public KerberosAuthenticator(string upn, KeyTable keytab, Krb5Config config, ILoggerFactory logger = null)
: this(new KerberosValidator(keytab, logger))
{
if (!string.IsNullOrWhiteSpace(upn))
{
this.s4uProvider = new S4UProviderFactory(upn, keytab, config, logger);
}
}
internal KerberosIdentity(KerberosIdentityResult identity)
: base(identity.UserClaims, identity.AuthenticationType, identity.NameType, identity.RoleType)
{
this.Restrictions = identity.Restrictions.GroupBy(r => r.Type).ToDictionary(r => r.Key, r => r.ToList().AsEnumerable());
this.ValidationMode = identity.ValidationMode;
if (identity.KrbApReq.Options.HasFlag(ApOptions.MutualRequired))
{
var apRepEncoded = identity.KrbApReq.CreateResponseMessage().EncodeApplication();
this.ApRep = Convert.ToBase64String(apRepEncoded.ToArray());
}
this.SessionKey = identity.KrbApReq.SessionKey.GetKey();
this.s4uProviderFactory = identity.S4uProviderFactory;
this.krbApReq = identity.KrbApReq;
}
