public async Task ReceiveAsync(AuthenticationTokenReceiveContext context)
{
//PIN lockout not yet implemented. Might integrated with account lockout or its own thing
//Uncomment this to accept a post parameter called "pin"
//IFormCollection form = await context.Request.ReadFormAsync();
//string submittedPin = form["PIN"];
if (!String.IsNullOrEmpty(context.Token))
{
Guid refreshToken = Guid.Parse(context.Token);
if (refreshToken != null)
{
ApplicationDbContext dbContext = context.OwinContext.Get <ApplicationDbContext>();
OAuthSession oauthSession = dbContext.OAuthSessions.SingleOrDefault(oas => oas.RefreshToken == refreshToken);
OAuthClient oauthClient = context.OwinContext.Get <OAuthClient>(NicksApplicationOAuthProvider.OwinClientKey);
if (oauthSession != null && oauthClient != null && oauthSession.ClientId == oauthClient.Id && oauthClient.OrganizationId == oauthSession.OrganizationId && oauthSession.IsRefreshTokenValid(refreshToken, Startup.RefreshTokenTimeSpan))
{
ApplicationUserManager userManager = context.OwinContext.GetUserManager <ApplicationUserManager>();
ApplicationUser user = await userManager.FindByIdAsync(oauthSession.UserId);
//Uncomment this and the closing brace to verify the PIN hash referenced above
//if (userManager.PasswordHasher.VerifyHashedPassword(user.PINHash,submittedPin) == PasswordVerificationResult.Success)
//{
context.OwinContext.Set <ApplicationUser>(NicksApplicationOAuthProvider.OwinUserKey, user);
ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(userManager, OAuthDefaults.AuthenticationType);
IDictionary <string, string> properties = new Dictionary <string, string> {
{ "userName", user.UserName }
};
AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, new AuthenticationProperties(properties));
ticket.Properties.IssuedUtc = DateTimeOffset.UtcNow;
ticket.Properties.ExpiresUtc = DateTimeOffset.UtcNow.Add(Startup.OAuthOptions.AccessTokenExpireTimeSpan);
context.SetTicket(ticket);
//}
}
}
}
}
