Exemplo n.º 1
0
        public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
        {
            //this will enable cors
            context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });

            using (var authRepository = new AuthorizationRepository())
            {
                var user = await authRepository.FindUser(context.UserName, context.Password);

                if (user == null)
                {
                    context.SetError("invalid_grant", "username or password is incorrect");
                }
                else
                {
                    var props = new AuthenticationProperties(new Dictionary <string, string>
                    {
                        {
                            "username", user.ChirpName
                        }
                    });
                    //Grabs user token
                    var token = new ClaimsIdentity(context.Options.AuthenticationType); //type - bearer
                    token.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
                    token.AddClaim(new Claim(ClaimTypes.Role, "user"));
                    //Provides Auth Ticket for the user
                    var ticket = new AuthenticationTicket(token, props);
                    context.Validated(ticket);
                }
            }
        }
        public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
        {
            //Allow cors specifically for OAuth and authenticating users
            context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });
            {
                //Find user based on username and password in auth repository
                using (var authorizationRepository = new AuthorizationRepository())
                {
                    var user = await authorizationRepository.FindUser(context.UserName, context.Password);

                    //Throw error if no user found
                    if (user == null)
                    {
                        context.SetError("invalid_grant", "username or password is incorrect");
                    }
                    else
                    {
                        //Create a token and add some claims - name, role, and authorization type
                        var token = new ClaimsIdentity(context.Options.AuthenticationType);
                        token.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
                        token.AddClaim(new Claim(ClaimTypes.Role, "user"));

                        context.Validated(token);
                    }
                }
            }
        }
        public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
        {
            context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });

            using (var authRepository = new AuthorizationRepository())
            {
                var user = await authRepository.FindUser(context.UserName, context.Password);

                if (user == null)
                {
                    context.SetError("invalid_grant", "username or password is incorrect");
                }
                else
                {
                    var token = new ClaimsIdentity(context.Options.AuthenticationType);
                    token.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
                    token.AddClaim(new Claim(ClaimTypes.Role, "user"));

                    context.Validated(token);
                }
            }
        }