Beispiel #1
0
    /// <summary>
    /// Called when the security stamp has been verified.
    /// </summary>
    /// <param name="user">The user who has been verified.</param>
    /// <param name="context">The <see cref="CookieValidatePrincipalContext"/>.</param>
    /// <returns>A task.</returns>
    protected virtual async Task SecurityStampVerified(TUser user, CookieValidatePrincipalContext context)
    {
        var newPrincipal = await SignInManager.CreateUserPrincipalAsync(user);

        if (Options.OnRefreshingPrincipal != null)
        {
            var replaceContext = new SecurityStampRefreshingPrincipalContext
            {
                CurrentPrincipal = context.Principal,
                NewPrincipal     = newPrincipal
            };

            // Note: a null principal is allowed and results in a failed authentication.
            await Options.OnRefreshingPrincipal(replaceContext);

            newPrincipal = replaceContext.NewPrincipal;
        }

        // REVIEW: note we lost login authentication method
        context.ReplacePrincipal(newPrincipal);
        context.ShouldRenew = true;

        if (!context.Options.SlidingExpiration)
        {
            // On renewal calculate the new ticket length relative to now to avoid
            // extending the expiration.
            context.Properties.IssuedUtc = Clock.UtcNow;
        }
    }
Beispiel #2
0
        /// <summary>
        /// Maintains the claims captured at login time that are not being created by ASP.NET Identity.
        /// This is needed to preserve claims such as idp, auth_time, amr.
        /// </summary>
        /// <param name="context">The context.</param>
        /// <returns></returns>
        public static Task UpdatePrincipal(SecurityStampRefreshingPrincipalContext context)
        {
            var newClaimTypes       = context.NewPrincipal.Claims.Select(x => x.Type).ToArray();
            var currentClaimsToKeep = context.CurrentPrincipal.Claims.Where(x => !newClaimTypes.Contains(x.Type)).ToArray();

            var id = context.NewPrincipal.Identities.First();

            id.AddClaims(currentClaimsToKeep);

            return(Task.CompletedTask);
        }
Beispiel #3
0
        /// <summary>
        /// Called when the security stamp has been verified.
        /// </summary>
        /// <param name="user">The user who has been verified.</param>
        /// <param name="context">The <see cref="CookieValidatePrincipalContext"/>.</param>
        /// <returns>A task.</returns>
        protected virtual async Task SecurityStampVerified(User user, CookieValidatePrincipalContext context)
        {
            var newPrincipal = await SignInManager.CreateUserPrincipalAsync(user);

            if (Options.OnRefreshingPrincipal != null)
            {
                var replaceContext = new SecurityStampRefreshingPrincipalContext
                {
                    CurrentPrincipal = context.Principal,
                    NewPrincipal     = newPrincipal
                };

                // Note: a null principal is allowed and results in a failed authentication.
                await Options.OnRefreshingPrincipal(replaceContext);

                newPrincipal = replaceContext.NewPrincipal;
            }

            //当默认安全戳验证器替换cookie中的用户CalimsEngor时调用。
            context.ReplacePrincipal(newPrincipal);
            context.ShouldRenew = true;
        }
        public async Task SecurityStampVerified(CookieValidatePrincipalContext context)
        {
            var newPrincipal = new ClaimsPrincipal(new ClaimsIdentity(context.Principal?.Claims, CookieAuthenticationDefaults.AuthenticationScheme));

            if (Options.OnRefreshingPrincipal != null)
            {
                var replaceContext = new SecurityStampRefreshingPrincipalContext
                {
                    CurrentPrincipal = context.Principal,
                    NewPrincipal     = newPrincipal
                };

                // Note: a null principal is allowed and results in a failed authentication.
                await Options.OnRefreshingPrincipal(replaceContext);

                newPrincipal = replaceContext.NewPrincipal;
            }

            // REVIEW: note we lost login authentication method
            context.ReplacePrincipal(newPrincipal);
            context.ShouldRenew = true;
        }