public Client GenerateNewSecret(string id) { //TODO: invalidate existing refresh tokens? try { IClientAccount ca = _clientStorage.GetClient(id); if (ca != null) { ca.ClientSecret = Guid.NewGuid().ToString(); _clientStorage.UpdateClient(id, ca); return(Client.CreateInstance(ca)); } else { throw new HttpRequestException(JsonSerializer.SerializeJson(new ErrorMessage("Client does not exist", 500)), MimeType.APPLICATION_JSON) { Status = SKotstein.Net.Http.Context.HttpStatus.InternalServerError }; } } catch (HttpRequestException hre) { throw hre; } catch (Exception e) { throw new HttpRequestException(JsonSerializer.SerializeJson(new ErrorMessage(e.Message, 500)), MimeType.APPLICATION_JSON) { Status = SKotstein.Net.Http.Context.HttpStatus.InternalServerError }; } }
public async Task <ClaimsIdentity> CreateUserIdentityAsync(IClientAccount clientAccount, string userName) { var personalData = await _personalDataRepository.GetAsync(clientAccount.Id); var claims = new List <Claim> { new Claim(ClaimTypes.Name, clientAccount.Email), new Claim(ClaimTypes.NameIdentifier, clientAccount.Id), new Claim(OpenIdConnectConstants.Claims.Email, clientAccount.Email) }; if (!string.IsNullOrEmpty(personalData.FirstName)) { claims.Add(new Claim(OpenIdConnectConstants.Claims.GivenName, personalData.FirstName)); } if (!string.IsNullOrEmpty(personalData.LastName)) { claims.Add(new Claim(OpenIdConnectConstants.Claims.FamilyName, personalData.LastName)); } if (!string.IsNullOrEmpty(personalData.Country)) { claims.Add(new Claim(OpenIdConnectConstantsExt.Claims.Country, personalData.Country)); } var documents = (await GetDocumentListAsync(clientAccount.Id)).ToList(); if (documents.Any()) { claims.Add(new Claim(OpenIdConnectConstantsExt.Claims.Documents, string.Join(",", documents))); } return(new ClaimsIdentity(new GenericIdentity(userName, "Token"), claims)); }
public async Task <IClientAccount> RegisterClientAsync(string email, string firstName, string lastName, string phone, string password, string hint, string clientInfo, string ip, string changer, string language) { IClientAccount clientAccount = ClientAccount.Create(email, phone); clientAccount = await _clientAccountsRepository.RegisterAsync(clientAccount, password); var personalData = FullPersonalData.Create(clientAccount, firstName, lastName, hint); await _personalDataRepository.SaveAsync(personalData); await SetDefaultAssetGroups(clientAccount.Id); var fullname = personalData.GetFullName(); var logEvent = RegistrationLogEvent.Create(clientAccount.Id, email, fullname, phone, clientInfo, ip); await _registrationLogs.RegisterEventAsync(logEvent); await _auditLogRepository.AddAuditRecordAsync(clientAccount.Id, null, personalData, AuditRecordType.PersonalData, changer); await _srvEmailsFacade.SendWelcomeEmail(clientAccount.Email, clientAccount.Id); foreach (var registrationConsumer in _registrationConsumers) { registrationConsumer.ConsumeRegistration(clientAccount, ip, language); } return(clientAccount); }
public static void AuthenticateUserViaOwin(this Controller ctx, IClientAccount user) { var authManager = ctx.HttpContext.GetOwinContext().Authentication; var identity = MakeIdentity(user); authManager.SignIn(new AuthenticationProperties {IsPersistent = false}, identity); ctx.SetCookie(EmailCookie, user.Email, DateTime.UtcNow.AddYears(1)); }
private static ClaimsIdentity MakeIdentity(IClientAccount user) { var claims = new List <Claim> { new Claim(ClaimTypes.Name, user.Id) }; var identity = new ClaimsIdentity(claims, DefaultAuthenticationTypes.ApplicationCookie); return(identity); }
