Beispiel #1
        /// <inheritdoc />
        public async Task <string> StoreAsync(AuthenticationTicket ticket)
            // it's possible that the user re-triggered OIDC (somehow) prior to
            // the session DB records being cleaned up, so we should preemptively remove
            // conflicting session records for this sub/sid combination
            await _store.DeleteUserSessionsAsync(new UserSessionsFilter
                SubjectId = ticket.GetSubjectId(),
                SessionId = ticket.GetSessionId()

            var key = CryptoRandom.CreateUniqueId(format: CryptoRandom.OutputFormat.Hex);

            _logger.LogDebug("Creating entry in store for AuthenticationTicket, key {key}, with expiration: {expiration}", key, ticket.GetExpiration());

            var session = new UserSession
                Key       = key,
                Created   = ticket.GetIssued(),
                Renewed   = ticket.GetIssued(),
                Expires   = ticket.GetExpiration(),
                SubjectId = ticket.GetSubjectId(),
                SessionId = ticket.GetSessionId(),
                Ticket    = ticket.Serialize(_protector)

            await _store.CreateUserSessionAsync(session);

Beispiel #2
        /// <inheritdoc />
        public async Task RenewAsync(string key, AuthenticationTicket ticket)
            var session = await _store.GetUserSessionAsync(key);

            if (session == null)
                throw new InvalidOperationException($"No matching item in store for key `{key}`");

            _logger.LogDebug("Renewing AuthenticationTicket for key {key}, with expiration: {expiration}", key, ticket.GetExpiration());

            var sub     = ticket.GetSubjectId();
            var sid     = ticket.GetSessionId();
            var isNew   = session.SubjectId != sub || session.SessionId != sid;
            var created = isNew ? ticket.GetIssued() : session.Created;

            await _store.UpdateUserSessionAsync(key, new UserSessionUpdate {
                SubjectId = ticket.GetSubjectId(),
                SessionId = ticket.GetSessionId(),
                Created   = created,
                Renewed   = ticket.GetIssued(),
                Expires   = ticket.GetExpiration(),
                Ticket    = ticket.Serialize(_protector)
Beispiel #3
    /// <inheritdoc />
    public async Task <string> StoreAsync(AuthenticationTicket ticket)

        ticket.SetIssuer(await _issuerNameService.GetCurrentAsync());

        var key = CryptoRandom.CreateUniqueId(format: CryptoRandom.OutputFormat.Hex);

        _logger.LogDebug("Creating entry in store for AuthenticationTicket, key {key}, with expiration: {expiration}", key, ticket.GetExpiration());

        var session = new ServerSideSession
            Key         = key,
            Scheme      = ticket.AuthenticationScheme,
            Created     = ticket.GetIssued(),
            Renewed     = ticket.GetIssued(),
            Expires     = ticket.GetExpiration(),
            SubjectId   = ticket.GetSubjectId(),
            SessionId   = ticket.GetSessionId(),
            DisplayName = ticket.GetDisplayName(_options.ServerSideSessions.UserDisplayNameClaimType),
            Ticket      = ticket.Serialize(_protector)

        await _store.CreateSessionAsync(session);

Beispiel #4
    /// <inheritdoc />
    public async Task RenewAsync(string key, AuthenticationTicket ticket)

        var session = await _store.GetSessionAsync(key);

        if (session == null)
            throw new InvalidOperationException($"No matching item in store for key `{key}`");

        _logger.LogDebug("Renewing AuthenticationTicket for key {key}, with expiration: {expiration}", key, ticket.GetExpiration());

        var sub  = ticket.GetSubjectId();
        var sid  = ticket.GetSessionId();
        var name = String.IsNullOrWhiteSpace(_options.ServerSideSessions.UserDisplayNameClaimType) ? null : ticket.Principal.FindFirst(_options.ServerSideSessions.UserDisplayNameClaimType)?.Value;

        var isNew = session.SubjectId != sub || session.SessionId != sid;

        if (isNew)
            session.Created   = ticket.GetIssued();
            session.SubjectId = sub;
            session.SessionId = sid;

        session.Renewed     = ticket.GetIssued();
        session.Expires     = ticket.GetExpiration();
        session.DisplayName = name;
        session.Ticket      = ticket.Serialize(_protector);

        await _store.UpdateSessionAsync(session);
Beispiel #5
 /// <inheritdoc />
 public Task RenewAsync(string key, AuthenticationTicket ticket)
     // todo: discuss updating sub and sid?
     return(_store.UpdateUserSessionAsync(key, new UserSessionUpdate {
         Renewed = ticket.GetIssued(),
         Expires = ticket.GetExpiration(),
         Ticket = ticket.Serialize(),
Beispiel #6
        /// <inheritdoc />
        public async Task <string> StoreAsync(AuthenticationTicket ticket)
            var key = CryptoRandom.CreateUniqueId(format: CryptoRandom.OutputFormat.Hex);

            var session = new UserSession
                Key       = key,
                Created   = ticket.GetIssued(),
                Renewed   = ticket.GetIssued(),
                Expires   = ticket.GetExpiration(),
                SubjectId = ticket.GetSubjectId(),
                SessionId = ticket.GetSessionId(),
                Scheme    = ticket.AuthenticationScheme,
                Ticket    = ticket.Serialize(),

            await _store.CreateUserSessionAsync(session);
