public async Task ValidateAsync(ExtensionGrantValidationContext context) { var phone = context.Request.Raw["phone"]; var authCode = context.Request.Raw["authCode"]; var errorValidationResult = new GrantValidationResult(TokenRequestErrors.InvalidGrant); //检测是否为空 if (string.IsNullOrEmpty(phone) || string.IsNullOrEmpty(authCode)) { context.Result = errorValidationResult; return; } //验证码 if (!await authCodeService.Validate(phone, authCode)) { context.Result = errorValidationResult; return; } //完成用户注册 int userId = await userService.CheckOrCreate(phone); if (userId <= 0) { context.Result = errorValidationResult; return; } context.Result = new GrantValidationResult(userId.ToString(), GrantType); }
public async Task ValidateAsync(ExtensionGrantValidationContext context) { var phone = context.Request.Raw.Get("phone"); var authCode = context.Request.Raw.Get("auth_code"); var errorResult = new GrantValidationResult(TokenRequestErrors.InvalidGrant); if (phone.IsNullOrEmpty() || authCode.IsNullOrEmpty()) { context.Result = errorResult; return; } if (!_authService.Validate(phone, authCode)) { context.Result = errorResult; return; } var userId = await _userService.CheckOrCreate(phone); if (userId <= 0) { context.Result = errorResult; return; } context.Result = new GrantValidationResult(userId.ToString(), GrantType); return; }
public async Task ValidateAsync(ExtensionGrantValidationContext context) { var partner = context.Request.Raw["auth_partner"]; //wechat alipay var authCode = context.Request.Raw["partner_auth_code"]; //合作方授权码 var errorvalidationResult = new GrantValidationResult(TokenRequestErrors.InvalidGrant); if (string.IsNullOrWhiteSpace(partner) || string.IsNullOrWhiteSpace(authCode)) { context.Result = errorvalidationResult; return; } var obj = await _userServiceProxy.VerifyCookAppPartnerLoginUserByAuthCode(authCode); if (obj == null) { context.Result = errorvalidationResult; return; } context.Result = new GrantValidationResult( subject: obj.PartnerKey, authenticationMethod: "custom", claims: new Claim[] { new Claim("UserId", obj.Id), new Claim("Name", obj.PartnerKey), new Claim("NickName", obj.PartnerKey) } ); }
public async Task ValidateAsync(ExtensionGrantValidationContext context) { var phone = context.Request.Raw["phone"]; var code = context.Request.Raw["auth_code"]; var errorValidationResult = new GrantValidationResult(TokenRequestErrors.InvalidGrant); if (string.IsNullOrWhiteSpace(phone) || string.IsNullOrWhiteSpace(code)) { context.Result = errorValidationResult; return; } //检查验证码 if (!_authCodeService.Validate(phone, code)) { context.Result = errorValidationResult; return; } //完成用户注册 var userInfo = await _userService.CheckOrCreateAsync(phone); if (userInfo == null) { context.Result = errorValidationResult; return; } var claims = new Claim[] { new Claim("name", userInfo.Name ?? string.Empty), new Claim("company", userInfo.Company ?? string.Empty), new Claim("title", userInfo.Title ?? string.Empty), new Claim("avatar", userInfo.Avatar ?? string.Empty) }; context.Result = new GrantValidationResult(userInfo.userID.ToString(), GrantType, claims); }
public async Task ValidateAsync(ExtensionGrantValidationContext context) { var phone = context.Request.Raw["phone"]; var code = context.Request.Raw["code"]; var result = new GrantValidationResult(TokenRequestErrors.InvalidGrant); if (string.IsNullOrWhiteSpace(phone) || string.IsNullOrWhiteSpace(code)) { context.Result = result; return; } if (!await _codeService.ValidateAsync(phone, code)) { context.Result = result; return; } var identity = await _userService.ValidateAsync(phone); if (identity == null) { context.Result = result; return; } var claims = new Claim[] { new Claim("phone", identity.Phone), new Claim("name", identity.Name) }; context.Result = new GrantValidationResult(identity.Id.ToString(), GrantType, claims); }
