示例#1
0
        private async Task PopulateAuthenticationTicket(AuthenticationTokenReceiveContext context)
        {
            var token = await options.TokenManager.FindRefreshTokenAsync(context.Token);

            OAuthValidateTokenContext <IRefreshToken> validateContext = new OAuthValidateTokenContext <IRefreshToken>(
                context.OwinContext, options, context, token);

            await options.TokenProvider.ValidateRefreshToken(validateContext);

            if (validateContext.IsValidated)
            {
                //if (token == null)//delete this section after bug fixed
                //{
                //    token = new RefreshToken { Subject = "*****@*****.**",Scope=new List<string>(), Token = "2bchanghailong", ClientId = "win64", RedirectUri = "app://axe/token.htm", ExpiresIn = DateTime.UtcNow.AddYears(1) };
                //}
                var deleteResult = await options.TokenManager.DeleteRefreshTokenAsync(token);

                if (!deleteResult)
                {
                    options.Logger.ErrorFormat("Unable to delete used refresh token: {0}", JsonConvert.SerializeObject(token));
                }

                /* Override the validation parameters.
                 * This is because OWIN thinks the principal.Identity.Name should
                 * be the same as the client_id from ValidateClientAuthentication method,
                 * but we need to use the user id in dongbo oauth.
                 */
                var props = new AuthenticationProperties();
                props.Dictionary.Add("client_id", token.ClientId);
                props.RedirectUri = token.RedirectUri;
                props.ExpiresUtc  = token.ValidTo;

                // Re-authenticate user to get new claims
                var user = await this.options.UserManager.AuthenticateUserAsync(token.Subject);

                // Make sure the user has the correct claims
                user.RemoveClaim(x => x.Type == Constants.ClaimType.Client);
                user.RemoveClaim(x => x.Type == Constants.ClaimType.RedirectUri);
                user.AddClaim(Constants.ClaimType.Client, token.ClientId);
                user.AddClaim(Constants.ClaimType.RedirectUri, token.RedirectUri);

                if (token.Scope != null)
                {
                    foreach (var s in token.Scope)
                    {
                        user.AddClaim(Constants.ClaimType.Scope, s);
                    }
                }
                var ticket = new AuthenticationTicket(user, props);
                context.SetTicket(ticket);
            }
        }
示例#2
0
        private async Task PopulateAuthenticationTicket(AuthenticationTokenReceiveContext context)
        {
            var parameters = await context.Request.ReadFormAsync();

            this.options.Logger.DebugFormat("Validating authorization code for redirect uri '{0}'", parameters["redirect_uri"]);

            var code = await this.options.TokenManager.FindAuthorizationCodeAsync(context.Token);

            OAuthValidateTokenContext <IAuthorizationCode> validateContext = new OAuthValidateTokenContext <IAuthorizationCode>(context.OwinContext, options, context, code);

            await options.TokenProvider.ValidateAuthorizationCode(validateContext);

            if (validateContext.IsValidated)
            {
                context.DeserializeTicket(code.Ticket);
            }
        }