Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- public void ConfigureOAuth(IAppBuilder app)
- {
- //use a cookie to temporarily store information about a user logging in with a third party login provider
- app.UseExternalSignInCookie(Microsoft.AspNet.Identity.DefaultAuthenticationTypes.ExternalCookie);
- OAuthBearerOptions = new OAuthBearerAuthenticationOptions();
- OAuthAuthorizationServerOptions OAuthServerOptions = new OAuthAuthorizationServerOptions()
- {
- AllowInsecureHttp = true,
- TokenEndpointPath = new PathString("/token"),
- AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(30),
- Provider = new SimpleAuthorizationServerProvider(),
- RefreshTokenProvider = new SimpleRefreshTokenProvider(),
- AuthenticationMode = AuthenticationMode.Active
- };
- // Token Generation
- app.UseOAuthAuthorizationServer(OAuthServerOptions);
- app.UseOAuthBearerAuthentication(OAuthBearerOptions);
- }
- public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
- {
- string clientId = string.Empty;
- string clientSecret = string.Empty;
- Client client = null;
- if (!context.TryGetBasicCredentials(out clientId, out clientSecret))
- {
- context.TryGetFormCredentials(out clientId, out clientSecret);
- }
- if (context.ClientId == null)
- {
- //Remove the comments from the below line context.SetError, and invalidate context
- //if you want to force sending clientId/secrects once obtain access tokens.
- context.Validated();
- //context.SetError("invalid_clientId", "ClientId should be sent.");
- return Task.FromResult<object>(null);
- }
- using (AuthRepository _repo = new AuthRepository())
- {
- client = _repo.FindClient(context.ClientId);
- }
- if (client == null)
- {
- context.SetError("invalid_clientId", string.Format("Client '{0}' is not registered in the system.", context.ClientId));
- return Task.FromResult<object>(null);
- }
- if (client.ApplicationType == Models.ApplicationTypes.NativeConfidential)
- {
- if (string.IsNullOrWhiteSpace(clientSecret))
- {
- context.SetError("invalid_clientId", "Client secret should be sent.");
- return Task.FromResult<object>(null);
- }
- else
- {
- if (client.Secret != Helper.GetHash(clientSecret))
- {
- context.SetError("invalid_clientId", "Client secret is invalid.");
- return Task.FromResult<object>(null);
- }
- }
- }
- if (!client.Active)
- {
- context.SetError("invalid_clientId", "Client is inactive.");
- return Task.FromResult<object>(null);
- }
- context.OwinContext.Set<string>("as:clientAllowedOrigin", client.AllowedOrigin);
- context.OwinContext.Set<string>("as:clientRefreshTokenLifeTime", client.RefreshTokenLifeTime.ToString());
- context.Validated();
- return Task.FromResult<object>(null);
- }
- var data = "grant_type=password&username=" + loginData.username + "&password=" + loginData.password;
- var deferred = $q.defer();
- $http.post(serviceBase + 'token', data, { headers: { 'Content-Type': 'application/x-www-form-urlencoded' } }).success(function (response) {
- if (loginData.useRefreshTokens) {
- localStorageService.set('authorizationData', { token: response.access_token, userName: loginData.userName, refreshToken: response.refresh_token, useRefreshTokens: true });
- }
- else {
- localStorageService.set('authorizationData', { token: response.access_token, userName: loginData.userName, refreshToken: "", useRefreshTokens: false });
- $rootScope.authData = { token: response.access_token, userName: loginData.userName, refreshToken: "", useRefreshTokens: false };
- }
- _authentication.isAuth = true;
- _authentication.userName = loginData.userName;
- _authentication.useRefreshTokens = loginData.useRefreshTokens;
- deferred.resolve(response);
- }).error(function (err, status) {
- _logOut();
- deferred.reject(err);
- });
- return deferred.promise;
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement