public object Post(OAuthAuthenticateRequest request)
{
// check if the user is authorized
string username = request.Username;
if (username == null || !userIsAllowed(username, request.Password, out username))
{
// unauthorized
Logger.WarnFormat("Failed to authenticate user {0}", username);
Response.StatusCode = 403;
Response.StatusDescription = "Authorization failed";
Response.ApplyGlobalResponseHeaders();
Response.Write(
"<html><h1 style='margin-top: 1em'>Authorization failed for user "
+ "<b>" + request.Username + "</b>"
+ " (maybe wrong password?).</h1></html>"
);
Response.EndServiceStackRequest();
return(null);
}
// authentication successful
Logger.InfoFormat("Successfully authorized user: {0}", username);
return(TokenExchangeAfterAuthentication(username, request.Password, request.RequestToken));
}
public object Get(OAuthAuthenticateRequest request)
{
// check if the user is authorized
if (!userIsAllowed(request.Username, request.Password))
{
// unauthorized
Logger.WarnFormat("Failed to authenticate user {0}", request.Username);
Response.StatusCode = 403;
Response.StatusDescription = "Authorization failed";
Response.Write(
"<html><h1 style='margin-top: 1em'>Authorization failed for user "
+ "<b>" + request.Username + "</b>"
+ " (maybe wrong password?).</h1></html>"
);
Response.Close();
return(null);
}
// authentication successful
Logger.InfoFormat("Successfully authorized user: {0}", request.Username);
return(TokenExchangeAfterAuthentication(request.Username, request.Password, request.RequestToken));
}