using System.Threading.Tasks; using Microsoft.Owin.Security.OAuth; using Step.Database.Controllers; using Step.Model.DatabaseModels; using System.Security.Claims; using static Step.Utils.Constants; using System; namespace Step.Provider { public class ApplicationOAuthProvider : OAuthAuthorizationServerProvider { public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context) { // Validate client context.Validated(); } public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { using (UsersController usersController = new UsersController()) { try { // Check if credentials are correct UserModel user = usersController.FindByUsernameAndPassword(context.UserName, context.Password); // If not if (user == null) { // Return 401 bad request context.SetError("invalid_grant", "The user name or password is incorrect."); return; } // Create a new Identity and insert custom claims var identity = new ClaimsIdentity(context.Options.AuthenticationType); identity.AddClaim(new Claim(USERNAME_KEY, user.Username)); identity.AddClaim(new Claim(ROLE_LEVEL_KEY, user.Role.Level.ToString())); identity.AddClaim(new Claim(USER_ID_KEY, user.UserId.ToString())); // Create Token with identity data context.Validated(identity); await base.GrantResourceOwnerCredentials(context); return; } catch(Exception ex) { } } } } }