public static void AuthenticateUserViaOwin(this ApiController ctx, IClientAccount user) { var authManager = ctx.ControllerContext.Request.GetOwinContext().Authentication; var identity = MakeIdentity(user); authManager.SignIn(new AuthenticationProperties { IsPersistent = false }, identity); }
private void AssertClientAccount(IClientAccount ca) { Assert.AreEqual(true, ca.ClientAccountActive); Assert.AreEqual(3202, ca.ClientAccountID); Assert.AreEqual(true, ca.IsDefault); Assert.AreEqual(false, ca.Manager); Assert.AreEqual(true, ca.ClientAccountActive); AssertClient(ca); AssertAccount(ca); }
public async Task<IClientAccount> RegisterAsync(IClientAccount clientAccount, string password) { var newEntity = ClientAccountEntity.CreateNew(clientAccount, password); var indexEntity = AzureIndex.Create(IndexEmail, newEntity.Email, newEntity); await _emailIndices.InsertAsync(indexEntity); await _tradersTableStorage.InsertAsync(newEntity); return newEntity; }
public static void AuthenticateUserViaOwin(this Controller ctx, IClientAccount user) { var authManager = ctx.HttpContext.GetOwinContext().Authentication; var identity = MakeIdentity(user); authManager.SignIn(new AuthenticationProperties { IsPersistent = false }, identity); ctx.SetCookie(EmailCookie, user.Email, DateTime.UtcNow.AddYears(1)); }
public async Task <IClientAccount> RegisterAsync(IClientAccount clientAccount, string password) { var newEntity = ClientAccountEntity.CreateNew(clientAccount, password); var indexEntity = AzureIndex.Create(IndexEmail, newEntity.Email, newEntity); await _emailIndices.InsertAsync(indexEntity); await _clientsTablestorage.InsertAsync(newEntity); return(newEntity); }
public static PersonalData Create(IClientAccount src, string firstname, string lastname) { return new PersonalData { Id = src.Id, Email = src.Email, ContactPhone = src.Phone, Regitered = src.Registered, FirstName = firstname, LastName = lastname }; }
public static PersonalData Create(IClientAccount src, string firstname, string lastname) { return(new PersonalData { Id = src.Id, Email = src.Email, ContactPhone = src.Phone, Regitered = src.Registered, FirstName = firstname, LastName = lastname }); }
public static FullPersonalData Create(IClientAccount src, string fullName, string pwdHint) { return(new FullPersonalData { Id = src.Id, Email = src.Email, ContactPhone = src.Phone, Regitered = src.Registered, FullName = fullName, Country = "CHE", PasswordHint = pwdHint }); }
public void DeleteClient(string clientId) { if (String.IsNullOrWhiteSpace(clientId)) { throw new Exception("client ID is not set"); } IClientAccount ca = GetClient(clientId); if (ca != null) { _clientAccounts.Remove(ca); RemoveFromDisk(clientId); } }
public void ConsumeRegistration(IClientAccount account, string ip, string language) { lock (_lockObject) { _queue.Enqueue(new RegistrationEvent { ClientAccount = account, Ip = ip, Language = language }); } Task.Run(async() => await Execute()); }
public static ClientAccountEntity CreateNew(IClientAccount clientAccount, string password) { var result = new ClientAccountEntity { PartitionKey = GeneratePartitionKey(), RowKey = Guid.NewGuid().ToString(), Email = clientAccount.Email.ToLower(), Phone = clientAccount.Phone, Registered = clientAccount.Registered }; result.SetPassword(password); return result; }
public string CreateClient(IClientAccount data) { if (data == null) { throw new Exception("data is not set"); } else { data.ClientId = "" + IdCounter; _clientAccounts.Add(data); SaveToDisk(data); IdCounter++; return(data.ClientId); } }
public static ClientAccountEntity CreateNew(IClientAccount clientAccount, string password) { var result = new ClientAccountEntity { PartitionKey = GeneratePartitionKey(), RowKey = Guid.NewGuid().ToString(), Email = clientAccount.Email.ToLower(), Phone = clientAccount.Phone, Registered = clientAccount.Registered }; result.SetPassword(password); return(result); }
