Set client id in user login events from resource owner password valid…

…ator (#3442)
IdentityServer · Jul 23, 2019 · 6ef66a1 · 6ef66a1
1 parent 5d42c55
commit 6ef66a1
Showing 1 changed file with 6 additions and 5 deletions.
diff --git a/src/AspNetIdentity/src/ResourceOwnerPasswordValidator.cs b/src/AspNetIdentity/src/ResourceOwnerPasswordValidator.cs
@@ -52,6 +52,7 @@ public class ResourceOwnerPasswordValidator<TUser> : IResourceOwnerPasswordValid
         /// <returns></returns>
         public virtual async Task ValidateAsync(ResourceOwnerPasswordValidationContext context)
         {
+            var clientId = context.Request?.Client?.ClientId;
             var user = await _userManager.FindByNameAsync(context.UserName);
             if (user != null)
             {
@@ -61,31 +62,31 @@ public virtual async Task ValidateAsync(ResourceOwnerPasswordValidationContext c
                     var sub = await _userManager.GetUserIdAsync(user);
 
                     _logger.LogInformation("Credentials validated for username: {username}", context.UserName);
-                    await _events.RaiseAsync(new UserLoginSuccessEvent(context.UserName, sub, context.UserName, interactive: false));
+                    await _events.RaiseAsync(new UserLoginSuccessEvent(context.UserName, sub, context.UserName, false, clientId));
 
                     context.Result = new GrantValidationResult(sub, AuthenticationMethods.Password);
                     return;
                 }
                 else if (result.IsLockedOut)
                 {
                     _logger.LogInformation("Authentication failed for username: {username}, reason: locked out", context.UserName);
-                    await _events.RaiseAsync(new UserLoginFailureEvent(context.UserName, "locked out", interactive: false));
+                    await _events.RaiseAsync(new UserLoginFailureEvent(context.UserName, "locked out", false, clientId));
                 }
                 else if (result.IsNotAllowed)
                 {
                     _logger.LogInformation("Authentication failed for username: {username}, reason: not allowed", context.UserName);
-                    await _events.RaiseAsync(new UserLoginFailureEvent(context.UserName, "not allowed", interactive: false));
+                    await _events.RaiseAsync(new UserLoginFailureEvent(context.UserName, "not allowed", false, clientId));
                 }
                 else
                 {
                     _logger.LogInformation("Authentication failed for username: {username}, reason: invalid credentials", context.UserName);
-                    await _events.RaiseAsync(new UserLoginFailureEvent(context.UserName, "invalid credentials", interactive: false));
+                    await _events.RaiseAsync(new UserLoginFailureEvent(context.UserName, "invalid credentials", false, clientId));
                 }
             }
             else
             {
                 _logger.LogInformation("No user found matching username: {username}", context.UserName);
-                await _events.RaiseAsync(new UserLoginFailureEvent(context.UserName, "invalid username", interactive: false));
+                await _events.RaiseAsync(new UserLoginFailureEvent(context.UserName, "invalid username", false, clientId));
             }
 
             context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant);