/// <summary> /// Validate user /// </summary> public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" }); using (var repository = new UserProvider()) { var identity = await repository.FindUser(context.UserName, context.Password, context.Options.AuthenticationType); if (identity == null) { context.SetError("invalid_grant", "The user name or password is incorrect."); return; } var claimCollections = new Dictionary<string, string>(); var fullName = identity.Claims.SingleOrDefault(arg => arg.Type == SecurityGlobal.FullNameClaim); var groups = identity.Claims.Where(arg => arg.Type == SecurityGlobal.UserGroupClaim); if (fullName != null) { claimCollections.Add(fullName.Type, fullName.Value); } foreach (var group in groups) { claimCollections.Add(group.Type, group.Value); } HttpContext.Current.GetOwinContext().Authentication.SignIn(new AuthenticationProperties { ExpiresUtc = TokenLifeSpan.Expiry }, identity); var ticketProperties = new AuthenticationProperties(claimCollections); var ticket = new AuthenticationTicket(identity, ticketProperties); context.Validated(ticket); } }
/// <summary> /// Contructor instantiate a user repository oject /// </summary> public AccountController(IUserGroupManager userGroupManager) { _userProvider = new UserProvider(); _userGroupManager = userGroupManager; }