admin/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2026-01-31 14:13:18 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
038c98cfaf04e5730013d1be773d83f531de33e7
server/src/Core/Identity/ResourceOwnerPasswordValidator.cs

48 lines
2.0 KiB
C#
Raw Blame History

using Bit.Core.Domains;
using IdentityServer4.Models;
using IdentityServer4.Validation;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Identity;
using Microsoft.Extensions.Options;
using System.Security.Claims;
using System.Threading.Tasks;
namespace Bit.Core.Identity
{
public class ResourceOwnerPasswordValidator : IResourceOwnerPasswordValidator
{
private readonly UserManager<User> _userManager;
private readonly IdentityOptions _identityOptions;
public ResourceOwnerPasswordValidator(
UserManager<User> userManager,
IOptions<IdentityOptions> optionsAccessor)
{
_userManager = userManager;
_identityOptions = optionsAccessor?.Value ?? new IdentityOptions();
}
public async Task ValidateAsync(ResourceOwnerPasswordValidationContext context)
{
var user = await _userManager.FindByEmailAsync(context.UserName.ToLowerInvariant());
if(user != null)
{
if(await _userManager.CheckPasswordAsync(user, context.Password))
{
context.Result = new GrantValidationResult(user.Id.ToString(), "Application", identityProvider: "bitwarden",
claims: new Claim[] {
// Deprecated claims for backwards compatability
new Claim(ClaimTypes.AuthenticationMethod, "Application"),
new Claim(_identityOptions.ClaimsIdentity.UserIdClaimType, user.Id.ToString()),
new Claim(_identityOptions.ClaimsIdentity.UserNameClaimType, user.Email.ToString()),
new Claim(_identityOptions.ClaimsIdentity.SecurityStampClaimType, user.SecurityStamp)
});
return;
}
}
context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "Username or password is incorrect.");
}
}
}
Reference in New Issue View Git Blame Copy Permalink