Asp.net GrantResourceOwnerCredentials未开火
我从OAuthAuthorizationServerProvider继承并重写如下:Asp.net GrantResourceOwnerCredentials未开火,asp.net,asp.net-mvc,token,owin,Asp.net,Asp.net Mvc,Token,Owin,我从OAuthAuthorizationServerProvider继承并重写如下: public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context) { context.OwinContext.Set<string>("oauth:client", "test"); context.Validated
public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
context.OwinContext.Set<string>("oauth:client", "test");
context.Validated("blah");
return Task.FromResult<object>(null);
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });
//using (AuthRepository _repo = new AuthRepository())
//{
// IdentityUser user = await _repo.FindUser(context., context.Password);
// if (user == null)
// {
// context.SetError("invalid_grant", "The user name or password is incorrect.");
// return;
// }
//}
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
identity.AddClaim(new Claim("sub", context.UserName));
identity.AddClaim(new Claim("role", "user"));
context.Validated(identity);
}
public override Task MatchEndpoint(OAuthMatchEndpointContext context)
{
if (context.IsTokenEndpoint)
{
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Methods", new[] { "POST" });
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Headers", new[] { "accept", "authorization", "content-type" });
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });
context.OwinContext.Response.StatusCode = 200;
context.RequestCompleted();
return Task.FromResult<object>(null);
}
return base.MatchEndpoint(context);
}
public override Task TokenEndpoint(OAuthTokenEndpointContext context)
{
foreach (KeyValuePair<string, string> property in context.Properties.Dictionary)
{
context.AdditionalResponseParameters.Add(property.Key, property.Value);
}
return Task.FromResult<object>(null);
}
public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
{
Uri expectedRootUri = new Uri(context.Request.Uri, "/");
if (expectedRootUri.AbsoluteUri == context.RedirectUri)
{
context.Validated();
}
return Task.FromResult<object>(null);
}
知道为什么GrantResourceOwnerCredentials没有被解雇吗?现在的目标是生成一个访问令牌以供将来使用。被调用的身份验证是自定义的。(服务器对服务器,共享私钥)
我这样称呼它:
问题出在
public override Task MatchEndpoint(OAuthMatchEndpointContext context)
{
....
context.RequestCompleted();
....
}
实际上,就在此时此地结束了响应。去掉那条线就成功了。问题出在
public override Task MatchEndpoint(OAuthMatchEndpointContext context)
{
....
context.RequestCompleted();
....
}
实际上,就在此时此地结束了响应。去掉那条线就成功了