private Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" }); string encodedPassword = Convert.ToBase64String(Encoding.UTF8.GetBytes(context.Password)); if (_userProfile.CheckUserValidation(context.UserName, encodedPassword)) { ClaimsIdentity oAuthIdentity = new ClaimsIdentity(new GenericIdentity(context.UserName, context.Options.AuthenticationType), context.Scope.Select(x => new Claim("urn: oauth:scope", x))); oAuthIdentity.AddClaim(new Claim("user", context.UserName, DefaultAuthenticationTypes.ExternalBearer)); context.Validated(oAuthIdentity); FormsAuthenticationTicket ticket = new FormsAuthenticationTicket( 1, context.UserName, DateTime.Now, DateTime.Now.AddHours(3), true, encodedPassword, FormsAuthentication.FormsCookiePath ); string encodedTicket = FormsAuthentication.Encrypt(ticket); var cookies = new HttpCookie(FormsAuthentication.FormsCookieName, encodedTicket); cookies.HttpOnly = true; HttpContext.Current.Response.Cookies.Add(cookies); //context.Response.Headers.Add("AuthorizationToken", new[] { "*" }); } else { context.SetError("invalid_grant", "Username or Password is invalid!"); } return(Task.FromResult(0)); }
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { var allowedOrigin = "*"; context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin }); UserProfile _userProfile = new UserProfile(); string encodedPwd = Convert.ToBase64String(Encoding.UTF8.GetBytes(context.Password)); if (!_userProfile.CheckUserValidation(context.UserName, encodedPwd)) { context.SetError("invalid_grant", "The Username or Password is invalid"); return; } var identity = new ClaimsIdentity("JWT"); identity.AddClaim(new Claim(ClaimTypes.Name, context.UserName)); identity.AddClaim(new Claim("sub", context.UserName)); identity.AddClaim(new Claim(ClaimTypes.Role, "Manager")); identity.AddClaim(new Claim(ClaimTypes.Role, "Supervisor")); var props = new AuthenticationProperties(new Dictionary <string, string> { { "audience", (context.ClientId == null) ? string.Empty : context.ClientId } }); var ticket = new AuthenticationTicket(identity, props); context.Validated(ticket); return; //var userManager = context.OwinContext.GetUserManager<ApplicationUserManager>(); //ApplicationUser user = await userManager.FindAsync(context.UserName, context.Password); //if(user == null) //{ // context.SetError("invalid_grant", "The Username or password is incorrect"); // return; //} //ClaimsIdentity oauthIdentity = await user.GenerateUserIdentityAsync(userManager, "JWT"); //var ticket = new AuthenticationTicket(oauthIdentity, null); //context.Validated(ticket); }