internal static async Task WriteTo(IOwinResponse response, ResponsePayload payload)
{
var payloadAsJson = JsonConvert.SerializeObject(new { token = payload.Token },
JsonSerializerSettingsFactory.CreateDefault());
response.ContentType = "application/json";
var writer = new StreamWriter(response.Body);
await writer.WriteAsync(payloadAsJson);
await writer.FlushAsync();
}
internal static async Task Handle(IOwinContext context, JwtTokenIssuerOptions options)
{
if (!RequestValidator.HasValidHeaders(context.Request))
{
context.Response.StatusCode = 400; // bad request
return;
}
// get request payload (a username/password object)
var requestPayload = await RequestReader.ReadFrom(context.Request);
if (requestPayload == null)
{
context.Response.StatusCode = 400; // bad request
return;
}
// authenticate
var claims = Authenticate(options, requestPayload).ToList();
if (!claims.Any())
{
// no claims means not authenticated, return 400
context.Response.StatusCode = 400; //todo: which status code to return?
return;
}
// create JWT token
var token = CreateToken(claims, options);
// create response
var responsePayload = new ResponsePayload
{
Token = token
};
await ResponseWriter.WriteTo(context.Response, responsePayload);
}