public async Task <IClientAccount> RegisterClientAsync(string email, string firstname, string lastname, string phone, string password) { IClientAccount clientAccount = ClientAccount.Create(email, phone); clientAccount = await _tradersRepository.RegisterAsync(clientAccount, password); await _srvSmsConfirmator.SendSmsAsync(clientAccount.Id); await _personalDataRepository.SaveAsync(PersonalData.Create(clientAccount, firstname, lastname)); await RegisterAccountAsync(clientAccount, "EUR"); await RegisterAccountAsync(clientAccount, "USD"); await RegisterAccountAsync(clientAccount, "CHF"); return(clientAccount); }
public async Task <IClientAccount> RegisterAsync(IClientAccount clientAccount, string password) { var newEntity = ClientAccountEntity.CreateNew(clientAccount, password); string partnerId = clientAccount.PartnerId; string indexRowKey = GetEmailPartnerIndexRowKey(newEntity); var indexEntity = AzureIndex.Create(IndexEmail, indexRowKey, newEntity); ClientPartnerRelationEntity clientPartner = ClientPartnerRelationEntity.CreateNew(clientAccount.Email, newEntity.Id, newEntity.PartnerId); await _emailIndices.InsertAsync(indexEntity); await _clientsTablestorage.InsertAsync(newEntity); await _clientPartnerTablestorage.InsertAsync(clientPartner); return(newEntity); }
public static ClientAccountEntity CreateNew(IClientAccount clientAccount, string password) { var result = new ClientAccountEntity { PartitionKey = GeneratePartitionKey(), RowKey = Guid.NewGuid().ToString(), NotificationsId = Guid.NewGuid().ToString("N"), Email = clientAccount.Email.ToLower(), Phone = clientAccount.Phone, Registered = clientAccount.Registered, PartnerId = clientAccount.PartnerId }; PasswordKeepingUtils.SetPassword((IPasswordKeeping)result, password); return(result); }
public decimal GetApportionment(IClientAccount ca, IRoom room, DateTime period) { if (ca == null) { return(0); } if (room == null) { return(0); } RoomApportionment appor = Session.Query <RoomApportionment>().FirstOrDefault(x => x.Client.ClientID == ca.ClientID && x.Account.AccountID == ca.AccountID && x.Room == room && x.Period == period); if (appor == null) { return(0); } return(appor.ChargeDays); }
/// <summary> /// Checks whether the <see cref="Client"/> having the passed ID exists and whether it has users (see <see cref="Client.HasUser"/>). /// If not, a <see cref="HttpRequestException"/> with <see cref="HttpStatus.NotFound"/> will be thrown. /// </summary> /// <param name="clientId">ID of the <see cref="Client"/></param> private void CheckClient(string clientId) { IClientAccount client = _clientStorage.GetClient(clientId); if (client == null) { throw new HttpRequestException(JsonSerializer.SerializeJson(new ErrorMessage("The client with the ID: " + clientId + " does not exist", 404)), MimeType.APPLICATION_JSON) { Status = SKotstein.Net.Http.Context.HttpStatus.NotFound }; } if (!client.HasUser) { throw new HttpRequestException(JsonSerializer.SerializeJson(new ErrorMessage("The client with the ID: " + clientId + " has no user", 404)), MimeType.APPLICATION_JSON) { Status = SKotstein.Net.Http.Context.HttpStatus.NotFound }; } }
