C# (CSharp) IClientAuthorizationService.ValidateClientAuthorizationSecretAsyncの例

コード例 #1

        /// <summary>
        /// 验证Client Credentials[client_id与client_secret]
        /// </summary>
        /// <param name="context"></param>
        /// <returns></returns>
        public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
        {
            //http://localhost:48339/token
            //grant_type=client_credentials&client_id=irving&client_secret=123456&scope=user order

            /*
             * grant_type     授与方式（固定为 “client_credentials”）
             * client_id       分配的调用oauth的应用端ID
             * client_secret  分配的调用oaut的应用端Secret
             * scope           授权权限。以空格分隔的权限列表，若不传递此参数，代表请求用户的默认权限
             */
            //validate client credentials should be stored securely (salted, hashed, iterated)
            string clientId;
            string clientSecret;

            //context.TryGetBasicCredentials(out clientId, out clientSecret);
            context.TryGetFormCredentials(out clientId, out clientSecret);
            //验证用户名密码
            var clientValid = await _clientAuthorizationService.ValidateClientAuthorizationSecretAsync(clientId, clientSecret);

            if (!clientValid)
            {
                //Flurl 404 问题
                //context.Response.StatusCode = Convert.ToInt32(HttpStatusCode.OK);
                //context.Rejected();
                context.SetError(AbpConstants.InvalidClient, AbpConstants.InvalidClientErrorDescription);
                return;
            }
            //need to make the client_id available for later security checks
            context.OwinContext.Set <string>("as:client_id", clientId);
            context.Validated(clientId);
        }

コード例 #2

ファイル: PasswordAuthorizationServerProvider.cs プロジェクト: yuzuruqyhe/App.WebAPI

        /// <summary>
        /// 验证客户端 [Authorization Basic Base64(clientId:clientSecret)|Authorization: Basic 5zsd8ewF0MqapsWmDwFmQmeF0Mf2gJkW]
        /// </summary>
        /// <param name="context"></param>
        /// <returns></returns>
        public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
        {
            //validate client credentials should be stored securely (salted, hashed, iterated)
            string clientId;
            string clientSecret;

            context.TryGetBasicCredentials(out clientId, out clientSecret);
            var clientValid = await _clientAuthorizationService.ValidateClientAuthorizationSecretAsync(clientId, clientSecret);

            if (!clientValid)
            {
                //context.Rejected();
                context.SetError(AbpConstants.InvalidClient, AbpConstants.InvalidClientErrorDescription);
                return;
            }
            //need to make the client_id available for later security checks
            context.OwinContext.Set <string>("as:client_id", clientId);
            context.OwinContext.Set <string>("as:refresh_token_time", "36000");
            context.Validated(clientId);
        }