Implementation of the OAuth 2.0 Licensing Service "password mode (Resource Owner Password Credentials) based on IdentityServer3

In the password mode (Resource Owner Password Credentials Grant), the user provides their user name and password to the client. The client uses this information to request authorization from the provider provider. The OAuth 2.0 Authorization Service "Client Credentials grant" modification is implemented based on the previous IdentityServer3.

Client

 Public classClients { Public StaticList<client>Get () {return NewList<client>                    {                        //no human involved                        NewClient {ClientName="App Interface Services", ClientId="app_test_id", Enabled=true, Accesstokentype=accesstokentype.reference, Flow=flows.clientcredentials, Clientsecrets=NewList<secret>                            {                                NewSecret ("F621f470-9731-4a25-80ef-67a6f7c5f4b8". SHA256 ())}, Allowedscopes=Newlist<string>                            {                                "User",                                "Order"                            }                        },                        //Human is involved                        NewClient {ClientName="Username Client", ClientId="Irving", Enabled=true, Accesstokentype=accesstokentype.reference, Flow=Flows.resourceowner, Clientsecrets=NewList<secret>                            {                                NewSecret ("21b5f798-be55-42bc-8aa8-0025b903dc3b". SHA256 ())}, Allowedscopes=Newlist<string>                            {                                "User",                                "Order"                            }                        }                    }; }    }

User

 Public classUsers { Public StaticList<inmemoryuser>Get () {return NewList<inmemoryuser>            {                NewInmemoryuser {Username="Irving", Password="123456", Subject="1", Claims=New[]                    {                        NewClaim (Constants.ClaimTypes.GivenName,"Bob"),                        NewClaim (Constants.ClaimTypes.FamilyName,"Smith")                    }                },                NewInmemoryuser {Username="Bob", Password="Secret", Subject="2"                },                NewInmemoryuser {Username="Alice", Password="Secret", Subject="3"                }            }; }    }

server-side configuration

 Public classStartup {/// <summary>        ///Configuring the IDSV Licensing service/// </summary>        /// <param name= "app" ></param>         Public voidConfiguration (Iappbuilder app) {varopts =Newidentityserveroptions {SiteName="Embedded Homeinns PMS 2.0 OAuth2 Service", Enablewelcomepage=true, Factory=Newidentityserverservicefactory (). Useinmemoryclients (Clients.get ()). Useinmemoryscopes (Scopes.get ())//. Useinmemoryusers (New list<inmemoryuser> ()),                              . Useinmemoryusers (Users.get ()), requireSSL=false,                //signingcertificate = new X509Certificate2 (string. Format (@ "{0}\bin\identityserver\idsrv3test.pfx", AppDomain.CurrentDomain.BaseDirectory), "Idsrv3test")            }; App.            Useidentityserver (opts); /*//Custom routing app.                Map ("/identity", Idsrvapp = {idsrvapp.useidentityserver (opts);            }); */        }

Controller

[Route ("api/v1/values")]     Public classValuescontroller:apicontroller { PublicIhttpactionresult Get () {varCaller = User asClaimsPrincipal; varSubjectclaim = caller. FindFirst ("Sub"); if(Subjectclaim! =NULL)            {                returnJson (New{message="OK User", Client= caller. FindFirst ("client_id"). Value, Subject=Subjectclaim.value}); }            Else            {                returnJson (New{message="OK Computer", Client= caller. FindFirst ("client_id").            Value}); }        }    }

Control Desk

classProgram {Static voidMain (string[] args) {            /*POSTHttp://192.168.210.165/connect/tokenhttp/1.1 Accept:application/json Authorization:basic Yxbwx3rlc3rfawq6rjyymuy0nzatotcz Ms00qti1ltgwruytnjdbnky3qzvgnei4 content-type:application/x-www-form-urlencoded host:192.1                68.210.165 content-length:40 expect:100-continue connection:keep-alive Grant_type=client_credentials&scope=user*/            /*GEThttp://192.168.210.165: 88/api/v1/values http/1.1 authorization:bearer 9f82476751e1f8b93f1ea6df7de83b51 Host: 192.168.210.165:88*/            varLog =Newloggerconfiguration (). WriteTo. Literateconsole (outputtemplate:"{Timestamp:HH:mm} [{level}] ({name:l}) {NewLine} {message}{newline}{exception}")                          .            Createlogger (); //ClientCredentials            vartoken =NewTokenclient ("Http://192.168.210.165/connect/token",                         "app_test_id",                         "F621f470-9731-4a25-80ef-67a6f7c5f4b8"); varResponse = token. Requestclientcredentialsasync ("User").            Result; varClient =NewHttpClient (); Client. Setbearertoken (response.            Accesstoken); Log.information (client. Getstringasync ("http://192.168.210.165:88/api/v1/values").            Result); //Resourceowner            varResourceownerclient =NewTokenclient ("Http://192.168.210.165/connect/token",                            "Irving",                            "21b5f798-be55-42bc-8aa8-0025b903dc3b"); vardata = Resourceownerclient.requestresourceownerpasswordasync ("Irving","123456","Order").            Result; Client. Setbearertoken (data.            Accesstoken); Log.information (client. Getstringasync ("http://192.168.210.165:88/api/v1/values").            Result);        Console.readkey (); }    }}

Implementation of the OAuth 2.0 Licensing Service "password mode (Resource Owner Password Credentials) based on IdentityServer3