public static ClientAccountJson CreateInstance(IClientAccount ca) { ClientAccountJson client = new ClientAccountJson(); client.ClientId = ca.ClientId; client.AccessTokenExpiryInSeconds = ca.AccessTokenExpiryInSeconds; client.ClientSecret = ca.ClientSecret; client.Description = ca.Description; client.FriendlyName = ca.FriendlyName; client.HasUser = ca.HasUser; client.IsBlocked = ca.IsBlocked; client.IsClientIdRequiredForRefreshToken = ca.IsClientIdRequiredForRefreshToken; client.IsClientSecretRequiredForPasswordGrant = ca.IsClientSecretRequiredForPasswordGrant; client.IsClientSecretRequiredForRefreshToken = ca.IsClientSecretRequiredForRefreshToken; client.IsUserIdRequiredForRefreshToken = ca.IsUserIdRequiredForRefreshToken; client.IsUserPasswordRequiredForRefreshToken = ca.IsUserPasswordRequiredForRefreshToken; client.RefreshTokenExpiryInSeconds = ca.RefreshTokenExpiryInSeconds; client.Scope = ca.Scope; return(client); }
public IClientAccount GetDryBoxClientAccount(int clientOrgId) { var q = Session.Query <ClientAccount>().Where(x => x.ClientOrg.ClientOrgID == clientOrgId); var join = q.Join( Session.Query <DryBoxAssignment>(), o => o.ClientAccountID, i => i.ClientAccountID, (o, i) => i); IClientAccount result = null; var dba = join.FirstOrDefault(); if (dba != null) { var ca = Require <ClientAccount>(dba.ClientAccountID); result = ca.CreateModel <IClientAccount>(); } return(result); }
public async Task <IClientAccount> RegisterClientAsync(string email, string fullname, string phone, string password, string hint, string clientInfo, string ip, string changer, double?iosVersion = null) { IClientAccount clientAccount = ClientAccount.Create(email, phone); clientAccount = await _clientAccountsRepository.RegisterAsync(clientAccount, password); await _clientSettingsRepository.SetSettings(clientAccount.Id, new HashedPwdSettings { IsPwdHashed = true }); var personalData = FullPersonalData.Create(clientAccount, fullname, hint); await _personalDataRepository.SaveAsync(personalData); await SetDefaultAssetGroups(clientAccount.Id, iosVersion); var logEvent = RegistrationLogEvent.Create(clientAccount.Id, email, fullname, phone, clientInfo, ip); await _registrationLogs.RegisterEventAsync(logEvent); await _auditLogRepository.AddAuditRecordAsync(clientAccount.Id, null, personalData, AuditRecordType.PersonalData, changer); await _srvEmailsFacade.SendWelcomeEmail(clientAccount.Email, clientAccount.Id); await _backgroundWorkRequestProducer.ProduceRequest(WorkType.SetGeolocation, new SetGeolocationContext(clientAccount.Id, ip)); await _backgroundWorkRequestProducer.ProduceRequest(WorkType.SetReferralCode, new SetReferralCodeContext(clientAccount.Id, ip)); await _backgroundWorkRequestProducer.ProduceRequest(WorkType.SetAntiFraudRecord, new SetAntiFraudContext(clientAccount.Id, ip, email, fullname, phone)); return(clientAccount); }
public void UpdateClient(string clientId, IClientAccount data) { if (String.IsNullOrWhiteSpace(clientId)) { throw new Exception("client ID is not set"); } if (data == null) { throw new Exception("data is not set"); } IClientAccount ca = GetClient(clientId); if (ca == null) { throw new Exception("Client does not exist"); } else { ca.AccessTokenExpiryInSeconds = data.AccessTokenExpiryInSeconds; ca.ClientSecret = data.ClientSecret; ca.IsBlocked = data.IsBlocked; ca.RefreshTokenExpiryInSeconds = data.RefreshTokenExpiryInSeconds; ca.Scope = data.Scope; ca.HasUser = data.HasUser; ca.IsClientIdRequiredForRefreshToken = data.IsClientIdRequiredForRefreshToken; ca.IsClientSecretRequiredForPasswordGrant = data.IsClientSecretRequiredForPasswordGrant; ca.IsClientSecretRequiredForRefreshToken = data.IsClientSecretRequiredForRefreshToken; ca.IsUserIdRequiredForRefreshToken = data.IsUserIdRequiredForRefreshToken; ca.IsUserPasswordRequiredForRefreshToken = data.IsUserPasswordRequiredForRefreshToken; ca.FriendlyName = data.FriendlyName; ca.Description = data.Description; data.ClientId = clientId; SaveToDisk(data); } }
