public override async Task GrantResourceOwnerCredentials(
OAuthGrantResourceOwnerCredentialsContext context)
{
// Retrieve user from database:
var store = new MyUserStore(new ApplicationDbContext());
var user = await store.FindByEmailAsync(context.UserName);
// Validate user/password:
if(user == null || !store.PasswordIsValid(user, context.Password))
{
context.SetError(
"invalid_grant", "The user name or password is incorrect.");
context.Rejected();
return;
}
// Add claims associated with this user to the ClaimsIdentity object:
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
foreach(var userClaim in user.Claims)
{
identity.AddClaim(new Claim(userClaim.ClaimType, userClaim.ClaimValue));
}
context.Validated(identity);
}
protected async override void Seed(ApplicationDbContext context)
{
context.Companies.Add(new Company {
Name = "Microsoft"
});
context.Companies.Add(new Company {
Name = "Apple"
});
context.Companies.Add(new Company {
Name = "Google"
});
context.SaveChanges();
// Set up two initial users with different role claims:
var dino = new MyUser {
Email = "*****@*****.**"
};
var dino2 = new MyUser {
Email = "*****@*****.**"
};
dino.Claims.Add(new MyUserClaim {
ClaimType = ClaimTypes.Name, UserId = dino.Id, ClaimValue = dino.Email
});
dino.Claims.Add(new MyUserClaim {
ClaimType = ClaimTypes.Role, UserId = dino.Id, ClaimValue = "Admin"
});
dino2.Claims.Add(new MyUserClaim {
ClaimType = ClaimTypes.Name, UserId = dino2.Id, ClaimValue = dino2.Email
});
dino2.Claims.Add(new MyUserClaim {
ClaimType = ClaimTypes.Role, UserId = dino2.Id, ClaimValue = "User"
});
var store = new MyUserStore(context);
await store.AddUserAsync(dino, "DinosPassword");
await store.AddUserAsync(dino2, "Dino2sPassword");
}
protected async override void Seed(ApplicationDbContext context)
{
context.Companies.Add(new Company {
Name = "Microsoft"
});
context.Companies.Add(new Company {
Name = "Apple"
});
context.Companies.Add(new Company {
Name = "Google"
});
context.SaveChanges();
// Set up two initial users with different role claims:
var john = new MyUser {
Email = "*****@*****.**"
};
var jimi = new MyUser {
Email = "*****@*****.**"
};
john.Claims.Add(new MyUserClaim {
ClaimType = ClaimTypes.Name, UserId = john.Id, ClaimValue = john.Email
});
john.Claims.Add(new MyUserClaim {
ClaimType = ClaimTypes.Role, UserId = john.Id, ClaimValue = "Admin"
});
jimi.Claims.Add(new MyUserClaim {
ClaimType = ClaimTypes.Name, UserId = jimi.Id, ClaimValue = jimi.Email
});
jimi.Claims.Add(new MyUserClaim {
ClaimType = ClaimTypes.Role, UserId = john.Id, ClaimValue = "User"
});
var store = new MyUserStore(context);
await store.AddUserAsync(john, "JohnsPassword");
await store.AddUserAsync(jimi, "JimisPassword");
}