public async Task ValidateAsync(ExtensionGrantValidationContext context) { var userName = context.Request.Raw["userName"]; var password = context.Request.Raw["password"]; GrantValidationResult erroValidationResult = new GrantValidationResult(TokenRequestErrors.InvalidGrant); if (string.IsNullOrWhiteSpace(userName) || string.IsNullOrWhiteSpace(password)) { context.Result = erroValidationResult; return; } if (!_validService.VaildUserName(userName)) { context.Result = erroValidationResult; return; } var userIdentityInfo = await _userService.CheckByPassword(userName, password); if (userIdentityInfo == null) { context.Result = erroValidationResult; return; } var claims = new Claim[] { new Claim("UserBasicInfoId", userIdentityInfo.UserBasicInfoId.ToString() ?? string.Empty), new Claim("UserName", userIdentityInfo.UserName ?? string.Empty), new Claim("RoleType", userIdentityInfo.RoleType.ToString() ?? string.Empty) }; context.Result = new GrantValidationResult(userIdentityInfo.UserId.ToString(), GrantType, claims); }
public async Task ValidateAsync(ResourceOwnerPasswordValidationContext context) { var invalidCredentialsResult = new GrantValidationResult(TokenRequestErrors.InvalidTarget, "Invalid credentials"); var getAccountResult = await _accountGetterService.GetByEmailAsync(context.UserName); if (!getAccountResult.Success) { context.Result = invalidCredentialsResult; return; } var accountCanBeAuthenticatedResult = _accountVerificationService.VerifyAccountCanBeAuthenticated(getAccountResult.Value, context.Password); if (!accountCanBeAuthenticatedResult.Success) { var error = accountCanBeAuthenticatedResult.Errors.Single(); context.Result = error.ErrorCode.Equals(AccountErrorCodeEnumeration.PasswordIsNotSet) || error.ErrorCode.Equals(AccountErrorCodeEnumeration.IncorrectPassword) ? invalidCredentialsResult : new GrantValidationResult(TokenRequestErrors.InvalidTarget, error.ErrorMessage); return; } var claims = await _accountClaimsCreatorService.CreateAccountClaimsAsync(getAccountResult.Value); context.Result = new GrantValidationResult(getAccountResult.Value.Id.ToString(), context.Request.GrantType, claims); }
public async Task ValidateAsync_Should_Set_Fail_GrantValidationResult_When_Account_Does_Not_Exist() { var errors = new Collection <IError> { new Error(AccountErrorCodeEnumeration.NotFound, AccountErrorMessage.NotFound) }; var getAccountResult = GetResult <Account> .Fail(errors); var context = new ResourceOwnerPasswordValidationContext { Request = new ValidatedTokenRequest { GrantType = GrantType.ResourceOwnerPassword } }; var expectedResult = new GrantValidationResult(TokenRequestErrors.InvalidTarget, "Invalid credentials"); _accountGetterServiceMock.Setup(x => x.GetByEmailAsync(It.IsAny <string>())) .ReturnsAsync(getAccountResult); Func <Task> result = async() => await _resourceOwnerPasswordValidator.ValidateAsync(context); await result.Should().NotThrowAsync <Exception>(); context.Result.Should().BeEquivalentTo(expectedResult); }
public async Task ValidateAsync(ExtensionGrantValidationContext context) { var phone = context.Request.Raw["phone"]; var sms_code = context.Request.Raw["auth_code"]; var validationResult = new GrantValidationResult(TokenRequestErrors.InvalidGrant); if (string.IsNullOrEmpty(phone) || string.IsNullOrEmpty(sms_code)) { context.Result = validationResult; return; } if (!authCodeService.Validate(phone, sms_code)) { context.Result = validationResult; return; } int userId = await userService.CheckOrCreate(phone); if (userId <= 0) { context.Result = validationResult; return; } context.Result = new GrantValidationResult(userId.ToString(), GrantType); }
