public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
using (var repo = new AuthRepository())
{
var user = await repo.FindUser(context.UserName, context.Password);
if (user == null)
{
context.SetError("invalid_grant", "The user name or password is incorrect.");
return;
}
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
identity.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
identity.AddClaim(new Claim("id", user.Id));
var isAdmin = repo.HasRole(user, "Administrator");
identity.AddClaim(new Claim("is_admin", isAdmin.ToString()));
identity.AddClaim(isAdmin
? new Claim(ClaimTypes.Role, "Administrator")
: new Claim(ClaimTypes.Role, "DashboardUser"));
context.Validated(identity);
}
}
public override async Task TokenEndpoint(OAuthTokenEndpointContext context)
{
using (var repo = new AuthRepository())
{
var role = context.Identity.Claims.First(c => c.Type == ClaimTypes.Role).Value;
context.AdditionalResponseParameters.Add("role", role);
}
}
