Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- //using System;
- //using System.Collections.Generic;
- //using System.Net;
- //using System.Net.Http;
- //string token = GetToken("https://localhost:<port>/", userName, password);
- static string GetToken(string url, string userName, string password) {
- var pairs = new List<KeyValuePair<string, string>>
- {
- new KeyValuePair<string, string>( "grant_type", "password" ),
- new KeyValuePair<string, string>( "username", userName ),
- new KeyValuePair<string, string> ( "Password", password )
- };
- var content = new FormUrlEncodedContent(pairs);
- ServicePointManager.ServerCertificateValidationCallback += (sender, cert, chain, sslPolicyErrors) => true;
- using (var client = new HttpClient()) {
- var response = client.PostAsync(url + "Token", content).Result;
- return response.Content.ReadAsStringAsync().Result;
- }
- }
- //using System;
- //using System.Collections.Generic;
- //using System.Net;
- //using System.Net.Http;
- //var result = CallApi("https://localhost:<port>/something", token);
- static string CallApi(string url, string token) {
- ServicePointManager.ServerCertificateValidationCallback += (sender, cert, chain, sslPolicyErrors) => true;
- using (var client = new HttpClient()) {
- if (!string.IsNullOrWhiteSpace(token)) {
- var t = JsonConvert.DeserializeObject<Token>(token);
- client.DefaultRequestHeaders.Clear();
- client.DefaultRequestHeaders.Add("Authorization", "Bearer " + t.access_token);
- }
- var response = client.GetAsync(url).Result;
- return response.Content.ReadAsStringAsync().Result;
- }
- }
- //using Newtonsoft.Json;
- class Token
- {
- public string access_token { get; set; }
- public string token_type { get; set; }
- public int expires_in { get; set; }
- public string userName { get; set; }
- [JsonProperty(".issued")]
- public string issued { get; set; }
- [JsonProperty(".expires")]
- public string expires { get; set; }
- }
- var oAuthOptions = new OAuthAuthorizationServerOptions
- {
- TokenEndpointPath = new PathString("/Token"),
- Provider = new ApplicationOAuthProvider("self"),
- AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
- // https
- AllowInsecureHttp = false
- };
- // Enable the application to use bearer tokens to authenticate users
- app.UseOAuthBearerTokens(oAuthOptions);
- //using Microsoft.AspNet.Identity.Owin;
- //using Microsoft.Owin.Security;
- //using Microsoft.Owin.Security.OAuth;
- //using System;
- //using System.Collections.Generic;
- //using System.Security.Claims;
- //using System.Threading.Tasks;
- public class ApplicationOAuthProvider : OAuthAuthorizationServerProvider
- {
- private readonly string _publicClientId;
- public ApplicationOAuthProvider(string publicClientId)
- {
- if (publicClientId == null)
- throw new ArgumentNullException("publicClientId");
- _publicClientId = publicClientId;
- }
- public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
- {
- var userManager = context.OwinContext.GetUserManager<ApplicationUserManager>();
- var user = await userManager.FindAsync(context.UserName, context.Password);
- if (user == null)
- {
- context.SetError("invalid_grant", "The user name or password is incorrect.");
- return;
- }
- ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(userManager);
- var propertyDictionary = new Dictionary<string, string> { { "userName", user.UserName } };
- var properties = new AuthenticationProperties(propertyDictionary);
- AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, properties);
- // Token is validated.
- context.Validated(ticket);
- }
- public override Task TokenEndpoint(OAuthTokenEndpointContext context)
- {
- foreach (KeyValuePair<string, string> property in context.Properties.Dictionary)
- {
- context.AdditionalResponseParameters.Add(property.Key, property.Value);
- }
- return Task.FromResult<object>(null);
- }
- public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
- {
- // Resource owner password credentials does not provide a client ID.
- if (context.ClientId == null)
- context.Validated();
- return Task.FromResult<object>(null);
- }
- public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
- {
- if (context.ClientId == _publicClientId)
- {
- var expectedRootUri = new Uri(context.Request.Uri, "/");
- if (expectedRootUri.AbsoluteUri == context.RedirectUri)
- context.Validated();
- }
- return Task.FromResult<object>(null);
- }
- }
- OAuthOptions = new OAuthAuthorizationServerOptions
- {
- TokenEndpointPath = new PathString("/Token"),
- Provider = new ApplicationOAuthProvider(PublicClientId),
- AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"),
- AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
- // In production mode set AllowInsecureHttp = false
- AllowInsecureHttp = true
- };
- /Token/userName=johndoe%40example.com&password=1234&grant_type=password
Add Comment
Please, Sign In to add comment