public async Task ValidateAsync(ExtensionGrantValidationContext context) { var phone = context.Request.Raw["phone"]; var code = context.Request.Raw["auth_code"]; var errorValidationResult = new GrantValidationResult(TokenRequestErrors.InvalidGrant); if (string.IsNullOrWhiteSpace(phone) || string.IsNullOrWhiteSpace(code)) { context.Result = errorValidationResult; return; } //检查验证码 if (!_authCodeService.Validate(phone, code)) { context.Result = errorValidationResult; return; } var userId = _userServices.CheckOrCreate(phone); if (userId <= 0) { context.Result = errorValidationResult; return; } context.Result = new GrantValidationResult(userId.ToString(), GrantType); }
public async Task ValidateAsync(ExtensionGrantValidationContext context) { string phone = context.Request.Raw["phone"]; string code = context.Request.Raw["code"]; var ErrorGrantValidationResult = new GrantValidationResult(TokenRequestErrors.InvalidGrant); if (string.IsNullOrWhiteSpace(phone) || string.IsNullOrWhiteSpace(code)) { context.Result = ErrorGrantValidationResult; return; } var Teacher = await _UserService.Teacher_LoginBySms(phone, code); if (Teacher == null) { context.Result = ErrorGrantValidationResult; return; } var claims = new List <Claim>() { new Claim("role", "teacher") }; context.Result = new GrantValidationResult(Teacher.ID, GrantType, claims); }
public Task ValidateAsync(ExtensionGrantValidationContext context) { var userName = context.Request.Raw.Get("czar_name"); var userPassword = context.Request.Raw.Get("czar_password"); if (string.IsNullOrEmpty(userName) || string.IsNullOrEmpty(userPassword)) { context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant); } //校验登录 var result = userName == userPassword; if (result != true) { context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant); } //添加指定的claims GrantValidationResult grantValidationResult = new GrantValidationResult( subject: userName, authenticationMethod: GrantType, claims: new List <Claim>() { new Claim("pwd", userPassword) }); context.Result = grantValidationResult; return(Task.CompletedTask); }
public async Task ValidateAsync(ExtensionGrantValidationContext context) { var phone = context.Request.Raw["phone"]; var code = context.Request.Raw["auth_code"]; var errorValidationResult = new GrantValidationResult(TokenRequestErrors.InvalidClient); if (string.IsNullOrEmpty(phone) || string.IsNullOrEmpty(code)) { context.Result = errorValidationResult; return; } //验证手机号码 //创建用户 await Task.Delay(1); var claims = new Claim[] { new Claim("UserName", "Adamson"), new Claim("Phone", "15295758935") }; context.Result = new GrantValidationResult("userid", GrantType, claims); }
public async Task ValidateAsync(ExtensionGrantValidationContext context) { var tel = context.Request.Raw["tel"]; var code = context.Request.Raw["auth_code"]; var errorValidationResult = new GrantValidationResult(TokenRequestErrors.InvalidGrant); if (string.IsNullOrEmpty(tel) || string.IsNullOrEmpty(code)) { context.Result = errorValidationResult; } if (!_authCodeService.Validate(tel, code)) { context.Result = errorValidationResult; } var userInfo = await _userService.CheckOrCreate(tel); if (userInfo == null) { context.Result = errorValidationResult; } var claims = new Claim[] { new Claim("name", userInfo.Name ?? string.Empty), new Claim("company", userInfo.Company ?? string.Empty), new Claim("title", userInfo.Title ?? string.Empty), new Claim("avatar", userInfo.Avatar ?? string.Empty), }; var grantResult = new GrantValidationResult(userInfo.Id.ToString(), GrantType, claims); context.Result = grantResult; }
public async Task ValidateAsync(ExtensionGrantValidationContext context) { string phone = context.Request.Raw["phone"]; string code = context.Request.Raw["code"]; var ErrorGrantValidationResult = new GrantValidationResult(TokenRequestErrors.InvalidGrant); if (string.IsNullOrWhiteSpace(phone) || string.IsNullOrWhiteSpace(code)) { context.Result = ErrorGrantValidationResult; return; } var student = await _UserService.Student_LoginBySms(phone, code); if (student == null) { context.Result = ErrorGrantValidationResult; return; } var claims = new List <Claim>() { new Claim("role", "student") }; var tokenlist = _persistedGrantDbContext.PersistedGrants.Where(vn => vn.SubjectId == student.ID).ToList(); _persistedGrantDbContext.PersistedGrants.RemoveRange(tokenlist); await _persistedGrantDbContext.SaveChangesAsync(); context.Result = new GrantValidationResult(student.ID, GrantType, claims); }
