当前位置: 首页>>代码示例>>C#>>正文


C# AuthRepository.FindClient方法代码示例

本文整理汇总了C#中AuthRepository.FindClient方法的典型用法代码示例。如果您正苦于以下问题:C# AuthRepository.FindClient方法的具体用法?C# AuthRepository.FindClient怎么用?C# AuthRepository.FindClient使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在AuthRepository的用法示例。


在下文中一共展示了AuthRepository.FindClient方法的3个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C#代码示例。

示例1: ValidateClientAuthentication

        public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
        {
            string clientId = string.Empty;
            string clientSecret = string.Empty;
            Client client = null;

            if (!context.TryGetBasicCredentials(out clientId, out clientSecret))
            {
                context.TryGetFormCredentials(out clientId, out clientSecret);
            }

            if (context.ClientId == null)
            {
                //Remove the comments from the below line context.SetError, and invalidate context 
                //if you want to force sending clientId/secrects once obtain access tokens. 
                context.Validated();
                //context.SetError("invalid_clientId", "ClientId should be sent.");
                return Task.FromResult<object>(null);
            }

            using (AuthRepository _repo = new AuthRepository())
            {
                client = _repo.FindClient(context.ClientId);
            }

            if (client == null)
            {
                context.SetError("invalid_clientId", string.Format("Client '{0}' is not registered in the system.", context.ClientId));
                return Task.FromResult<object>(null);
            }

            if (client.ApplicationType == ApplicationTypes.NativeConfidential)
            {
                if (string.IsNullOrWhiteSpace(clientSecret))
                {
                    context.SetError("invalid_clientId", "Client secret should be sent.");
                    return Task.FromResult<object>(null);
                }
                else
                {
                    if (client.Secret != HashHelper.GetHash(clientSecret))
                    {
                        context.SetError("invalid_clientId", "Client secret is invalid.");
                        return Task.FromResult<object>(null);
                    }
                }
            }

            if (!client.Active)
            {
                context.SetError("invalid_clientId", "Client is inactive.");
                return Task.FromResult<object>(null);
            }

            context.OwinContext.Set<string>("as:clientAllowedOrigin", client.AllowedOrigin);
            context.OwinContext.Set<string>("as:clientRefreshTokenLifeTime", client.RefreshTokenLifeTime.ToString());

            context.Validated();
            return Task.FromResult<object>(null);
        }
开发者ID:FarajiA,项目名称:AspNetIdentity.WebApi,代码行数:60,代码来源:CustomOAuthProvider.cs

示例2: ValidateClientAuthentication

 public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
 {
     string clientId = string.Empty;
     string clientSecret = string.Empty;
     Client client = (Client)null;
     if (!context.TryGetBasicCredentials(out clientId, out clientSecret))
         context.TryGetFormCredentials(out clientId, out clientSecret);
     if (context.ClientId == null)
     {
         context.Validated();
         return (Task)Task.FromResult<object>((object)null);
     }
     using (AuthRepository authRepository = new AuthRepository())
         client = authRepository.FindClient(context.ClientId);
     if (client == null)
     {
         context.SetError("invalid_clientId", string.Format("Client '{0}' is not registered in the system.", (object)context.ClientId));
         return (Task)Task.FromResult<object>((object)null);
     }
     if (client.ApplicationType == ApplicationTypes.NativeConfidential)
     {
         if (string.IsNullOrEmpty(clientSecret))
         {
             context.SetError("invalid_clientId", "Client secret should be sent.");
             return (Task)Task.FromResult<object>((object)null);
         }
         if (client.Secret != Helper.GetHash(clientSecret))
         {
             context.SetError("invalid_clientId", "Client secret is invalid.");
             return (Task)Task.FromResult<object>((object)null);
         }
     }
     if (!client.Active)
     {
         context.SetError("invalid_clientId", "Client is inactive.");
         return (Task)Task.FromResult<object>((object)null);
     }
     context.OwinContext.Set<string>("as:clientAllowedOrigin", client.AllowedOrigin);
     context.OwinContext.Set<string>("as:clientRefreshTokenLifeTime", client.RefreshTokenLifeTime.ToString());
     context.Validated();
     return (Task)Task.FromResult<object>((object)null);
 }
开发者ID:quangnc0503h,项目名称:ecommerce,代码行数:42,代码来源:SimpleAuthorizationServerProvider.cs