public void Authorize(HttpContext context, IDictionary <string, string> query) { string clientId = ""; string clientSecret = ""; string requestedScope = ""; //expected but already parsed input is: grant_type //expected input is: client_id, client_secret //optional input is: scope //load client ID if (query.ContainsKey("client_id")) { clientId = query["client_id"]; } else { InvalidAuthorizationResponse errorResponse = new InvalidAuthorizationResponse(); errorResponse.Error = InvalidAuthorizationResponse.INVALID_REQUEST; errorResponse.Error_description = "The client ID is missing. The request must include the query parameter 'client_id'"; //TODO: add URI context.Response.Payload.Write(JsonSerializer.SerializeJson(errorResponse)); context.Response.Headers.Set("Content-Type", MimeType.APPLICATION_JSON); context.Response.Status = HttpStatus.BadRequest; return; } //load client secret if (query.ContainsKey("client_secret")) { clientSecret = query["client_secret"]; } else { InvalidAuthorizationResponse errorResponse = new InvalidAuthorizationResponse(); errorResponse.Error = InvalidAuthorizationResponse.INVALID_REQUEST; errorResponse.Error_description = "The client secret is missing. The request must include the query parameter 'client_secret'"; //TODO: add URI context.Response.Payload.Write(JsonSerializer.SerializeJson(errorResponse)); context.Response.Headers.Set("Content-Type", MimeType.APPLICATION_JSON); context.Response.Status = HttpStatus.BadRequest; return; } //load scope if (query.ContainsKey("scope")) { requestedScope = query["scope"]; } //step 1: check whether: 1) client exists, 2) client is not blocked, 3) credentials are correct IClientAccount client = _storage.GetClient(clientId); if (client == null || client.IsBlocked || client.ClientSecret.CompareTo(clientSecret) != 0) { InvalidAuthorizationResponse errorResponse = new InvalidAuthorizationResponse(); errorResponse.Error = InvalidAuthorizationResponse.INVALID_CLIENT; errorResponse.Error_description = "The client ID or secret is invalid"; //TPDP: add URI context.Response.Payload.Write(JsonSerializer.SerializeJson(errorResponse)); context.Response.Headers.Set("Content-Type", MimeType.APPLICATION_JSON); context.Response.Status = HttpStatus.Unauthorized; return; } //step 2: validate scope string finalScope = ""; if (String.IsNullOrWhiteSpace(requestedScope)) { finalScope = client.Scope; } else { //extract single scopes from requested scope string[] scopes; if (requestedScope.Contains(",")) { scopes = requestedScope.Split(','); } else if (requestedScope.Contains(";")) { scopes = requestedScope.Split(';'); } else if (requestedScope.Contains(" ")) { scopes = requestedScope.Split(' '); } else { scopes = new string[] { requestedScope }; } //check whether all requested scopes are permitted: IList <string> permittedScope = client.GetScopeAsList; foreach (string scope in scopes) { if (!permittedScope.Contains(scope)) { InvalidAuthorizationResponse errorResponse = new InvalidAuthorizationResponse(); errorResponse.Error = InvalidAuthorizationResponse.INVALID_SCOPE; errorResponse.Error_description = "The scope '" + scope + "' is not permitted or unknown"; //TODO: add URL context.Response.Payload.Write(JsonSerializer.SerializeJson(errorResponse)); context.Response.Headers.Set("Content-Type", MimeType.APPLICATION_JSON); context.Response.Status = HttpStatus.BadRequest; return; } finalScope += scope + " "; } finalScope.Trim(); } //step 3: create access token and (if applicable) refresh token AccessToken accessToken = _reference.GenerateAccessToken(null, clientId, finalScope, client.AccessTokenExpiryInSeconds); string refreshToken = _reference.GenerateRefreshToken(null, clientId, finalScope, client.RefreshTokenExpiryInSeconds); //step 4: return access token and (if applicable) refresh token accessToken.RefreshToken = refreshToken; context.Response.Payload.Write(JsonSerializer.SerializeJson(accessToken)); context.Response.Headers.Set("Content-Type", MimeType.APPLICATION_JSON); context.Response.Headers.Set("Cache-Control", "no-store"); context.Response.Headers.Set("Pragma", "no-cache"); context.Response.Status = HttpStatus.OK; }
