public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
string clientId = string.Empty;
string clientSecret = string.Empty;
var ClientID = context.ClientId;
//var ClientSecret = context.
// The TryGetBasicCredentials method checks the Authorization header and
// Return the ClientId and clientSecret
if (!context.TryGetBasicCredentials(out clientId, out clientSecret))
{
context.SetError("invalid_client", "Client credentials could not be retrieved through the Authorization header.");
context.Rejected();
return;
}
//Check the existence of by calling the ValidateClient method
ClientMaster client = (new ClientMasterRepository()).ValidateClient(clientId, clientSecret);
if (client != null)
{
// Client has been verified.
context.OwinContext.Set <ClientMaster>("oauth:client", client);
context.Validated(clientId);
}
else
{
// Client could not be validated.
context.SetError("invalid_client", "Client credentials are invalid.");
context.Rejected();
}
context.Validated();
}
/*
* public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
* {
* using (UserMasterRepository _repo = new UserMasterRepository())
* {
* var user = _repo.ValidateUser(context.UserName, context.Password);
* if (user == null)
* {
* context.SetError("invalid_grant", "Provided username and password is incorrect");
* return;
* }
* var identity = new ClaimsIdentity(context.Options.AuthenticationType);
* identity.AddClaim(new Claim(ClaimTypes.Role, user.UserRoles));
* identity.AddClaim(new Claim(ClaimTypes.Name, user.UserName));
* identity.AddClaim(new Claim("Email", user.UserEmailID));
* context.Validated(identity);
* }
* }
*/
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
ClientMaster client = context.OwinContext.Get <ClientMaster>("ta:client");
var allowedOrigin = context.OwinContext.Get <string>("ta:clientAllowedOrigin");
if (allowedOrigin == null)
{
allowedOrigin = "*";
}
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin });
UserMaster user = null;
using (UserMasterRepository _repo = new UserMasterRepository())
{
user = _repo.ValidateUser(context.UserName, context.Password);
if (user == null)
{
context.SetError("invalid_grant", "Provided username and password is incorrect");
return;
}
}
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
identity.AddClaim(new Claim(ClaimTypes.Role, user.UserRoles));
identity.AddClaim(new Claim(ClaimTypes.Name, user.UserName));
identity.AddClaim(new Claim("Email", user.UserEmailID));
var props = new AuthenticationProperties(new Dictionary <string, string>
{
{
"client_id", (context.ClientId == null) ? string.Empty : context.ClientId
},
{
"userName", context.UserName
}
});
var ticket = new AuthenticationTicket(identity, props);
context.Validated(ticket);
}
/*
* public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
* {
* string clientId = string.Empty;
* string clientSecret = string.Empty;
* // The TryGetBasicCredentials method checks the Authorization header and
* // Return the ClientId and clientSecret
* if (!context.TryGetBasicCredentials(out clientId, out clientSecret))
* {
* context.SetError("invalid_client", "Client credentials could not be retrieved through the Authorization header.");
* context.Rejected();
* return;
* }
* //Check the existence of by calling the ValidateClient method
* ClientMaster client = (new ClientMasterRepository()).ValidateClient(clientId, clientSecret);
* if (client != null)
* {
* // Client has been verified.
* context.OwinContext.Set<ClientMaster>("oauth:client", client);
* context.Validated(clientId);
* }
* else
* {
* // Client could not be validated.
* context.SetError("invalid_client", "Client credentials are invalid.");
* context.Rejected();
* }
* context.Validated();
* }*/
public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
string clientId = string.Empty;
string clientSecret = string.Empty;
// The TryGetBasicCredentials method checks the Authorization header and
// Return the ClientId and clientSecret
if (!context.TryGetBasicCredentials(out clientId, out clientSecret))
{
context.SetError("invalid_client", "Client credentials could not be retrieved through the Authorization header.");
return(Task.FromResult <object>(null));
}
//Check the existence of by calling the ValidateClient method
ClientMaster client = (new ClientMasterRepository()).ValidateClient(clientId, clientSecret);
if (client == null)
{
// Client could not be validated.
context.SetError("invalid_client", "Client credentials are invalid.");
return(Task.FromResult <object>(null));
}
else
{
if (!client.Active)
{
context.SetError("invalid_client", "Client is inactive.");
return(Task.FromResult <object>(null));
}
// Client has been verified.
context.OwinContext.Set <ClientMaster>("ta:client", client);
context.OwinContext.Set <string>("ta:clientAllowedOrigin", client.AllowedOrigin);
context.OwinContext.Set <string>("ta:clientRefreshTokenLifeTime", client.RefreshTokenLifeTime.ToString());
context.Validated();
return(Task.FromResult <object>(null));
}
}