public void InitialData() { this.passwordValidator = new ResourceOwnerPasswordValidator(userStore); this.userWithoutClaims = new User { Id = "1", Nickname = "gustavo.matos", Username = "******", Roles = new List <string> { "Admin", "Analyst" }, Email = "*****@*****.**", Password = "******" }; this.userWitHashedPassword = new User { Id = "1", Nickname = "gustavo.matos", Username = "******", Roles = new List <string> { "Admin", "Analyst" }, Email = "*****@*****.**", Password = BCrypt.Net.BCrypt.HashPassword("123456") }; this.userWithClaims = new User { Id = "1", Nickname = "gustavo.matos", Username = "******", Roles = new List <string> { "Admin", "Analyst" }, Email = "*****@*****.**", Password = BCrypt.Net.BCrypt.HashPassword("123456"), Claims = new Dictionary <string, IEnumerable <string> >() { { "TESTE", new List <string>() { "Hahahah" } } } }; this.grantValidationResultError = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "invalid_user_credentials"); this.grantValidationResultWhenExceptionIsThrown = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "user_validation_error"); this.additionalInfoResult = new GrantValidationResult( subject: userWithClaims.Id, authenticationMethod: "custom", claims: ResourceOwnerPasswordValidator.GetUserClaims(userWithClaims) ); }
public async Task ValidateAsync(ExtensionGrantValidationContext context) { var phone = context.Request.Raw["phone"]; //手机号 var code = context.Request.Raw["mobile_verify_code"]; //验证码 if (phone == "18621685194" && code == "8888") { context.Result = new GrantValidationResult( subject: phone, authenticationMethod: "custom", claims: new Claim[] { new Claim("user_id", "888"), new Claim("user_name", "18621685194"), new Claim("mobile", "18621685194"), new Claim("email", "*****@*****.**") } ); return; } var errorvalidationResult = new GrantValidationResult(TokenRequestErrors.InvalidGrant); if (string.IsNullOrWhiteSpace(phone) || string.IsNullOrWhiteSpace(code)) { context.Result = errorvalidationResult; return; } var verification = await _verificationServiceProxy.GetVerification(BizCode.Login, phone); if (verification == null) { context.Result = errorvalidationResult; return; } var result = await _userServiceProxy.GetUser(phone); if (result == null) { await _userServiceProxy.AddUser(phone, null, phone, null, null); } context.Result = new GrantValidationResult( subject: phone, authenticationMethod: "custom", claims: new Claim[] { new Claim("user_id", ""), new Claim("user_name", phone), new Claim("mobile", phone), new Claim("email", "") } ); }
private GrantValidationResult BuildErrorResult(StsAccountStatusCode statusCode, string description = null) { var result = new GrantValidationResult(TokenRequestErrors.InvalidGrant) { CustomResponse = new Dictionary <string, object>() { { StsLoginStatus.LoginStatusSymbol, statusCode }, { StsLoginStatus.LoginStatusDescriptionSymbol, description == null?statusCode.ToDescription() : description } } }; return(result); }
