Esempio n. 1
0
        public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
        {
            context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });

            var repo = new AuthRepository(IocContainer.Get<IAuthContext>());
            Admin user = repo.FindActive(context.UserName, context.Password);
            if (user == null)
            {
                context.SetError("invalid_grant", "The user name or password is incorrect.");
                return;
            }

            ClaimsIdentity oAuthIdentity = new ApplicationIdentityUser().GenerateUserIdentity(user, AuthenticationType);
            var ticket = new AuthenticationTicket(oAuthIdentity, null);

            context.Validated(ticket);
        }
Esempio n. 2
0
        public ApiResponse<IdentityToken> UserToken(Admin admin)
        {
            var user = Context.Admins.FirstOrDefault(x => x.LoginName == admin.LoginName
                                                      && x.Password == admin.Password
                                                      && x.IsActive);
            if (user == null)
            {
                throw new UnauthorizedAccessException("");
            }

            ClaimsIdentity oAuthIdentity = new ApplicationIdentityUser().GenerateUserIdentity(user, "Jwt");
            var ticket = new AuthenticationTicket(oAuthIdentity, new AuthenticationProperties());
            var currentUtc = new SystemClock().UtcNow;
            ticket.Properties.IssuedUtc = currentUtc;
            ticket.Properties.ExpiresUtc = currentUtc.AddDays(1);

            var token = AuthConfig.OAuthServerOptions.AccessTokenFormat.Protect(ticket);

            return new ApiResponse<IdentityToken>(new IdentityToken() { AccessToken = token, ExpiresIn = (long)AuthConfig.OAuthServerOptions.AuthorizationCodeExpireTimeSpan.TotalSeconds, TokenType = AuthConfig.OAuthServerOptions.AuthenticationType});
        }