public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { using (IAuthenticationRepository _repo = NinjectWebCommon.Load <IAuthenticationRepository>()) { IdentityUserDTO user = await _repo.FindUser(context.UserName, context.Password); if (user == null) { context.SetError("The username or password is incorrect.", null); return; } var identity = new ClaimsIdentity(context.Options.AuthenticationType); identity.AddClaim(new Claim(ClaimTypes.Name, user.UserName)); identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, user.Id)); context.Validated(identity); } }