public async Task ValidateAsync(ExtensionGrantValidationContext context) { string phone = context.Request.Raw["Phone"]; string pwd = context.Request.Raw["PassWord"]; string code = context.Request.Raw["AuthCode"]; var errorValidationResult = new GrantValidationResult(TokenRequestErrors.InvalidGrant); if (string.IsNullOrWhiteSpace(phone) || string.IsNullOrWhiteSpace(code) || string.IsNullOrWhiteSpace(pwd)) { context.Result = errorValidationResult; return; } Regex Reg_phone = new Regex(@"^((13[0-9])|(14[5|7])|(15([0-9]))|(17[0-9])|(18[0-9])|(19[0-9]))\d{8}$"); if (!Reg_phone.IsMatch(phone)) { context.Result = errorValidationResult; return; } if (!_authcodeServices.Validate(phone, code)) { context.Result = errorValidationResult; return; } var userInfo = await _userServices.CreateOrCheck(new Models.Users.UserInfo { UserName = phone, UserPassword = pwd, Phone = phone }); if (userInfo == null) { context.Result = errorValidationResult; return; } Claim[] claims = new Claim[] { new Claim("name", userInfo.Name ?? string.Empty), new Claim("title", userInfo.Title ?? string.Empty), new Claim("company", userInfo.Company ?? string.Empty), new Claim("avatar", userInfo.Avatar ?? string.Empty), }; context.Result = new GrantValidationResult(userInfo.UserId.ToString(), GrantType, claims); }
public Task ValidateAsync(ResourceOwnerPasswordValidationContext context) { if (false) //验证成功 { context.Result = new GrantValidationResult(TokenRequestErrors.InvalidClient, "invalid grant"); return(Task.FromResult(0)); } var _rel = new GrantValidationResult(new Dictionary <string, object>() { //需要返回的Claim ,GetUserClaim(context); }); context.Result = _rel; //认证成功 return(Task.FromResult(1)); }
public async Task ValidateAsync(ResourceOwnerPasswordValidationContext context) { ClaimsIdentity userIdentity = new ClaimsIdentity(); DateTime epoch = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc); userIdentity.AddClaim(new Claim(JwtClaimTypes.Subject, "sub")); userIdentity.AddClaim(new Claim(JwtClaimTypes.IdentityProvider, "homekuru")); userIdentity.AddClaim(new Claim(JwtClaimTypes.AuthenticationMethod, "password")); userIdentity.AddClaim(new Claim(JwtClaimTypes.AuthenticationTime, ((long)(DateTime.UtcNow - epoch).TotalSeconds).ToString())); ClaimsPrincipal principal = new ClaimsPrincipal(userIdentity); var res = new GrantValidationResult(principal); context.Result = res; }
public async Task ValidateAsync(ExtensionGrantValidationContext context) { var phone = context.Request.Raw["phone"]; //手机号 var code = context.Request.Raw["mobile_verify_code"]; //验证码 if (phone == "18621685194" && code == "8888") { context.Result = new GrantValidationResult( subject: phone, authenticationMethod: "custom", claims: new Claim[] { new Claim("UserId", "1868253c-efc5-4bdc-adfe-3ab7f13a3481"), new Claim("Name", phone), new Claim("NickName", phone) } ); return; } var errorvalidationResult = new GrantValidationResult(TokenRequestErrors.InvalidGrant); if (string.IsNullOrWhiteSpace(phone) || string.IsNullOrWhiteSpace(code)) { context.Result = errorvalidationResult; return; } var result = await _userServiceProxy.VerifyCookAppUserByVerifyCode(phone, code); if (result == null) { context.Result = errorvalidationResult; return; } context.Result = new GrantValidationResult( subject: phone, authenticationMethod: "custom", claims: new Claim[] { new Claim("UserId", result.Id), new Claim("Name", phone), new Claim("NickName", result.UserName) } ); }
public async Task ValidateAsync(ExtensionGrantValidationContext context) { var userInfo = context.Request.Raw["userInfo"]; var userId = context.Request.Raw["userId"]; var claimsIdentity = context.Request.Raw["claimsIdentity"]; var errorValidationResult = new GrantValidationResult(TokenRequestErrors.InvalidGrant); //用户不存在 if (string.IsNullOrWhiteSpace(userInfo) || string.IsNullOrWhiteSpace(userId)) { errorValidationResult.ErrorDescription = "用户不存在"; context.Result = errorValidationResult; return; } try { var claims = new Claim[] { new Claim("userInfo", userInfo), //new Claim("phone",userInfo.PhoneNumber??string.Empty), //new Claim("cardId",userInfo.CardId??string.Empty), //new Claim(JwtClaimTypes.Subject, userInfo.Id.ToString()), new Claim(JwtClaimTypes.Role, "portal"), //new Claim(JwtClaimTypes.p) }; var ClaimsIdentity = CreateJwtClaims(JsonHelper.ToObject <ClaimsIdentity>(claimsIdentity)); ClaimsIdentity.AddRange(claims); context.Result = new GrantValidationResult(userId, GrantType, ClaimsIdentity); } catch (Exception e) { _logger.LogError("ValidateAsync错误:" + e.StackTrace); errorValidationResult.ErrorDescription = e.Message; context.Result = errorValidationResult; } await Task.CompletedTask; return; }
