· 9 years ago · Aug 21, 2016, 02:38 PM
1private void ConfigureOAuth(IAppBuilder app)
2{
3 OAuthAuthorizationServerOptions OAuthServerOptions = new OAuthAuthorizationServerOptions()
4 {
5 AllowInsecureHttp = true,
6 TokenEndpointPath = new PathString("/token"),
7 AccessTokenExpireTimeSpan = TimeSpan.FromDays(1),
8 Provider = new SimpleAuthorizationServerProvider()
9 };
10
11 // Token Generation
12 app.UseOAuthAuthorizationServer(OAuthServerOptions);
13 app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
14}
15
16public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
17{
18 // first, for the website, we'll manually have the credentials checked here
19 string clientId;
20 string clientSecret;
21 context.TryGetFormCredentials(out clientId, out clientSecret);
22 if (clientId == "MyApp" && clientSecret == "SecretGuid")
23 {
24 // it's the website, they're cool, let 'em through
25 context.Validated(clientId);
26 }
27 else if (clientId.ToLower().StartsWith("game/"))
28 {
29 CheckGameClientValidation(context, clientId, clientSecret);
30 // this method essentially uses the GraphRepository to see if it's a valid game
31 // and whether the client secret matches the game's SecretKey that's generated on creation
32 }
33}
34
35public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
36{
37 // this one I'm a little less sure about. This is where I hope to find
38 // the user in the DB and find out what games they should have claims to use
39 context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });
40
41 var user = GraphRepository.GetUserAndGamesOwned(context.UserName);
42
43 var identity = new ClaimsIdentity(context.Options.AuthenticationType);
44 identity.AddClaim(new Claim("sub", context.UserName));
45
46 if (user != null)
47 {
48 identity.AddClaim(new Claim(ClaimTypes.Name, user.User.Name));
49
50 foreach (var id in user.GameIdsOwned)
51 {
52 identity.AddClaim(new Claim("http://example.com/claims/owns_game", id.ToString(), ClaimValueTypes.Integer));
53 }
54 }
55
56 context.Validated(identity);
57}