public void ConfigureOAuth(IAppBuilder app, IAutenticacao serviceAutenticacao) { var oAuthServerOptions = new OAuthAuthorizationServerOptions() { AllowInsecureHttp = true, TokenEndpointPath = new PathString("/api/security/token"), AccessTokenExpireTimeSpan = TimeSpan.FromHours(2), Provider = new AuthorizationServerProvider(serviceAutenticacao) }; app.UseOAuthAuthorizationServer(oAuthServerOptions); app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions()); }
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" }); try { var container = new UnityContainer(); DependencyResolver.Resolve(container); _autenticacaoService = container.Resolve<IAutenticacao>(); var user = _autenticacaoService.AutenticarUsuario(context.UserName, context.Password); if (user == null) { context.SetError("invalid_grant", Erros.InvalidCredentials); return; } var identity = new ClaimsIdentity(context.Options.AuthenticationType); identity.AddClaim(new Claim(ClaimTypes.Name, user.Senha)); identity.AddClaim(new Claim(ClaimTypes.Sid, user.UsuarioCodigo.ToString())); identity.AddClaim(new Claim(ClaimTypes.PrimarySid, user.UsuarioId.ToString())); identity.AddClaim(new Claim(ClaimTypes.GivenName, user.UsuarioNome)); //Setando as permissao do usuario var permissoes = _autenticacaoService.ObterPermissoes(user.UsuarioNome); foreach (var permissao in permissoes) { identity.AddClaim(new Claim(ClaimTypes.Role, permissao.AcaoNome)); } //Inclui as o nome e as permissões do usuario no retorno da autenticação var properties = CreateProperties(user.UsuarioNome, JsonConvert.SerializeObject(permissoes.Select(x => x.AcaoNome).ToArray())); var ticket = new AuthenticationTicket(identity, properties); var principal = new GenericPrincipal(identity, null); Thread.CurrentPrincipal = principal; context.Validated(ticket); } catch (Exception) { context.SetError("invalid_grant", Erros.InvalidCredentials); } }
public AuthorizationServerProvider(IAutenticacao autenticacaoService) { _autenticacaoService = autenticacaoService; }
public ApiKeyAuthorization(IAutenticacao autenticacao) { _autenticacao = autenticacao; }