You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
98 lines
3.3 KiB
98 lines
3.3 KiB
using System;
|
|
using System.Collections.Generic;
|
|
using System.Linq;
|
|
using System.Security.Claims;
|
|
using System.Threading.Tasks;
|
|
using Microsoft.AspNet.Identity;
|
|
using Microsoft.AspNet.Identity.EntityFramework;
|
|
using Microsoft.AspNet.Identity.Owin;
|
|
using Microsoft.Owin.Security;
|
|
using Microsoft.Owin.Security.Cookies;
|
|
using Microsoft.Owin.Security.OAuth;
|
|
using WebApplication1.Models;
|
|
|
|
namespace WebApplication1.Providers
|
|
{
|
|
public class ApplicationOAuthProvider : OAuthAuthorizationServerProvider
|
|
{
|
|
private readonly string _publicClientId;
|
|
|
|
public ApplicationOAuthProvider(string publicClientId)
|
|
{
|
|
if (publicClientId == null)
|
|
{
|
|
throw new ArgumentNullException("publicClientId");
|
|
}
|
|
|
|
_publicClientId = publicClientId;
|
|
}
|
|
|
|
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
|
|
{
|
|
var userManager = context.OwinContext.GetUserManager<ApplicationUserManager>();
|
|
|
|
ApplicationUser user = await userManager.FindAsync(context.UserName, context.Password);
|
|
|
|
if (user == null)
|
|
{
|
|
context.SetError("invalid_grant", "用户名或密码不正确。");
|
|
return;
|
|
}
|
|
|
|
ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(userManager,
|
|
OAuthDefaults.AuthenticationType);
|
|
ClaimsIdentity cookiesIdentity = await user.GenerateUserIdentityAsync(userManager,
|
|
CookieAuthenticationDefaults.AuthenticationType);
|
|
|
|
AuthenticationProperties properties = CreateProperties(user.UserName);
|
|
AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, properties);
|
|
context.Validated(ticket);
|
|
context.Request.Context.Authentication.SignIn(cookiesIdentity);
|
|
}
|
|
|
|
public override Task TokenEndpoint(OAuthTokenEndpointContext context)
|
|
{
|
|
foreach (KeyValuePair<string, string> property in context.Properties.Dictionary)
|
|
{
|
|
context.AdditionalResponseParameters.Add(property.Key, property.Value);
|
|
}
|
|
|
|
return Task.FromResult<object>(null);
|
|
}
|
|
|
|
public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
|
|
{
|
|
// 资源所有者密码凭据未提供客户端 ID。
|
|
if (context.ClientId == null)
|
|
{
|
|
context.Validated();
|
|
}
|
|
|
|
return Task.FromResult<object>(null);
|
|
}
|
|
|
|
public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
|
|
{
|
|
if (context.ClientId == _publicClientId)
|
|
{
|
|
Uri expectedRootUri = new Uri(context.Request.Uri, "/");
|
|
|
|
if (expectedRootUri.AbsoluteUri == context.RedirectUri)
|
|
{
|
|
context.Validated();
|
|
}
|
|
}
|
|
|
|
return Task.FromResult<object>(null);
|
|
}
|
|
|
|
public static AuthenticationProperties CreateProperties(string userName)
|
|
{
|
|
IDictionary<string, string> data = new Dictionary<string, string>
|
|
{
|
|
{ "userName", userName }
|
|
};
|
|
return new AuthenticationProperties(data);
|
|
}
|
|
}
|
|
}
|