OAuthAuthorizationServerProvider.GrantResourceOwnerCredentials Method (OAuthGrantResourceOwnerCredentialsContext)
Called when a request to the Token endpoint arrives with a "grant_type" of "password". This occurs when the user has provided name and password credentials directly into the client application's user interface, and the client application is using those to acquire an "access_token" and optional "refresh_token". If the web application supports the resource owner credentials grant type it must validate the context.Username and context.Password as appropriate. To issue an access token the context.Validated must be called with a new ticket containing the claims about the resource owner which should be associated with the access token. The application should take appropriate measures to ensure that the endpoint isn’t abused by malicious callers. The default behavior is to reject this grant type. See also http://tools.ietf.org/html/rfc6749\#section-4.3.2
Namespace: Microsoft.Owin.Security.OAuth
Assembly: Microsoft.Owin.Security.OAuth (in Microsoft.Owin.Security.OAuth.dll)
Syntax
public virtual Task GrantResourceOwnerCredentials(
OAuthGrantResourceOwnerCredentialsContext context
)
public:
virtual Task^ GrantResourceOwnerCredentials(
OAuthGrantResourceOwnerCredentialsContext^ context
)
abstract GrantResourceOwnerCredentials :
context:OAuthGrantResourceOwnerCredentialsContext -> Task
override GrantResourceOwnerCredentials :
context:OAuthGrantResourceOwnerCredentialsContext -> Task
Public Overridable Function GrantResourceOwnerCredentials (
context As OAuthGrantResourceOwnerCredentialsContext
) As Task
Parameters
context
Type: Microsoft.Owin.Security.OAuth.OAuthGrantResourceOwnerCredentialsContextThe context of the event carries information in and results out.
Return Value
Type: System.Threading.Tasks.Task
Task to enable asynchronous execution
Implements
See Also
OAuthAuthorizationServerProvider Class
Microsoft.Owin.Security.OAuth Namespace
Return to top