ResourceOwnerPasswordCredentialsGrantCommand
{
ClientId = model.ClientId,
UserName = authResult.User.UserName,
ClientSecret = model.ClientSecret,
ScopeNames = model.Scope.Split(' ')
};
var oauthResult = await _sagaBus.InvokeAsync <ResourceOwnerPasswordCredentialsGrantCommand, OAuth20Result>(authorizeCommand);
switch (oauthResult.State)
{
case OAuth20State.Finished:
return(Ok(TokenResponseModel.FromOAuth20Result(oauthResult)));
default:
return(BadRequest());
}
}
return(BadRequest());
}
public async Task <IActionResult> SignIn([FromForm] OAuthSignInModel model)
{
Guid sagaId;
var context = _dataProtector.Unprotect(model.ProtectedOAuthContext);
if (!Guid.TryParse(context, out sagaId))
{
return(BadRequest());
}
var command = new PasswordAuthenticateCommand
{
UserName = model.UserName,
Password = model.Password
};
var authResult = await _sagaBus.InvokeAsync <PasswordAuthenticateCommand, AuthenticationResult>(command);
if (!authResult.IsCredentialVaild)
{
ModelState.AddModelError(nameof(OAuthSignInModel.UserName), "Invaild user name");
ModelState.AddModelError(nameof(OAuthSignInModel.Password), "Or invaild password");
return(View("SignIn"));
}
await _signinService.CookieSignInAsync(AuthenticationSchemes.OAuth20Cookie, authResult.User, model.RememberMe);
var message = new OAuth20SignInMessage(sagaId)
{
UserName = model.UserName,
};
var oauth20Result = await _sagaBus.SendAsync <OAuth20SignInMessage, OAuth20Result>(message);
switch (oauth20Result.State)
{
case OAuth20State.RequirePermissionGrant:
return(PermissionGrantView(oauth20Result));
case OAuth20State.AuthorizationCodeGenerated:
return(AuthorizationCodeRedirect(oauth20Result));
case OAuth20State.Finished:
return(ImplictRedirect(oauth20Result));
default:
return(BadRequest());
}
}
public async Task <IActionResult> SignIn([FromForm] SignInViewModel model)
{
var command = new PasswordAuthenticateCommand
{
UserName = model.UserName,
Password = model.Password
};
var authResult = await _sagaBus.InvokeAsync <PasswordAuthenticateCommand, AuthenticationResult>(command);
if (!authResult.IsCredentialVaild)
{
ModelState.AddModelError(nameof(SignInViewModel.UserName), "Invaild user name");
ModelState.AddModelError(nameof(SignInViewModel.Password), "Or invaild password");
return(View("SignIn"));
}
await _signinService.CookieSignInAsync(AuthenticationSchemes.PortalCookie, authResult.User, model.RememberMe);
return(Redirect(model.ReturnUrl));
}
