Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- public void Configuration(IAppBuilder appBuilder)
- {
- HttpConfiguration httpConfiguration = new HttpConfiguration();
- ConfigureOAuth(appBuilder);
- WebApiConfig.Register(httpConfiguration);
- appBuilder.UseWebApi(httpConfiguration);
- }
- private void ConfigureOAuth(IAppBuilder appBuilder)
- {
- OAuthAuthorizationServerOptions oAuthAuthorizationServerOptions = new OAuthAuthorizationServerOptions()
- {
- TokenEndpointPath = new Microsoft.Owin.PathString("/token"), // token path
- AccessTokenExpireTimeSpan = TimeSpan.FromDays(1),
- AllowInsecureHttp = true,
- Provider = new UserAuthorizationServerProvider()
- };
- // To create an access token on AppBuilder
- appBuilder.UseOAuthAuthorizationServer(oAuthAuthorizationServerOptions);
- // We are setting Authentication type as a Bearer Authentication.
- appBuilder.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
- }
- public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
- {
- // CORS settings
- context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });
- // Validation for user access
- if (context.UserName == "tester" && context.Password == "password")
- {
- var identity = new ClaimsIdentity(context.Options.AuthenticationType);
- identity.AddClaim(new Claim("sub", context.UserName));
- identity.AddClaim(new Claim("role", "user"));
- context.Validated(identity);
- }
- else
- {
- context.SetError("invalid_grant", "Username or password is incorrect");
- }
- }
Add Comment
Please, Sign In to add comment