public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context) { string clientId = string.Empty; string clientSecret = string.Empty; var ClientID = context.ClientId; //var ClientSecret = context. // The TryGetBasicCredentials method checks the Authorization header and // Return the ClientId and clientSecret if (!context.TryGetBasicCredentials(out clientId, out clientSecret)) { context.SetError("invalid_client", "Client credentials could not be retrieved through the Authorization header."); context.Rejected(); return; } //Check the existence of by calling the ValidateClient method ClientMaster client = (new ClientMasterRepository()).ValidateClient(clientId, clientSecret); if (client != null) { // Client has been verified. context.OwinContext.Set <ClientMaster>("oauth:client", client); context.Validated(clientId); } else { // Client could not be validated. context.SetError("invalid_client", "Client credentials are invalid."); context.Rejected(); } context.Validated(); }
/* * public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) * { * using (UserMasterRepository _repo = new UserMasterRepository()) * { * var user = _repo.ValidateUser(context.UserName, context.Password); * if (user == null) * { * context.SetError("invalid_grant", "Provided username and password is incorrect"); * return; * } * var identity = new ClaimsIdentity(context.Options.AuthenticationType); * identity.AddClaim(new Claim(ClaimTypes.Role, user.UserRoles)); * identity.AddClaim(new Claim(ClaimTypes.Name, user.UserName)); * identity.AddClaim(new Claim("Email", user.UserEmailID)); * context.Validated(identity); * } * } */ public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { ClientMaster client = context.OwinContext.Get <ClientMaster>("ta:client"); var allowedOrigin = context.OwinContext.Get <string>("ta:clientAllowedOrigin"); if (allowedOrigin == null) { allowedOrigin = "*"; } context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin }); UserMaster user = null; using (UserMasterRepository _repo = new UserMasterRepository()) { user = _repo.ValidateUser(context.UserName, context.Password); if (user == null) { context.SetError("invalid_grant", "Provided username and password is incorrect"); return; } } var identity = new ClaimsIdentity(context.Options.AuthenticationType); identity.AddClaim(new Claim(ClaimTypes.Role, user.UserRoles)); identity.AddClaim(new Claim(ClaimTypes.Name, user.UserName)); identity.AddClaim(new Claim("Email", user.UserEmailID)); var props = new AuthenticationProperties(new Dictionary <string, string> { { "client_id", (context.ClientId == null) ? string.Empty : context.ClientId }, { "userName", context.UserName } }); var ticket = new AuthenticationTicket(identity, props); context.Validated(ticket); }
/* * public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context) * { * string clientId = string.Empty; * string clientSecret = string.Empty; * // The TryGetBasicCredentials method checks the Authorization header and * // Return the ClientId and clientSecret * if (!context.TryGetBasicCredentials(out clientId, out clientSecret)) * { * context.SetError("invalid_client", "Client credentials could not be retrieved through the Authorization header."); * context.Rejected(); * return; * } * //Check the existence of by calling the ValidateClient method * ClientMaster client = (new ClientMasterRepository()).ValidateClient(clientId, clientSecret); * if (client != null) * { * // Client has been verified. * context.OwinContext.Set<ClientMaster>("oauth:client", client); * context.Validated(clientId); * } * else * { * // Client could not be validated. * context.SetError("invalid_client", "Client credentials are invalid."); * context.Rejected(); * } * context.Validated(); * }*/ public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context) { string clientId = string.Empty; string clientSecret = string.Empty; // The TryGetBasicCredentials method checks the Authorization header and // Return the ClientId and clientSecret if (!context.TryGetBasicCredentials(out clientId, out clientSecret)) { context.SetError("invalid_client", "Client credentials could not be retrieved through the Authorization header."); return(Task.FromResult <object>(null)); } //Check the existence of by calling the ValidateClient method ClientMaster client = (new ClientMasterRepository()).ValidateClient(clientId, clientSecret); if (client == null) { // Client could not be validated. context.SetError("invalid_client", "Client credentials are invalid."); return(Task.FromResult <object>(null)); } else { if (!client.Active) { context.SetError("invalid_client", "Client is inactive."); return(Task.FromResult <object>(null)); } // Client has been verified. context.OwinContext.Set <ClientMaster>("ta:client", client); context.OwinContext.Set <string>("ta:clientAllowedOrigin", client.AllowedOrigin); context.OwinContext.Set <string>("ta:clientRefreshTokenLifeTime", client.RefreshTokenLifeTime.ToString()); context.Validated(); return(Task.FromResult <object>(null)); } }