public override void OnAuthorization(HttpActionContext actionContext)
        {
            if (actionContext.Request.Headers.Authorization == null)
            {
                actionContext.Response = actionContext.Request
                                         .CreateResponse(HttpStatusCode.Unauthorized);
            }
            else
            {
                //çasfjdçjsfllçfjlkf
                string authenticationToken = actionContext.Request
                                             .Headers.Authorization.Parameter;
                //macoratti:numsey
                string decodedAuthenticationToken = Encoding.UTF8.GetString(
                    Convert.FromBase64String(authenticationToken));

                string[] usernamePassordArray = decodedAuthenticationToken.Split(':');

                string username = usernamePassordArray[0];
                string password = usernamePassordArray[1];

                if (FuncionariosSeguranca.Login(username, password))
                {
                    Thread.CurrentPrincipal = new GenericPrincipal(
                        new GenericIdentity(username), null);
                }
                else
                {
                    actionContext.Response = actionContext.Request
                                             .CreateResponse(HttpStatusCode.Unauthorized);
                }
            }
        }
Esempio n. 2
0
 public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
 {
     if (FuncionariosSeguranca.Login(context.UserName, context.Password))
     {
         var identity = new ClaimsIdentity(context.Options.AuthenticationType);
         identity.AddClaim(new Claim("sub", context.UserName));
         identity.AddClaim(new Claim("role", "user"));
         context.Validated(identity);
     }
     else
     {
         context.SetError("acesso inválido", "As credenciais do usuário não conferem....");
         return;
     }
 }