public override void Respond(IHttpContext context) { if (context.Request.Headers["Accept"] != TokenContentType) { context.Response.StatusCode = (int)HttpStatusCode.BadRequest; context.WriteJson(new { error = "invalid_request", error_description = "Accept should be: " + TokenContentType }); return; } if (context.Request.Headers["grant_type"] != TokenGrantType) { context.Response.StatusCode = (int)HttpStatusCode.BadRequest; context.WriteJson(new { error = "unsupported_grant_type", error_description = "Only supported grant_type is: " + TokenGrantType }); return; } var identity = GetUserAndPassword(context); if (identity == null) { context.Response.StatusCode = (int)HttpStatusCode.Unauthorized; context.Response.AddHeader("WWW-Authenticate", "Basic realm=\"Raven DB\""); context.WriteJson(new { error = "invalid_client", error_description = "No client authentication was provided" }); return; } List <DatabaseAccess> authorizedDatabases; if (!AuthenticateClient.Authenticate(Database, identity.Item1, identity.Item2, out authorizedDatabases)) { if ((Database == SystemDatabase || !AuthenticateClient.Authenticate(SystemDatabase, identity.Item1, identity.Item2, out authorizedDatabases))) { context.Response.StatusCode = (int)HttpStatusCode.Unauthorized; context.Response.AddHeader("WWW-Authenticate", "Basic realm=\"Raven DB\""); context.WriteJson(new { error = "unauthorized_client", error_description = "Invalid client credentials" }); return; } } Interlocked.Increment(ref numberOfTokensIssued); var userId = identity.Item1; var token = AccessToken.Create(Settings.OAuthTokenKey, new AccessTokenBody { UserId = userId, AuthorizedDatabases = authorizedDatabases }); context.Write(token.Serialize()); }
private AccessToken GetAccessTokenFromApiKey(string apiKeyName) { return(AccessToken.Create(Settings.OAuthTokenCertificate, new AccessTokenBody { UserId = apiKeyName, AuthorizedDatabases = new List <DatabaseAccess> { new DatabaseAccess { TenantId = "*", }, } })); }
private Tuple <string, AccessToken> GetApiKeySecret(string apiKeyName) { var document = SystemDatabase.Get("Raven/ApiKeys/" + apiKeyName, null); if (document == null) { return(null); } var apiKeyDefinition = document.DataAsJson.JsonDeserialization <ApiKeyDefinition>(); if (apiKeyDefinition.Enabled == false) { return(null); } return(Tuple.Create(apiKeyDefinition.Secret, AccessToken.Create(Settings.OAuthTokenCertificate, new AccessTokenBody { UserId = apiKeyName, AuthorizedDatabases = apiKeyDefinition.Databases }))); }