private MMUser mockUser(string username, string password)
{
MMUser user = null;
try
{
if (username == "MMTest" && password == "mm123!")
{
return(new MMUser("MM admin user", 44));
}
}
catch (Exception e) { }
return(user);
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
ClaimsIdentity oAuthIdentity = new ClaimsIdentity(context.Options.AuthenticationType);
MMUser user = this.mockUser(context.UserName, context.Password);
//context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });
if (user == null || user.id == 0)
{
context.SetError("invalid_grant",
"The user name or password is incorrect.");
return;
}
oAuthIdentity.AddClaim(new Claim(ClaimTypes.Name, user.name));
string rolesInfo = string.Empty;
oAuthIdentity.AddClaim(new Claim("id", user.id.ToString()));
// base permission for all common components
oAuthIdentity.AddClaim(new Claim(ClaimTypes.Role, "base_user"));
ClaimsIdentity cookiesIdentity = new ClaimsIdentity(context.Options.AuthenticationType);
cookiesIdentity.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
cookiesIdentity.AddClaim(new Claim(ClaimTypes.Role, "base_user"));
AuthenticationProperties properties = CreateProperties(user.name, user.id.ToString());
AuthenticationTicket ticket =
new AuthenticationTicket(oAuthIdentity, properties);
context.Validated(ticket);
context.Request.Context.Authentication.SignIn(cookiesIdentity);
//System.Web.HttpContext.Current.Session["token"] = context.Options.AccessTokenFormat.Protect(ticket);
oAuthIdentity.AddClaim(new Claim("token", context.Options.AccessTokenFormat.Protect(ticket)));
}