public void Authorize(HttpContext context, IDictionary <string, string> query) { string username = ""; string password = ""; string clientId = ""; string clientSecret = ""; string requestedScope = ""; //expected but already parsed input is: grant_type //expected input is: username, password //optional input is: scope //load username if (query.ContainsKey("username")) { username = query["username"]; } else { InvalidAuthorizationResponse errorResponse = new InvalidAuthorizationResponse(); errorResponse.Error = InvalidAuthorizationResponse.INVALID_REQUEST; errorResponse.Error_description = "The username is missing. The request must include the query parameter 'username'"; //TODO: add URI context.Response.Payload.Write(JsonSerializer.SerializeJson(errorResponse)); context.Response.Headers.Set("Content-Type", MimeType.APPLICATION_JSON); context.Response.Status = HttpStatus.BadRequest; return; } //load password if (query.ContainsKey("password")) { password = query["password"]; } else { InvalidAuthorizationResponse errorResponse = new InvalidAuthorizationResponse(); errorResponse.Error = InvalidAuthorizationResponse.INVALID_REQUEST; errorResponse.Error_description = "The password is missing. The request must include the query parameter 'password'"; //TODO: add URI context.Response.Payload.Write(JsonSerializer.SerializeJson(errorResponse)); context.Response.Headers.Set("Content-Type", MimeType.APPLICATION_JSON); context.Response.Status = HttpStatus.BadRequest; return; } //load client ID: if (query.ContainsKey("client_id")) { clientId = query["client_id"]; } else { InvalidAuthorizationResponse errorResponse = new InvalidAuthorizationResponse(); errorResponse.Error = InvalidAuthorizationResponse.INVALID_REQUEST; errorResponse.Error_description = "The client ID is missing. The request must include the query parameter 'client_id'"; //TODO: add URI context.Response.Payload.Write(JsonSerializer.SerializeJson(errorResponse)); context.Response.Headers.Set("Content-Type", MimeType.APPLICATION_JSON); context.Response.Status = HttpStatus.BadRequest; return; } //load client secret if (query.ContainsKey("client_secret")) { clientSecret = query["client_secret"]; } //load scope if (query.ContainsKey("scope")) { requestedScope = query["scope"]; } //step 1: check whether: 1) client exists, 2) client is not blocked, 3) client has user IClientAccount client = _clientStorage.GetClient(clientId); if (client == null || client.IsBlocked || !client.HasUser) { InvalidAuthorizationResponse errorResponse = new InvalidAuthorizationResponse(); errorResponse.Error = InvalidAuthorizationResponse.INVALID_CLIENT; errorResponse.Error_description = "The client ID is invalid"; //TPDP: add URI context.Response.Payload.Write(JsonSerializer.SerializeJson(errorResponse)); context.Response.Headers.Set("Content-Type", MimeType.APPLICATION_JSON); context.Response.Status = HttpStatus.Unauthorized; return; } //step 2 (if applicable): 1) check whether client's secret is set (if enabled) and 2) if it is correct if (client.IsClientSecretRequiredForPasswordGrant) { if (String.IsNullOrWhiteSpace(clientSecret)) { InvalidAuthorizationResponse errorResponse = new InvalidAuthorizationResponse(); errorResponse.Error = InvalidAuthorizationResponse.INVALID_REQUEST; errorResponse.Error_description = "The client secret is missing. The request must