//connect/token 访问进来 public async Task ValidateAsync(ExtensionGrantValidationContext context) { var phone = context.Request.Raw["phone"]; var code = context.Request.Raw["auth_code"]; var errorValidationResult = new GrantValidationResult(TokenRequestErrors.InvalidGrant); if (string.IsNullOrWhiteSpace(phone) || string.IsNullOrWhiteSpace(code)) { context.Result = errorValidationResult; return; } //检查手机号和验证码是否匹配 if (!await _authCodeService.Validate(phone, code)) { context.Result = errorValidationResult; return; } //var userInfo = await _userService.GetOrCreateAsync(phone); //if (userInfo == null) //{ // //如果用户ID小于等于0 ,验证失败 // context.Result = errorValidationResult; // return; //} #region 测试代码 var userInfo = new BaseUserInfo(); userInfo.Name = "luoyi"; userInfo.Title = "denglu"; userInfo.Company = "hw"; userInfo.Avatar = "2222"; #endregion //构建UserClaims var claims = new Claim[] { new Claim("name", userInfo.Name ?? string.Empty), new Claim("title", userInfo.Title ?? string.Empty), new Claim("company", userInfo.Company ?? string.Empty), new Claim("avatar", userInfo.Avatar ?? string.Empty) }; context.Result = new GrantValidationResult(userInfo.UserId.ToString(), GrantType, claims); }
public async Task ValidateAsync(ExtensionGrantValidationContext context) { //从请求中获得 手机号和验证码 var phone = context.Request.Raw["phone"]; var code = context.Request.Raw["auth_code"]; //授权失败 var errorValidationResult = new GrantValidationResult(TokenRequestErrors.InvalidGrant); //检查手机号和验证码参数是否符合预期 if (string.IsNullOrWhiteSpace(phone) || string.IsNullOrWhiteSpace(code)) { context.Result = errorValidationResult; return; } //检测验证码 if (!await _authCodeService.Validate(phone, code)) { context.Result = errorValidationResult; return; } // //构建UserClaims // var claims = new Claim[] // { // new Claim("name","gzz"), // new Claim(phone,code), // }; // context.Result = new GrantValidationResult("gzz_id", GrantType, claims); //完成用户注册 var userId = await _userService.CheckOrCreate(phone); if (userId <= 0) { context.Result = errorValidationResult; return; } context.Result = new GrantValidationResult(userId.ToString(), GrantType); }
public async Task ValidateAsync_Should_Set_Fail_GrantValidationResult_When_Account_Email_Is_Not_Confirmed() { var account = Account.Builder() .SetId(Guid.NewGuid()) .SetEmail("*****@*****.**") .SetConfirmed(false) .SetPasswordHash("PasswordHash") .SetSecurityStamp(Guid.NewGuid()) .SetCreated(DateTimeOffset.UtcNow) .SetRoles(new List <Guid> { Guid.NewGuid() }) .Build(); var getAccountResult = GetResult <Account> .Ok(account); var errors = new Collection <IError> { new Error(AccountErrorCodeEnumeration.NotConfirmed, AccountErrorMessage.NotConfirmed) }; var accountCanBeAuthenticatedResult = VerificationResult.Fail(errors); var context = new ResourceOwnerPasswordValidationContext { Request = new ValidatedTokenRequest { GrantType = GrantType.ResourceOwnerPassword } }; var expectedResult = new GrantValidationResult(TokenRequestErrors.InvalidTarget, accountCanBeAuthenticatedResult.Errors.Single().ErrorMessage); _accountGetterServiceMock.Setup(x => x.GetByEmailAsync(It.IsAny <string>())) .ReturnsAsync(getAccountResult); _accountVerificationServiceMock .Setup(x => x.VerifyAccountCanBeAuthenticated(It.IsAny <Account>(), It.IsAny <string>())) .Returns(accountCanBeAuthenticatedResult); Func <Task> result = async() => await _resourceOwnerPasswordValidator.ValidateAsync(context); await result.Should().NotThrowAsync <Exception>(); context.Result.Should().BeEquivalentTo(expectedResult); }
