Manish Vadukul

Manish Vadukul

  • 1.3k
  • 77
  • 3.2k

grant_type passed in URL quer string

Jan 10 2024 3:29 PM

Hi

My code is working if I pass grant_type="client_credentials" Body in POSTMAN. But If i pass grant_type in params. It give me     "error": "unsupported_grant_type". 

Please see in below screenshot.

How can i take grant_type from url query string.

See below my code is working with grant_type passed in Body.

 

public class AppAuthorizationServerProvider : OAuthAuthorizationServerProvider
    {
        string _contextClientId = "";
        string _contextCleintSecret = "";
        public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
        {
            string clientId = string.Empty;
            string clientSecret = string.Empty;
            _contextClientId = context.Parameters.Get("clientId");
            _contextCleintSecret = context.Parameters.Get("clientSecret");
            if (context.TryGetBasicCredentials(out clientId, out clientSecret))
            {
                context.SetError("invalid _client", "client credential could not be retrived");
                context.Rejected();
                return Task.CompletedTask;
            }

            ClientDetails client = (new ClientDetailsRepo()).ValidateClient(_contextClientId, _contextCleintSecret);


            if (client != null)
            {
                context.OwinContext.Set<ClientDetails>("oauth:client", client);
                context.Validated();                
            }
            else
            {
                context.SetError("invalid _client", "client credentials are not valid");
                context.Rejected();
            }
                       

            //context.Validated();
            return Task.CompletedTask;
        }

        public override async Task GrantClientCredentials(OAuthGrantClientCredentialsContext context)
        {
            //Guid clientId;
             //Guid.TryParse(context.ClientId, out clientId);
            //validate aginstdb or config: GetByClientId(clientId);
            //string clientId = context.ClientId;            
            bool client = ConfigurationManager.AppSettings["ClientId"] == _contextClientId && ConfigurationManager.AppSettings["ClientSecret"] == _contextCleintSecret;
            if (!client)
            {
                context.SetError("invalid_grant", "Invaild client.");
                context.Rejected();
                return;
            }
            var claimsIdentity = new ClaimsIdentity(context.Options.AuthenticationType);
            claimsIdentity.AddClaim(new Claim("LoggedOn", DateTime.Now.ToString()));            
            claimsIdentity.AddClaim(new Claim("ClientId", _contextClientId));
            claimsIdentity.AddClaim(new Claim("ClientSecret", _contextCleintSecret));

            await Task.Run(() => context.Validated(claimsIdentity));
        }
               
    }


Answers (2)