public override async Task GrantCustomExtension(OAuthGrantCustomExtensionContext context)
{
if (context.GrantType != "anonymous")
{
return;
}
var db = new KiwiContext();
var protectedToken = HttpServerUtility.UrlTokenDecode(context.Parameters.Get("token"));
if (protectedToken == null)
{
return;
}
var anonymousToken = Encoding.UTF8.GetString(MachineKey.Unprotect(protectedToken));
var tokenArray = anonymousToken.Split('‼');
var reportId = Int32.Parse(tokenArray[0]);
var time = DateTime.Parse(tokenArray[1]);
if (tokenArray.Count() != 2 && reportId != 0 && time != new DateTime())
{
context.SetError("invalid_grant", "This token is invalid");
return;
}
if (time < DateTime.Now)
{
context.SetError("invalid_grant", "This token has expired");
return;
}
if (await db.Reports.FindAsync(reportId) == null)
{
context.SetError("invalid_grant", "No report found with that ID");
return;
}
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
identity.AddClaim(new Claim(ClaimTypes.Role, "Anonymous"));
identity.AddClaim(new Claim("reportId", reportId.ToString()));
identity.AddClaim(new Claim("is_anonymous", "true"));
// token for reporting users should be valid for 10 minutes
//context.Options.AccessTokenExpireTimeSpan = new TimeSpan(0, 10, 0);
context.Validated(identity);
}
public override async Task GrantCustomExtension(OAuthGrantCustomExtensionContext context)
{
if (context.GrantType != "anonymous")
{
return;
}
var db = new KiwiContext();
var protectedToken = HttpServerUtility.UrlTokenDecode(context.Parameters.Get("token"));
if (protectedToken == null)
{
return;
}
var anonymousToken = Encoding.UTF8.GetString(MachineKey.Unprotect(protectedToken));
var tokenArray = anonymousToken.Split('‼');
var reportId = Int32.Parse(tokenArray[0]);
var time = DateTime.Parse(tokenArray[1]);
if (tokenArray.Length != 2 && reportId != 0 && time != new DateTime())
{
context.SetError("invalid_grant", "This token is invalid");
return;
}
if (time < DateTime.Now)
{
context.SetError("invalid_grant", "This token has expired");
return;
}
if (await db.Reports.FindAsync(reportId) == null)
{
context.SetError("invalid_grant", "No report found with that ID");
return;
}
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
identity.AddClaim(new Claim(ClaimTypes.Role, "Anonymous"));
identity.AddClaim(new Claim("reportId", reportId.ToString()));
identity.AddClaim(new Claim("is_anonymous", "true"));
// token for reporting users should be valid for 10 minutes
//context.Options.AccessTokenExpireTimeSpan = new TimeSpan(0, 10, 0);
context.Validated(identity);
}
public AuthRepository()
{
_ctx = new KiwiContext();
_userManager = new UserManager<IdentityUser>(new UserStore<IdentityUser>(_ctx));
}
public AuthRepository()
{
_ctx = new KiwiContext();
_userManager = new UserManager <IdentityUser>(new UserStore <IdentityUser>(_ctx));
}