public Task <GrantValidationResult> ValidateAsync(string userName, string password, ValidatedTokenRequest request) { // Check The UserName And Password In Database, Return The Subject If Correct, Return Null Otherwise string subject = null; if (userName == "bob" && password == "1234") { subject = "validated"; } if (subject == null) { var result = new GrantValidationResult(subject, "Username Or Password Incorrect"); return(Task.FromResult(result)); } else { var result = new GrantValidationResult(subject, "password"); return(Task.FromResult(result)); } }
public override async Task ValidateAsync(ResourceOwnerPasswordValidationContext context) { var result = new GrantValidationResult { IsError = false }; var user = await userManager.FindByNameAsync(context.UserName); if (user == null) { result.IsError = true; result.Error = "invalid_grant"; result.ErrorDescription = "invalid_username_or_password"; context.Result = result; } else { var siginResult = await this.signInManager.PasswordSignInAsync(user, context.Password, false, true); if (siginResult == SignInResult.Success) { await base.ValidateAsync(context); result = context.Result; } else if (siginResult == SignInResult.Failed) { result.Error = "invalid_grant"; result.ErrorDescription = "invalid_username_or_password"; result.IsError = true; } else if (siginResult == SignInResult.LockedOut) { result.Error = "invalid_grant"; result.ErrorDescription = "Your account is locked, click on Forgot my password"; result.IsError = true; } } context.Result = result; }
public async Task ValidateAsync(ExtensionGrantValidationContext context) { var phone = context.Request.Raw["phone"]; var code = context.Request.Raw["auth_code"]; //由于这里定义的是InvalidGrant,所以再请求时,无论时什么错误都会抛出InvalidGrant错误 var errorValidationResult = new GrantValidationResult(TokenRequestErrors.InvalidGrant); if (string.IsNullOrEmpty(phone) || string.IsNullOrEmpty(code)) { context.Result = errorValidationResult; } //检查验证码 if (!_authCodeService.Validate(phone, code)) { context.Result = errorValidationResult; return; } //完成用户注册 var userInfo = await _userService.CheckOrCreate(phone);//如果请求路径不对,例如在UserService的_userServiceUrl的变量中忘记添加http://执行到这里就不会继续进行了,并在postman中提示 "error": "invalid_grant" if (userInfo == null) { context.Result = errorValidationResult; return; } var claims = new Claim[] { new Claim("name", userInfo.Name ?? string.Empty), new Claim("company", userInfo.Company ?? string.Empty), new Claim("title", userInfo.Title ?? string.Empty), new Claim("avatar", userInfo.Avatar ?? string.Empty), }; //context.Result = new GrantValidationResult(userId.ToString(), GrantType); context.Result = new GrantValidationResult(userInfo.UserId.ToString(), GrantType, claims); }
/// <summary> /// 验证用户获取tokcer /// </summary> /// <param name="context"></param> /// <returns></returns> public async Task ValidateAsync(ExtensionGrantValidationContext context) { var phone = context.Request.Raw["phone"]; var code = context.Request.Raw["auth_code"]; var errorValidationResult = new GrantValidationResult(TokenRequestErrors.InvalidGrant); //判断手机号和验证码 if (string.IsNullOrWhiteSpace(phone) || string.IsNullOrWhiteSpace(code)) { //返回错误的状态 context.Result = errorValidationResult; return; } //验证验证码 if (!_authCodeService.Validate(phone, authCode: code)) { context.Result = errorValidationResult; return; } var userInfo = await _userService.CheckOrCreateAsync(phone); if (userInfo == null) { context.Result = errorValidationResult; return; } //赋值 List <Claim> list = new List <Claim>() { new Claim("name", userInfo.Name ?? string.Empty), new Claim("company", userInfo.Company ?? string.Empty), new Claim("phone", userInfo.Phone ?? string.Empty), new Claim("title", userInfo.Title ?? string.Empty), new Claim("avatar", userInfo.Avatar ?? string.Empty), }; context.Result = new GrantValidationResult(userInfo.Id.ToString(), GrantType, list); }