/// <summary> /// Exchanges a resource owner's password credential for OAuth 2.0 refresh and access tokens. /// </summary> /// <param name="userName">The resource owner's username, as it is known by the authorization server.</param> /// <param name="password">The resource owner's account password.</param> /// <param name="scopes">The desired scope of access.</param> /// <returns>The result, containing the tokens if successful.</returns> public IAuthorizationState ExchangeUserCredentialForToken(string userName, string password, IEnumerable<string> scopes = null) { Requires.NotNullOrEmpty(userName, "userName"); Requires.NotNull(password, "password"); var authorizationState = new AuthorizationState(scopes); var request = new AccessTokenResourceOwnerPasswordCredentialsRequest(this.AuthorizationServer.TokenEndpoint, this.AuthorizationServer.Version) { ClientIdentifier = this.ClientIdentifier, ClientSecret = this.ClientSecret, UserName = userName, Password = password, }; var response = this.Channel.Request(request); var success = response as AccessTokenSuccessResponse; var failure = response as AccessTokenFailedResponse; ErrorUtilities.VerifyProtocol(success != null || failure != null, MessagingStrings.UnexpectedMessageReceivedOfMany); if (success != null) { UpdateAuthorizationWithResponse(authorizationState, success); } else { // failure Logger.OAuth.Info("Resource Owner credentials rejected by the Authorization Server."); authorizationState.Delete(); } return authorizationState; }
/// <summary> /// Exchanges a resource owner's password credential for OAuth 2.0 refresh and access tokens. /// </summary> /// <param name="userName">The resource owner's username, as it is known by the authorization server.</param> /// <param name="password">The resource owner's account password.</param> /// <param name="scopes">The desired scope of access.</param> /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The result, containing the tokens if successful. /// </returns> public Task<IAuthorizationState> ExchangeUserCredentialForTokenAsync(string userName, string password, IEnumerable<string> scopes = null, CancellationToken cancellationToken = default(CancellationToken)) { Requires.NotNullOrEmpty(userName, "userName"); Requires.NotNull(password, "password"); var request = new AccessTokenResourceOwnerPasswordCredentialsRequest(this.AuthorizationServer.TokenEndpoint, this.AuthorizationServer.Version) { RequestingUserName = userName, Password = password, }; return this.RequestAccessTokenAsync(request, scopes, cancellationToken); }
/// <summary> /// Exchanges a resource owner's password credential for OAuth 2.0 refresh and access tokens. /// </summary> /// <param name="userName">The resource owner's username, as it is known by the authorization server.</param> /// <param name="password">The resource owner's account password.</param> /// <param name="scopes">The desired scope of access.</param> /// <returns>The result, containing the tokens if successful.</returns> public IAuthorizationState ExchangeUserCredentialForToken(string userName, string password, IEnumerable<string> scopes = null) { Requires.NotNullOrEmpty(userName, "userName"); Requires.NotNull(password, "password"); var request = new AccessTokenResourceOwnerPasswordCredentialsRequest(this.AuthorizationServer.TokenEndpoint, this.AuthorizationServer.Version) { UserName = userName, Password = password, }; return this.RequestAccessToken(request, scopes); }