public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context) {
string clientIdValue = string.Empty;
string clientSecret = string.Empty;
int clientId = 0;
if (!context.TryGetBasicCredentials(out clientIdValue, out clientSecret)) {
context.TryGetFormCredentials(out clientIdValue, out clientSecret);
}
if (string.IsNullOrWhiteSpace(clientIdValue)) {
context.SetError("invalid_clientId", "Client id should be sent");
return;
}
if (!int.TryParse(clientIdValue, out clientId)) {
context.SetError("invalid_clientId", "Client id is invalid");
return;
}
var authenticationClient = new AuthenticationClient();
var client = await authenticationClient.GetClient(new GetClientRequest { ClientId = clientId });
if (client == null || !client.IsSuccess || client.Client == null) {
context.SetError("invalid_clientId", string.Format("Client '{0}' is not registered in the system", clientId));
return;
}
if (client.Client.ApplicationType == ApplicationType.NativeConfidential) {
if (string.IsNullOrWhiteSpace(clientSecret)) {
context.SetError("invalid_clientId", "Client secret should be sent");
return;
} else if (!PasswordHelper.VerifyPassword(clientSecret, client.Client.Secret)) {
context.SetError("invalid_clientId", "Client secret is invalid");
return;
}
if (!client.Client.Active) {
context.SetError("invalid_cliendId", "Client is inactive");
return;
}
}
context.OwinContext.Set<string>("as:clientAllowedOrigin", client.Client.AllowedOrigin);
context.OwinContext.Set<string>("as:clientRefreshTokenLifeTime", client.Client.RefreshTokenLifeTime.ToString());
context.Validated();
}
