Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- public void Configure(IApplicationBuilder app) {
- app.UseJwtBearerAuthentication(options => {
- options.AutomaticAuthenticate = true;
- options.AutomaticChallenge = true;
- options.TokenValidationParameters.ValidateAudience = false;
- options.Authority = Configuration.Get<string>("OAuth:Authority");
- options.ConfigurationManager = new ConfigurationManager<OpenIdConnectConfiguration>(
- metadataAddress: options.Authority + ".well-known/openid-configuration",
- configRetriever: new OpenIdConnectConfigurationRetriever(),
- docRetriever: new HttpDocumentRetriever() { RequireHttps = false });
- });
- app.UseOpenIdConnectServer(configuration => {
- configuration.Issuer = new Uri(Configuration.Get<string>("OpenId:Issuer"));
- configuration.AllowInsecureHttp = true;
- configuration.AuthorizationEndpointPath = PathString.Empty;
- configuration.AuthenticationScheme = OpenIdConnectServerDefaults.AuthenticationScheme;
- configuration.Provider = new AuthorizationProvider();
- });
- }
- public class AuthorizationProvider : OpenIdConnectServerProvider {
- public override Task ValidateClientAuthentication(ValidateClientAuthenticationContext context) {
- context.Skipped();
- return Task.FromResult<object>(null);
- }
- public override Task GrantResourceOwnerCredentials(GrantResourceOwnerCredentialsContext context) {
- string username = context.UserName;
- string password = context.Password;
- UserManager<ApplicationUser> userManager = context.HttpContext.RequestServices.GetRequiredService<UserManager<ApplicationUser>>();
- ApplicationUser user = userManager.FindByNameAsync(username).Result;
- if (userManager.CheckPasswordAsync(user, password).Result) {
- ClaimsIdentity identity = new ClaimsIdentity(OpenIdConnectServerDefaults.AuthenticationScheme);
- identity.AddClaim(ClaimTypes.Name, username, "token id_token");
- List<string> roles = userManager.GetRolesAsync(user).Result.ToList();
- foreach (string role in roles) {
- identity.AddClaim(ClaimTypes.Role, role, "token id_token");
- }
- ClaimsPrincipal principal = new ClaimsPrincipal(identity);
- context.Validated(principal);
- } else {
- context.Rejected("invalid credentials");
- }
- return Task.FromResult<object>(null);
- }
- }
- $http({
- method: 'POST',
- url: 'connect/token',
- headers: {
- 'Content-Type': 'application/x-www-form-urlencoded; charset=UTF-8'
- },
- data: $.param({
- grant_type: 'password',
- username: email,
- password: password
- })
- }).then(function (response) {
- if (response.status == 200) {
- var token = response.data.access_token;
- localStorage.setItem('token', token);
- }
- });
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement