public override Task ValidateClientAuthentication( ValidateClientAuthenticationContext context) { // Since there's only one application and since it's a public client // (i.e a client that cannot keep its credentials private), call Skipped() // to inform the server the request should be accepted without // enforcing client authentication. context.Skipped(); return(Task.FromResult(0)); }
public override Task ValidateClientAuthentication(ValidateClientAuthenticationContext context) { if (context.ClientId.Equals(_securityConfig.Value.ClientId) && context.ClientSecret.Equals(_securityConfig.Value.ClientSecret)) { context.Validated(); } return(Task.FromResult <object>(null)); }
public async Task ValidateClientAuthentication(ValidateClientAuthenticationContext context) { var data = await context.HttpContext.RequestFormDataDictionaryAsync(); if (data?.ContainsKey("grant_type") == true && data["grant_type"].ToString() == "password") { context.Identity.AddClaim(new System.Security.Claims.Claim("Role", "Admin")); context.Validated(data.ContainsKey("username") ? data["username"].ToString() : string.Empty); } else { context.Rejected(); } }
public override async Task ValidateClientAuthentication(ValidateClientAuthenticationContext context) { // Note: client authentication is not mandatory for non-confidential client applications like mobile apps // (except when using the client credentials grant type) but this authorization server uses a safer policy // that makes client authentication mandatory and returns an error if client_id or client_secret is missing. // You may consider relaxing it to support the resource owner password credentials grant type // with JavaScript or desktop applications, where client credentials cannot be safely stored. // In this case, call context.Skipped() to inform the server middleware the client is not trusted. if (string.IsNullOrEmpty(context.ClientId) || string.IsNullOrEmpty(context.ClientSecret)) { context.Rejected( error: "invalid_request", description: "Missing credentials: ensure that your credentials were correctly " + "flowed in the request body or in the authorization header"); return; } var database = context.HttpContext.RequestServices.GetRequiredService <ApplicationContext>(); // Retrieve the application details corresponding to the requested client_id. var application = await(from entity in database.Applications where entity.ApplicationID == context.ClientId select entity).SingleOrDefaultAsync(context.HttpContext.RequestAborted); if (application == null) { context.Rejected( error: "invalid_client", description: "Application not found in the database: ensure that your client_id is correct"); return; } if (!string.Equals(context.ClientSecret, application.Secret, StringComparison.Ordinal)) { context.Rejected( error: "invalid_client", description: "Invalid credentials: ensure that you specified a correct client_secret"); return; } context.Validated(); }
public override Task ValidateClientAuthentication(ValidateClientAuthenticationContext context) { if (context.ClientId == "AspNetContribSample") { // Note: the context is marked as skipped instead of validated because the client // is not trusted (JavaScript applications cannot keep their credentials secret). context.Skipped(); } else { // If the client_id doesn't correspond to the // intended identifier, reject the request. context.Rejected(); } return(Task.FromResult(0)); }
/// <summary> /// Validates whether the client is a valid known application in our system. /// </summary> public override async Task ValidateClientAuthentication(ValidateClientAuthenticationContext context) { var query = new ClientValidator(context.ClientId, context.ClientSecret); var result = await ExecuteMessage(context, query); if (!result.Succeeded) { context.Rejected( error: "invalid_client", description: "Client not found in the database: ensure that your client_id is correct"); return; } context.HttpContext.Items.Add("as:clientAllowedOrigin", result.AllowedOrigin); context.Validated(); }
public override Task ValidateClientAuthentication( ValidateClientAuthenticationContext context) { context.Skipped(); return(Task.FromResult <object>(null)); }