public override async Task GrantCustomExtension(OAuthGrantCustomExtensionContext context) { if (context.GrantType != "anonymous") { return; } var db = new KiwiContext(); var protectedToken = HttpServerUtility.UrlTokenDecode(context.Parameters.Get("token")); if (protectedToken == null) { return; } var anonymousToken = Encoding.UTF8.GetString(MachineKey.Unprotect(protectedToken)); var tokenArray = anonymousToken.Split('‼'); var reportId = Int32.Parse(tokenArray[0]); var time = DateTime.Parse(tokenArray[1]); if (tokenArray.Count() != 2 && reportId != 0 && time != new DateTime()) { context.SetError("invalid_grant", "This token is invalid"); return; } if (time < DateTime.Now) { context.SetError("invalid_grant", "This token has expired"); return; } if (await db.Reports.FindAsync(reportId) == null) { context.SetError("invalid_grant", "No report found with that ID"); return; } var identity = new ClaimsIdentity(context.Options.AuthenticationType); identity.AddClaim(new Claim(ClaimTypes.Role, "Anonymous")); identity.AddClaim(new Claim("reportId", reportId.ToString())); identity.AddClaim(new Claim("is_anonymous", "true")); // token for reporting users should be valid for 10 minutes //context.Options.AccessTokenExpireTimeSpan = new TimeSpan(0, 10, 0); context.Validated(identity); }
public override async Task GrantCustomExtension(OAuthGrantCustomExtensionContext context) { if (context.GrantType != "anonymous") { return; } var db = new KiwiContext(); var protectedToken = HttpServerUtility.UrlTokenDecode(context.Parameters.Get("token")); if (protectedToken == null) { return; } var anonymousToken = Encoding.UTF8.GetString(MachineKey.Unprotect(protectedToken)); var tokenArray = anonymousToken.Split('‼'); var reportId = Int32.Parse(tokenArray[0]); var time = DateTime.Parse(tokenArray[1]); if (tokenArray.Length != 2 && reportId != 0 && time != new DateTime()) { context.SetError("invalid_grant", "This token is invalid"); return; } if (time < DateTime.Now) { context.SetError("invalid_grant", "This token has expired"); return; } if (await db.Reports.FindAsync(reportId) == null) { context.SetError("invalid_grant", "No report found with that ID"); return; } var identity = new ClaimsIdentity(context.Options.AuthenticationType); identity.AddClaim(new Claim(ClaimTypes.Role, "Anonymous")); identity.AddClaim(new Claim("reportId", reportId.ToString())); identity.AddClaim(new Claim("is_anonymous", "true")); // token for reporting users should be valid for 10 minutes //context.Options.AccessTokenExpireTimeSpan = new TimeSpan(0, 10, 0); context.Validated(identity); }
public AuthRepository() { _ctx = new KiwiContext(); _userManager = new UserManager<IdentityUser>(new UserStore<IdentityUser>(_ctx)); }
public AuthRepository() { _ctx = new KiwiContext(); _userManager = new UserManager <IdentityUser>(new UserStore <IdentityUser>(_ctx)); }