Currently I am about to develop an API which needs to implement OAuth2 as a security protocol
I would like to know how to implement from scratch to generate the access token and how to refresh the token as such after a certain time
I already get the token
OAuthAuthorizationServerOptions opcionesautorizacion =
new OAuthAuthorizationServerOptions()
{
AllowInsecureHttp = true,
TokenEndpointPath = new PathString("/recuperartoken"),
AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(strTiempo),
Provider = new Credentials.AutorizacionCredencialesToken(),
RefreshTokenProvider = new Credentials.RefreshToken()
};
The class as such uses this code, the variables that are assigned are obtained from a separate list, so the comparison is already made there
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
var acceso = ((strUsuarioAdmin == context.UserName && context.Password == strPassAdmin) || (strUsuarioCliente == context.UserName && context.Password == strPassCliente));
if (acceso == false)
{
context.SetError("Error de acceso", "Credenciales incorrectas");
}
else
{
ClaimsIdentity identidad = new ClaimsIdentity(context.Options.AuthenticationType);
identidad.AddClaim(new Claim(ClaimTypes.Name, context.Password));
//
if ((strUsuarioAdmin == context.UserName && context.Password == strPassAdmin))
{
identidad.AddClaim(new Claim(ClaimTypes.Role, "ADMINISTRADOR"));
context.Validated(identidad);
}
if ((strUsuarioCliente == context.UserName && context.Password == strPassCliente))
{
identidad.AddClaim(new Claim(ClaimTypes.Role, "USUARIO"));
context.Validated(identidad);
}
}
}
I would like to obtain the access_token to store it