示例3: ValidateClientAuthentication

        //The first method is responsible for validating the “Client”, in our case we have only one 
        //client so we’ll always return that its validated successfully.
        public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
        {

            //1.
            // We are trying to get the Client id and secret from the authorization 
            //header using a basic scheme so one way to send the client_id/client_secret 
            //is to base64 encode the (client_id:client_secret) and send it in the Authorization header. 
            //The other way is to sent the client_id/client_secret as “x-www-form-urlencoded”. 
            //In my case I’m supporting the both approaches so client can set those values 
            //using any of the two available options.

            //2.
            // We are checking if the consumer didn’t set client information at all, 
            //so if you want to enforce setting the client id always then you need to 
            //invalidate the context. In my case I’m allowing to send requests without 
            //client id for the sake of keeping old post and demo working correctly.

            //3.
            // After we receive the client id we need to check our database if the client 
            //is already registered with our back-end API, if it is not registered we’ll 
            //invalidate the context and reject the request.

            string clientId = string.Empty;
            string clientSecret = string.Empty;
            Client client = null;

            if (!context.TryGetBasicCredentials(out clientId, out clientSecret))
            {
                context.TryGetFormCredentials(out clientId, out clientSecret);
            }

            if (context.ClientId == null)
            {
                //Remove the comments from the below line context.SetError, and invalidate context 
                //if you want to force sending clientId/secrects once obtain access tokens. 
                context.Validated();
                //context.SetError("invalid_clientId", "ClientId should be sent.");
                return Task.FromResult<object>(null);
            }

            using (AuthRepository _repo = new AuthRepository())
            {
                client = _repo.FindClient(context.ClientId);
            }

            if (client == null)
            {
                context.SetError("invalid_clientId", string.Format
                    ("Client '{0}' is not registered in the system.", context.ClientId));
                return Task.FromResult<object>(null);
            }

            // 4.
            // If the client is registered we need to check his application type, so if 
            //it was “JavaScript – Non Confidential” client we’ll not check or ask for the secret. 
            //If it is Native – Confidential app then the client secret is mandatory and it will 
            //be validated against the secret stored in the database.

            // Native Application
            if (client.ApplicationType == Models.ApplicationTypeEnums.NativeConfidential)
            {
                if (string.IsNullOrWhiteSpace(clientSecret))
                {
                    context.SetError("invalid_clientId", "Client secret should be sent.");
                    return Task.FromResult<object>(null);
                }
                else
                {
                    if (client.Secret != Helper.GetHash(clientSecret))
                    {
                        context.SetError("invalid_clientId", "Client secret is invalid.");
                        return Task.FromResult<object>(null);
                    }
                }
            }

            // 5.
            // Then we’ll check if the client is active, if it is not the case then 
            //we’ll invalidate the request.
            if (!client.Active)
            {
                context.SetError("invalid_clientId", "Client is inactive.");
                return Task.FromResult<object>(null);
            }

            // 6.
            // Lastly we need to store the client allowed origin and refresh token life time value on the 
            // Owin context so it will be available once we generate the refresh token and set 
            // its expiry life time.
            context.OwinContext.Set<string>("as:clientAllowedOrigin", client.AllowedOrigin);
            context.OwinContext.Set<string>("as:clientRefreshTokenLifeTime", client.RefreshTokenLifeTime.ToString());

            //7.
            //If all is valid we mark the context as valid context which means that client 
            //check has passed and the code flow can proceed to the next step.
            context.Validated();

            return Task.FromResult<object>(null);
//.........这里部分代码省略.........
开发者ID:Rahul-P,项目名称:WebAPI2-angularSPA,代码行数:101,代码来源:SimpleAuthorizationServerProvider.cs


注:本文中的AuthRepository.FindClient方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。