public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context) { string ClientSecret; string ClientId; // The TryGetBasicCredentials method checks the Authorization header and // Return the ClientId and clientSecret if (!context.TryGetBasicCredentials(out ClientId, out ClientSecret)) { context.SetError("invalid_client", "Client credentials could not be retrieved through the Authorization header."); context.Rejected(); return; } //Check the existence of by calling the ValidateClient method sp_Validate_Client_Result client = new ClientMasterRepository().ValidateClient(ClientId, ClientSecret); //result type from stored procedure sp_Validate_Client_Result if (client != null) { // Client has been verified. context.OwinContext.Set("oauth:client", client); //result type from stored procedure sp_Validate_Client_Result context.Validated(ClientId); return; } else { // Client could not be validated. context.SetError("invalid_client", "Client credentials are invalid."); context.Rejected(); } context.Validated(); }
public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context) { string clientId; string clientSecret; // The TryGetBasicCredentials method checks the Authorization header and // Return the ClientId and clientSecret if (!context.TryGetBasicCredentials(out clientId, out clientSecret)) { context.SetError("invalid_client", "Client credentials could not be retrieved through the Authorization header."); return; } //Check the existence of by calling the ValidateClient method ClientMaster client = new ClientMasterRepository().ValidateClient(clientId, clientSecret); if (client == null) { // Client could not be validated. context.SetError("invalid_client", "Client credentials are invalid."); return; } else { if (!client.Active.HasValue || !client.Active.Value) { context.SetError("invalid_client", "Client is Inactive."); return; } // Client has been verified. context.OwinContext.Set <ClientMaster>("ta:client", client); context.OwinContext.Set <string>("ta:clientAllowedOrigin", client.AllowedOrigin); context.OwinContext.Set <string>("ta:clientRefreshTokenLifeTime", client.RefreshTokenLifeTime.ToString()); context.Validated(); } context.Validated(); }