include the query parameter 'client_secret'"; //TODO: add URI context.Response.Payload.Write(JsonSerializer.SerializeJson(errorResponse)); context.Response.Headers.Set("Content-Type", MimeType.APPLICATION_JSON); context.Response.Status = HttpStatus.BadRequest; return; } if (client.ClientSecret.CompareTo(clientSecret) != 0) { InvalidAuthorizationResponse errorResponse = new InvalidAuthorizationResponse(); errorResponse.Error = InvalidAuthorizationResponse.INVALID_CLIENT; errorResponse.Error_description = "The client ID or secret is invalid"; //TODO: add URI context.Response.Payload.Write(JsonSerializer.SerializeJson(errorResponse)); context.Response.Headers.Set("Content-Type", MimeType.APPLICATION_JSON); context.Response.Status = HttpStatus.Unauthorized; return; } } //step 3: check whether 1) user exists, 2) user is not blocked, 3) password is correct and 4) the user belongs to the passed client IUserAccount user = _userStorage.GetUserByName(username); if (user == null || user.IsBlocked || user.Password.CompareTo(password) != 0 || user.ClientId.CompareTo(clientId) != 0) { InvalidAuthorizationResponse errorResponse = new InvalidAuthorizationResponse(); errorResponse.Error = InvalidAuthorizationResponse.INVALID_CLIENT; errorResponse.Error_description = "The username or password invalid"; //TODO: add URI context.Response.Payload.Write(JsonSerializer.SerializeJson(errorResponse)); context.Response.Headers.Set("Content-Type", MimeType.APPLICATION_JSON); context.Response.Status = HttpStatus.Unauthorized; return; } //step 4: validate scope string finalScope = ""; if (String.IsNullOrWhiteSpace(requestedScope)) { finalScope = user.Scope; } else { //extract single scopes from requested scope string[] scopes; if (requestedScope.Contains(",")) { scopes = requestedScope.Split(','); } else if (requestedScope.Contains(";")) { scopes = requestedScope.Split(';'); } else if (requestedScope.Contains(" ")) { scopes = requestedScope.Split(' '); } else { scopes = new string[] { requestedScope }; } //check whether all requested scopes are permitted: IList <string> permittedScope = user.GetScopeAsList; foreach (string scope in scopes) { if (!permittedScope.Contains(scope)) { InvalidAuthorizationResponse errorResponse = new InvalidAuthorizationResponse(); errorResponse.Error = InvalidAuthorizationResponse.INVALID_SCOPE; errorResponse.Error_description = "The scope '" + scope + "' is not permitted or unknown"; //TODO: add URL context.Response.Payload.Write(JsonSerializer.SerializeJson(errorResponse)); context.Response.Headers.Set("Content-Type", MimeType.APPLICATION_JSON); context.Response.Status = HttpStatus.BadRequest; return; } finalScope += scope + " "; } finalScope.Trim(); } //step 6: create access token and (if applicable) refresh token AccessToken accessToken = _reference.GenerateAccessToken(username, clientId, finalScope, client.AccessTokenExpiryInSeconds); string refreshToken = _reference.GenerateRefreshToken(username, clientId, finalScope, client.RefreshTokenExpiryInSeconds); //step 7: return access token and (if applicable) refresh token accessToken.RefreshToken = refreshToken; context.Response.Payload.Write(JsonSerializer.SerializeJson(accessToken)); context.Response.Headers.Set("Content-Type", MimeType.APPLICATION_JSON); context.Response.Headers.Set("Cache-Control", "no-store"); context.Response.Headers.Set("Pragma", "no-cache"); context.Response.Status = HttpStatus.OK; }
public static void AuthenticateUserViaOwin(this ApiController ctx, IClientAccount user) { var authManager = ctx.ControllerContext.Request.GetOwinContext().Authentication; var identity = MakeIdentity(user); authManager.SignIn(new AuthenticationProperties { IsPersistent = false }, identity); }
