/// <summary>
/// The GrantResourceOwnerCredentials method defines the custom validation scheme for user credentials.
/// </summary>
/// <param name="context">OAuthGrantResourceOwnerCredentials context parameter</param>
/// <returns>The Task that completes the request.</returns>
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
// Get the Endpoint of the web service for user credential validation
string url = WebConfigurationManager.AppSettings[Constants.Authentication.WebServiceKey];
// Call the web service
AuthenticateUserRequestData requestData = new AuthenticateUserRequestData();
requestData.UserName = context.UserName;
requestData.ApiKey = context.Password;
requestData.AnetAccountType = 'M';
ANetApiWebService authWS = new ANetApiWebService();
authWS.Url = url;
AuthenticateUserResponseData authenticationResponse = authWS.AuthenticateUser(requestData);
if (!authenticationResponse.Successful)
{
// No user with userName/password exists.
context.SetError(Constants.Authentication.OAuthErrorType, Constants.Authentication.OAuthErrorMessage);
return;
}
// Generate the claims for the validated user
ClaimsIdentity oauthIdentity = new ClaimsIdentity(OAuthDefaults.AuthenticationType, context.UserName, "User");
ClaimsIdentity cookiesIdentity = new ClaimsIdentity(CookieAuthenticationDefaults.AuthenticationType, context.UserName, "User");
AuthenticationProperties properties = CreateProperties(context.UserName);
AuthenticationTicket ticket = new AuthenticationTicket(oauthIdentity, properties);
context.Validated(ticket);
context.Request.Context.Authentication.SignIn(cookiesIdentity);
}
/// <inheritdoc />
protected override async Task<IPrincipal> AuthenticateAsync(string userName, string password, CancellationToken cancellationToken)
{
cancellationToken.ThrowIfCancellationRequested();
// Get the Endpoint of the web service for user credential validation
string url = WebConfigurationManager.AppSettings[Constants.Authentication.WebServiceKey];
// Call the web service
AuthenticateUserRequestData requestData = new AuthenticateUserRequestData();
requestData.UserName = userName;
requestData.ApiKey = password;
requestData.AnetAccountType = 'M';
ANetApiWebService authWS = new ANetApiWebService();
authWS.Url = url;
AuthenticateUserResponseData authenticationResponse = authWS.AuthenticateUser(requestData);
if (!authenticationResponse.Successful)
{
// No user with userName/password exists.
return null;
}
// Create a ClaimsIdentity with all the claims for this user.
cancellationToken.ThrowIfCancellationRequested(); // Unfortunately, IClaimsIdenityFactory doesn't support CancellationTokens.
ClaimsIdentity identity = new ClaimsIdentity(Constants.ClaimsIdentity.AuthenticationType, userName, Constants.ClaimsIdentity.RoleType);
return new ClaimsPrincipal(identity);
}
/// <remarks/>
public void AuthenticateUserAsync(AuthenticateUserRequestData request) {
this.AuthenticateUserAsync(request, null);
}
/// <remarks/>
public void AuthenticateUserAsync(AuthenticateUserRequestData request, object userState) {
if ((this.AuthenticateUserOperationCompleted == null)) {
this.AuthenticateUserOperationCompleted = new System.Threading.SendOrPostCallback(this.OnAuthenticateUserOperationCompleted);
}
this.InvokeAsync("AuthenticateUser", new object[] {
request}, this.AuthenticateUserOperationCompleted, userState);
}
public AuthenticateUserResponseData AuthenticateUser(AuthenticateUserRequestData request) {
object[] results = this.Invoke("AuthenticateUser", new object[] {
request});
return ((AuthenticateUserResponseData)(results[0]));
}