public override Task ValidateTokenRequest(OAuthValidateTokenRequestContext context) { var _userAccountService = UserAccountServiceFactory.Create(); if (context.TokenRequest.IsResourceOwnerPasswordCredentialsGrantType) { if (_userAccountService.Authenticate(context.TokenRequest.ResourceOwnerPasswordCredentialsGrant.Scope[0], context.TokenRequest.ResourceOwnerPasswordCredentialsGrant.UserName, context.TokenRequest.ResourceOwnerPasswordCredentialsGrant.Password)) { context.Validated(); } } if (context.TokenRequest.IsRefreshTokenGrantType) { var token = context.TokenRequest.Parameters.Get("refresh_token"); if (!string.IsNullOrEmpty(token)) { context.Validated(); } } return(Task.FromResult <object>(null)); }
public override Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { var _userAccountService = UserAccountServiceFactory.Create(); var allowedOrigin = context.OwinContext.Get <string>("as:clientAllowedOrigin"); if (allowedOrigin == null) { allowedOrigin = "*"; } context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin }); UserAccount user; if (_userAccountService.Authenticate(context.Scope.FirstOrDefault(), context.UserName, context.Password, out user)) { var claims = user.GetAllClaims(); var id = new ClaimsIdentity(claims, "MembershipReboot"); // create metadata to pass on to refresh token provider var props = new AuthenticationProperties(new Dictionary <string, string> { { "as:client_id", context.ClientId } }); var ticket = new AuthenticationTicket(id, props); context.Validated(ticket); } return(base.GrantResourceOwnerCredentials(context)); }
//private readonly UserAccountService _userAccountService; //public MembershipRebootOAuthAuthorizationServerProvider(UserAccountService userAccountService) //{ // _userAccountService = userAccountService; //} public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context) { var _userAccountService = UserAccountServiceFactory.Create(); string cid, csecret; if (context.TryGetBasicCredentials(out cid, out csecret)) { if (_userAccountService.Authenticate("clients", cid, csecret)) { context.OwinContext.Set <string>("as:client_id", cid); context.Validated(); } } context.OwinContext.Set <string>("as:clientAllowedOrigin", "*"); return(Task.FromResult <object>(null)); }
// For more information on configuring authentication, please visit http://go.microsoft.com/fwlink/?LinkId=301864 public void ConfigureAuth(IAppBuilder app) { // Configure the db context and user manager to use a single instance per request //app.CreatePerOwinContext(ApplicationDbContext.Create); //app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create); //// Enable the application to use a cookie to store information for the signed in user //// and to use a cookie to temporarily store information about a user logging in with a third party login provider //app.UseCookieAuthentication(new CookieAuthenticationOptions()); //app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie); //// Configure the application for OAuth based flow //PublicClientId = "self"; //OAuthOptions = new OAuthAuthorizationServerOptions //{ // TokenEndpointPath = new PathString("/Token"), // Provider = new ApplicationOAuthProvider(PublicClientId), // AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"), // AccessTokenExpireTimeSpan = TimeSpan.FromDays(14), // AllowInsecureHttp = true //}; //// Enable the application to use bearer tokens to authenticate users //app.UseOAuthBearerTokens(OAuthOptions); // Uncomment the following lines to enable logging in with third party login providers //app.UseMicrosoftAccountAuthentication( // clientId: "", // clientSecret: ""); //app.UseTwitterAuthentication( // consumerKey: "", // consumerSecret: ""); //app.UseFacebookAuthentication( // appId: "", // appSecret: ""); //app.UseGoogleAuthentication(new GoogleOAuth2AuthenticationOptions() //{ // ClientId = "", // ClientSecret = "" //}); // This must come first to intercept the /Token requests app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll); var oauthServerConfig = new OAuthAuthorizationServerOptions { AllowInsecureHttp = AuthenticationConstants.AllowInsecureHttp, TokenEndpointPath = new PathString("/token"), AccessTokenExpireTimeSpan = SecurityTokenConstants.TokenLifeTime, Provider = new MembershipRebootOAuthAuthorizationServerProvider(), RefreshTokenProvider = new MembershipRebootOAuthAuthorizationServerRefreshTokenProvider() }; app.UseOAuthAuthorizationServer(oauthServerConfig); var oauthConfig = new OAuthBearerAuthenticationOptions { AuthenticationMode = AuthenticationMode.Active, AuthenticationType = AuthenticationConstants.BearerAuthType }; app.UseOAuthBearerAuthentication(oauthConfig); app.UseBasicAuthentication(new BasicAuthenticationOptions("qssolutions.net", UserAccountServiceFactory.Create()) { AuthenticationType = AuthenticationConstants.BasicAuthType, AuthenticationMode = AuthenticationMode.Active }); }