public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
// create identity
var username = context.UserName;
var password = context.Password;
// Here you use db
var userService = new UserService();
ClientMaster user = userService.GetUserByCredentials(username, password);
if (user == null)
{
if (user == null)
{
context.SetError("invalid_grant", "Username and password do not match.");
return;
}
}
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
identity.AddClaim(new Claim(ClaimTypes.Name, user.Name));
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, user.Id));
// create metadata to pass on to refresh token provider
var props = new AuthenticationProperties(new Dictionary <string, string>
{
{ "as:client_id", context.ClientId }
});
var ticket = new AuthenticationTicket(identity, props);
context.Validated(ticket);
}
public ClientMaster GetUserByCredentials(string email, string password)
{
ClientMaster user = new ClientMaster()
{
Id = "1", Email = "*****@*****.**", Password = "******", Name = "custom"
};
if (user != null)
{
user.Password = string.Empty;
}
return(user);
}
