public static bool IsValidClient(this HttpRequestMessage request) { var headerValue = request.GetHeader("Authorization"); if (headerValue == null) { return(false); } if (headerValue.Contains(":")) { var arr = headerValue.Split(':'); if (arr.Length > 1) { var clientId = arr[0]; var clientSecret = arr[1]; var objModel = new OauthUserModel(); if (!(clientId == $"Basic {objModel.OauthClient}" && clientSecret == objModel.OauthClientSecret)) { return(false); } } else { return(false); } } else { return(false); } return(true); }
//public static OAuthAuthorizationServerOptions OAuthOptions { get; private set; } //public static string PublicClientId { get; private set; } // For more information on configuring authentication, please visit http://go.microsoft.com/fwlink/?LinkId=301864 public void ConfigureAuth(IAppBuilder app) { app.CreatePerOwinContext(ApplicationDbContext.Create); app.CreatePerOwinContext <ApplicationUserManager>(ApplicationUserManager.Create); app.CreatePerOwinContext <ApplicationRoleManager>(ApplicationRoleManager.Create); app.CreatePerOwinContext <ApplicationSignInManager>(ApplicationSignInManager.Create); app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie); // Enables the application to temporarily store user information when they are verifying the second factor in the two-factor authentication process. app.UseTwoFactorSignInCookie(DefaultAuthenticationTypes.TwoFactorCookie, TimeSpan.FromMinutes(5)); // Enables the application to remember the second login verification factor such as phone or email. // Once you check this option, your second step of verification during the login process will be remembered on the device where you logged in from. // This is similar to the RememberMe option when you log in. app.UseTwoFactorRememberBrowserCookie(DefaultAuthenticationTypes.TwoFactorRememberBrowserCookie); var objModel = new OauthUserModel(); // token generation app.UseOAuthAuthorizationServer(new OAuthAuthorizationServerOptions { // for demo purposes true AllowInsecureHttp = true, TokenEndpointPath = new PathString("/token"), AccessTokenExpireTimeSpan = TimeSpan.FromSeconds(objModel.OauthAccessTokenExpireSeconds), Provider = new SimpleAuthorizationServerProvider() }); // token consumption app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions()); }
public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context) { var objModel = new OauthUserModel(); context.Validated(); string clientId; string clientSecret; context.TryGetFormCredentials(out clientId, out clientSecret); if (clientId == objModel.OauthClient && clientSecret == objModel.OauthClientSecret) { context.Validated(clientId); } else { context.Rejected(); } return(base.ValidateClientAuthentication(context)); }