Exemplo n.º 1
0
        /// <summary>
        /// Called when a request to the Token endpoint arrives with a "grant_type" of "password". This occurs when the user
        ///     has provided name and password
        ///     credentials directly into the client application's user interface, and the client application is using those to
        ///     acquire an "access_token" and
        ///     optional "refresh_token". If the web application supports the
        ///     resource owner credentials grant type it must validate the context.Username and context.Password as appropriate. To
        ///     issue an
        ///     access token the context.Validated must be called with a new ticket containing the claims about the resource owner
        ///     which should be associated
        ///     with the access token. The application should take appropriate measures to ensure that the endpoint isn’t abused by
        ///     malicious callers.
        ///     The default behavior is to reject this grant type.
        ///     See also http://tools.ietf.org/html/rfc6749#section-4.3.2
        /// </summary>
        /// <param name="context">
        /// The context of the event carries information in and results out.
        /// </param>
        /// <returns>
        /// Task to enable asynchronous execution
        /// </returns>
        public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
        {
            var identity =
                (await
                 _userIdentityRepository.GetUsersIdentities(
                     new QueryOptions <UserIdentity> {
                Filter = user => user.LoginEmail == context.UserName
            }))
                .FirstOrDefault();

            if (identity == null ||
                !HashHelper.VerifyHashedPassword(identity.HashedPassword, context.Password, identity.HashType) ||
                !String.IsNullOrEmpty(identity.EmailConfirmationCode))
            {
                context.Rejected();
                return;
            }

            var id = new ClaimsIdentity(context.Options.AuthenticationType);

            id.AddClaim(new Claim(ClaimTypes.Sid, identity.Id));
            context.Validated(id);
        }
Exemplo n.º 2
0
 /// <summary>
 ///     Gets the user's identities.
 /// </summary>
 /// <param name="options">The options.</param>
 /// <returns>Task{IEnumerable{UserIdentity}}.</returns>
 public Task <IEnumerable <UserIdentity> > GetUsersIdentities(QueryOptions <UserIdentity> options = null)
 {
     return(_identityRepository.GetUsersIdentities(options));
 }