private Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });
string encodedPassword = Convert.ToBase64String(Encoding.UTF8.GetBytes(context.Password));
if (_userProfile.CheckUserValidation(context.UserName, encodedPassword))
{
ClaimsIdentity oAuthIdentity = new ClaimsIdentity(new GenericIdentity(context.UserName, context.Options.AuthenticationType), context.Scope.Select(x => new Claim("urn: oauth:scope", x)));
oAuthIdentity.AddClaim(new Claim("user", context.UserName, DefaultAuthenticationTypes.ExternalBearer));
context.Validated(oAuthIdentity);
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1,
context.UserName,
DateTime.Now,
DateTime.Now.AddHours(3),
true,
encodedPassword,
FormsAuthentication.FormsCookiePath
);
string encodedTicket = FormsAuthentication.Encrypt(ticket);
var cookies = new HttpCookie(FormsAuthentication.FormsCookieName, encodedTicket);
cookies.HttpOnly = true;
HttpContext.Current.Response.Cookies.Add(cookies);
//context.Response.Headers.Add("AuthorizationToken", new[] { "*" });
}
else
{
context.SetError("invalid_grant", "Username or Password is invalid!");
}
return(Task.FromResult(0));
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
var allowedOrigin = "*";
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin });
UserProfile _userProfile = new UserProfile();
string encodedPwd = Convert.ToBase64String(Encoding.UTF8.GetBytes(context.Password));
if (!_userProfile.CheckUserValidation(context.UserName, encodedPwd))
{
context.SetError("invalid_grant", "The Username or Password is invalid");
return;
}
var identity = new ClaimsIdentity("JWT");
identity.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
identity.AddClaim(new Claim("sub", context.UserName));
identity.AddClaim(new Claim(ClaimTypes.Role, "Manager"));
identity.AddClaim(new Claim(ClaimTypes.Role, "Supervisor"));
var props = new AuthenticationProperties(new Dictionary <string, string>
{
{
"audience", (context.ClientId == null) ? string.Empty : context.ClientId
}
});
var ticket = new AuthenticationTicket(identity, props);
context.Validated(ticket);
return;
//var userManager = context.OwinContext.GetUserManager<ApplicationUserManager>();
//ApplicationUser user = await userManager.FindAsync(context.UserName, context.Password);
//if(user == null)
//{
// context.SetError("invalid_grant", "The Username or password is incorrect");
// return;
//}
//ClaimsIdentity oauthIdentity = await user.GenerateUserIdentityAsync(userManager, "JWT");
//var ticket = new AuthenticationTicket(oauthIdentity, null);
//context.Validated(ticket);
}
