/// <summary>
/// handles the authentication of the user and creates the authentication token
/// </summary>
/// <returns>nothing</returns>
/// <remarks>
/// jwames - 8/12/2014 - original code
/// </remarks>
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });
if (!ValidateApiKey(context))
{
return;
}
string errMsg = null;
// determine if we are authenticating an internal or external user
if (ProfileHelper.IsInternalAddress(context.UserName))
{
IUserDomainRepository ADRepo = GlobalConfiguration.Configuration.DependencyResolver.GetService(typeof(IUserDomainRepository)) as IUserDomainRepository;
bool success = await Task.Run <bool>(() => ADRepo.AuthenticateUser(context.UserName, context.Password, out errMsg));
if (!success)
{
context.SetError("invalid_grant", errMsg);
return;
}
}
else
{
ICustomerDomainRepository ADRepo = GlobalConfiguration.Configuration.DependencyResolver.GetService(typeof(ICustomerDomainRepository)) as ICustomerDomainRepository;
AuthenticationModel authentication = await Task.Run <AuthenticationModel>(() => ADRepo.AuthenticateUser(context.UserName, context.Password));
if (!authentication.Status.Equals(AuthenticationStatus.Successful) && !authentication.Status.Equals(AuthenticationStatus.PasswordExpired))
{
context.SetError("invalid_grant", authentication.Message);
return;
}
}
IUserProfileLogic _profileLogic = GlobalConfiguration.Configuration.DependencyResolver.GetService(typeof(IUserProfileLogic)) as IUserProfileLogic;
UserProfileReturn userReturn = await Task.Run <UserProfileReturn>(() => _profileLogic.GetUserProfile(context.UserName));
if (userReturn.UserProfiles.Count == 0)
{
context.SetError("invalid_grant", "User profile does not exist in Commerce Server");
}
else
{
_profileLogic.SetUserProfileLastLogin(userReturn.UserProfiles[0].UserId);
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
identity.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
identity.AddClaim(new Claim("name", context.UserName));
identity.AddClaim(new Claim("role", userReturn.UserProfiles[0].RoleName));
context.Validated(identity);
}
}
public AddUserToDomain(IUserDomainRepository userDomainRepository,
IUserRepository userRepository,
IDomainRepository domainRepository,
IRoleRepository roleRepository, IUnitOfWork unitOfWork)
{
this.userDomainRepository = userDomainRepository;
this.userRepository = userRepository;
this.domainRepository = domainRepository;
this.roleRepository = roleRepository;
_unitOfWork = unitOfWork;
}
public UserDomainManager(IUserDomainRepository userDomainRepository)
{
_UserDomainRepository = userDomainRepository;
}
