This authentication normally just involves calling the '/Token' endpoint, with user credentials, and receiving a ticket back containing an auth token for the user. I am calling this in my Web API from a WPF client application, and it would make life much easier for me, and the login process much quicker, if I could simple have one authentication request that returns the authenticated IdentityUser
, or in a normal template based API project, an AspNetUser
object.
I see the method TokenEndPoint
in my API's ApplicationOAuthProvider
does very little, so I don't think a change there could help much, but the GrantResourceOwnerCredentials
seems to be the crux of that provider, yet its return is void.
The options for the provider include:
AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin")
but I can find no evidence of that action being executed. I trace all successful requests to a log, and my Debug.WriteLine($"API TRACE: ExternalLogin called for {provider}.")
doesn't appear in the output window, so I don't think I can use that action to server redirect to one that returns a User.
Is there anything I can do, except call the /Token
endpoint from a login action that allows anonymous, and then redirect?
EDIT: The method that grants the token is in the ApplicationOAuthProvider
class provided in my project template. It derives from OAuthAuthorizationServerProvider
. It is:
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
var userManager = context.OwinContext.GetUserManager<UserManager>();
var user = await userManager.FindAsync(context.UserName, context.Password);
if (user == null)
{
context.SetError("invalid_grant", $"The user name or password is incorrect.");
return;
}
ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(userManager,
OAuthDefaults.AuthenticationType);
ClaimsIdentity cookiesIdentity = await user.GenerateUserIdentityAsync(userManager,
CookieAuthenticationDefaults.AuthenticationType);
AuthenticationProperties properties = CreateProperties(user.UserName);
AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, properties);
context.Validated(ticket);
context.Request.Context.Authentication.SignIn(cookiesIdentity);
}