Esempio n. 1
0
        public override Task ValidateTokenRequest(OAuthValidateTokenRequestContext context)
        {
            var _userAccountService = UserAccountServiceFactory.Create();

            if (context.TokenRequest.IsResourceOwnerPasswordCredentialsGrantType)
            {
                if (_userAccountService.Authenticate(context.TokenRequest.ResourceOwnerPasswordCredentialsGrant.Scope[0],
                                                     context.TokenRequest.ResourceOwnerPasswordCredentialsGrant.UserName,
                                                     context.TokenRequest.ResourceOwnerPasswordCredentialsGrant.Password))
                {
                    context.Validated();
                }
            }

            if (context.TokenRequest.IsRefreshTokenGrantType)
            {
                var token = context.TokenRequest.Parameters.Get("refresh_token");
                if (!string.IsNullOrEmpty(token))
                {
                    context.Validated();
                }
            }

            return(Task.FromResult <object>(null));
        }
Esempio n. 2
0
        public override Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
        {
            var _userAccountService = UserAccountServiceFactory.Create();
            var allowedOrigin       = context.OwinContext.Get <string>("as:clientAllowedOrigin");

            if (allowedOrigin == null)
            {
                allowedOrigin = "*";
            }

            context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin });

            UserAccount user;

            if (_userAccountService.Authenticate(context.Scope.FirstOrDefault(), context.UserName, context.Password, out user))
            {
                var claims = user.GetAllClaims();
                var id     = new ClaimsIdentity(claims, "MembershipReboot");

                // create metadata to pass on to refresh token provider
                var props = new AuthenticationProperties(new Dictionary <string, string>
                {
                    { "as:client_id", context.ClientId }
                });

                var ticket = new AuthenticationTicket(id, props);
                context.Validated(ticket);
            }

            return(base.GrantResourceOwnerCredentials(context));
        }
Esempio n. 3
0
        //private readonly UserAccountService _userAccountService;

        //public MembershipRebootOAuthAuthorizationServerProvider(UserAccountService userAccountService)
        //{
        //    _userAccountService = userAccountService;
        //}

        public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
        {
            var    _userAccountService = UserAccountServiceFactory.Create();
            string cid, csecret;

            if (context.TryGetBasicCredentials(out cid, out csecret))
            {
                if (_userAccountService.Authenticate("clients", cid, csecret))
                {
                    context.OwinContext.Set <string>("as:client_id", cid);
                    context.Validated();
                }
            }

            context.OwinContext.Set <string>("as:clientAllowedOrigin", "*");

            return(Task.FromResult <object>(null));
        }
Esempio n. 4
0
        // For more information on configuring authentication, please visit http://go.microsoft.com/fwlink/?LinkId=301864
        public void ConfigureAuth(IAppBuilder app)
        {
            // Configure the db context and user manager to use a single instance per request
            //app.CreatePerOwinContext(ApplicationDbContext.Create);
            //app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);

            //// Enable the application to use a cookie to store information for the signed in user
            //// and to use a cookie to temporarily store information about a user logging in with a third party login provider
            //app.UseCookieAuthentication(new CookieAuthenticationOptions());
            //app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);

            //// Configure the application for OAuth based flow
            //PublicClientId = "self";
            //OAuthOptions = new OAuthAuthorizationServerOptions
            //{
            //    TokenEndpointPath = new PathString("/Token"),
            //    Provider = new ApplicationOAuthProvider(PublicClientId),
            //    AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"),
            //    AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
            //    AllowInsecureHttp = true
            //};

            //// Enable the application to use bearer tokens to authenticate users
            //app.UseOAuthBearerTokens(OAuthOptions);

            // Uncomment the following lines to enable logging in with third party login providers
            //app.UseMicrosoftAccountAuthentication(
            //    clientId: "",
            //    clientSecret: "");

            //app.UseTwitterAuthentication(
            //    consumerKey: "",
            //    consumerSecret: "");

            //app.UseFacebookAuthentication(
            //    appId: "",
            //    appSecret: "");

            //app.UseGoogleAuthentication(new GoogleOAuth2AuthenticationOptions()
            //{
            //    ClientId = "",
            //    ClientSecret = ""
            //});

            // This must come first to intercept the /Token requests
            app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll);

            var oauthServerConfig = new OAuthAuthorizationServerOptions
            {
                AllowInsecureHttp         = AuthenticationConstants.AllowInsecureHttp,
                TokenEndpointPath         = new PathString("/token"),
                AccessTokenExpireTimeSpan = SecurityTokenConstants.TokenLifeTime,
                Provider             = new MembershipRebootOAuthAuthorizationServerProvider(),
                RefreshTokenProvider = new MembershipRebootOAuthAuthorizationServerRefreshTokenProvider()
            };

            app.UseOAuthAuthorizationServer(oauthServerConfig);

            var oauthConfig = new OAuthBearerAuthenticationOptions
            {
                AuthenticationMode = AuthenticationMode.Active,
                AuthenticationType = AuthenticationConstants.BearerAuthType
            };

            app.UseOAuthBearerAuthentication(oauthConfig);

            app.UseBasicAuthentication(new BasicAuthenticationOptions("qssolutions.net", UserAccountServiceFactory.Create())
            {
                AuthenticationType = AuthenticationConstants.BasicAuthType,
                AuthenticationMode = AuthenticationMode.Active
            });
        }