public static void SetIdentity(this IClientAccount account) { ApiDependencies.GetIdentity = o => account.Id; }
/// <summary> /// Saves the passed <see cref="IClientAccount"/> to disk. /// </summary> /// <param name="data">data to be saved</param> private void SaveToDisk(IClientAccount data) { ClientAccountJson caj = ClientAccountJson.CreateInstance(data); File.WriteAllText(_homeDirectory + data.ClientId + ".json", JsonSerializer.SerializeJson(caj)); }
private static ClaimsIdentity MakeIdentity(IClientAccount user) { var claims = new List<Claim> { new Claim(ClaimTypes.Name, user.Id) }; var identity = new ClaimsIdentity(claims, DefaultAuthenticationTypes.ApplicationCookie); return identity; }
private async Task RegisterAccountAsync(IClientAccount client, string currencyId) { var lykkeAccount = await _srvLykkeWallet.GenerateAccountsAsync(currencyId); await _accountsRepository.RegisterAccount(Account.Create(client.Id, lykkeAccount.Id, 0, currencyId)); }
public Client UpdateClient(string id, Client client) { try { IClientAccount ca = _clientStorage.GetClient(id); if (ca != null) { if (client.HasPropertySet[Client.NAME_PROPERTY]) { ca.FriendlyName = client.FriendlyName; } if (client.HasPropertySet[Client.DESCRIPTION_PROPERTY]) { ca.Description = client.Description; } if (client.HasPropertySet[Client.SCOPE_PROPOERTY]) { ca.Scope = client.Scope; } if (client.HasPropertySet[Client.IS_BLOCKED_PROPERTY]) { ca.IsBlocked = client.IsBlocked; } if (client.HasPropertySet[Client.ACCESS_TOKEN_EXPIRY_PROPERTY]) { ca.AccessTokenExpiryInSeconds = client.AccessTokenExpiryInSeconds; } if (client.HasPropertySet[Client.REFRESH_TOKEN_EXPIRY_PROPERTY]) { ca.RefreshTokenExpiryInSeconds = client.RefreshTokenExpiryInSeconds; } if (client.HasPropertySet[Client.HAS_USER_PROPERTY]) { ca.HasUser = client.HasUser; } if (client.HasPropertySet[Client.IS_CLIENT_ID_REQUIRED_FOR_REFRESH_TOKEN]) { ca.IsClientIdRequiredForRefreshToken = client.IsClientIdRequiredForRefreshToken; } if (client.HasPropertySet[Client.IS_CLIENT_SECRET_REQUIRED_FOR_REFRESH_TOKEN]) { ca.IsClientSecretRequiredForRefreshToken = client.IsClientSecretRequiredForRefreshToken; } if (client.HasPropertySet[Client.IS_USER_ID_REQUIRED_FOR_REFRESH_TOKEN]) { ca.IsUserIdRequiredForRefreshToken = client.IsUserIdRequiredForRefreshToken; } if (client.HasPropertySet[Client.IS_USER_PASSWORD_REQUIRED_FOR_REFRESH_TOKEN]) { ca.IsUserPasswordRequiredForRefreshToken = client.IsUserPasswordRequiredForRefreshToken; } if (client.HasPropertySet[Client.IS_CLIENT_SECRET_REQUIRED_FOR_PASSWORD_GRANT]) { ca.IsClientSecretRequiredForPasswordGrant = client.IsClientSecretRequiredForPasswordGrant; } _clientStorage.UpdateClient(id, ca); Client c = Client.CreateInstance(ca); c.ClientSecret = "*********"; //hide secret return(c); } else { throw new HttpRequestException(JsonSerializer.SerializeJson(new ErrorMessage("Client does not exist", 404)), MimeType.APPLICATION_JSON) { Status = SKotstein.Net.Http.Context.HttpStatus.NotFound }; } } catch (HttpRequestException hre) { throw hre; } catch (Exception e) { throw new HttpRequestException(JsonSerializer.SerializeJson(new ErrorMessage(e.Message, 500)), MimeType.APPLICATION_JSON) { Status = SKotstein.Net.Http.Context.HttpStatus.InternalServerError }; } }
private async Task RegisterAccountAsync(IClientAccount client, string currencyId) { var lykkeAccount = await _srvLykkeWallet.GenerateAccountsAsync(currencyId); await _accountsRepository.RegisterAccount(Account.Create(client.Id, lykkeAccount.Id, 0, currencyId)); }
public decimal GetApportionment(IClientAccount ca, IRoom room, DateTime period) { throw new NotImplementedException(); }