/// <summary> /// Closes the session to the remote AceQL server and Close on server all the connections to the database. /// This is the preferred method of closing any open connection. /// </summary> public async Task LogoutAsync() { if (logoutAsyncDone) { return; } UserLoginStore loginStore = new UserLoginStore(this.aceQLHttpApi.GetServer(), this.aceQLHttpApi.GetUsername(), this.aceQLHttpApi.GetDatabase()); loginStore.Remove(); await aceQLHttpApi.CallApiNoResultAsync("logout", null).ConfigureAwait(false); logoutAsyncDone = true; }
/// <summary> /// Ctor /// </summary> public IdentityStore(IdentityContext context) { if (context == null) { throw new ArgumentNullException("context"); } _context = context; Logins = new UserLoginStore <UserLogin>(_context); Roles = new RoleStore <Role, UserRole>(_context); Secrets = new UserSecretStore <UserSecret>(_context); Tokens = new TokenStore <Token>(_context); UserClaims = new UserClaimStore <UserClaim>(_context); UserManagement = new UserManagementStore <UserManagement>(_context); Users = new UserStore <User>(_context); }
/// <summary> /// Ctor /// </summary> public IdentityStore(IdentityContext context) { if (context == null) { throw new ArgumentNullException("context"); } _context = context; Logins = new UserLoginStore<UserLogin>(_context); Roles = new RoleStore<Role, UserRole>(_context); Secrets = new UserSecretStore<UserSecret>(_context); Tokens = new TokenStore<Token>(_context); UserClaims = new UserClaimStore<UserClaim>(_context); UserManagement = new UserManagementStore<UserManagement>(_context); Users = new UserStore<User>(_context); }
private async Task <(User user, string provider, string providerUserId, IEnumerable <Claim> claims)> FindUserFromExternalProviderAsync(AuthenticateResult result) { var externalUser = result.Principal; // try to determine the unique id of the external user (issued by the provider) // the most common claim type for that are the sub claim and the NameIdentifier // depending on the external provider, some other claim type might be used var userIdClaim = externalUser.FindFirst(JwtClaimTypes.Subject) ?? externalUser.FindFirst(ClaimTypes.NameIdentifier) ?? throw new Exception("Unknown userid"); // remove the user id claim so we don't include it as an extra claim if/when we provision the user var claims = externalUser.Claims.ToList(); claims.Remove(userIdClaim); var loginProvider = result.Properties.Items["scheme"]; var providerKey = userIdClaim.Value; // find external user var user = await UserLoginStore.FindByLoginAsync(loginProvider, providerKey, CancellationToken.None); return(user, loginProvider, providerKey, claims); }
/// <summary> /// Opens this instance. /// </summary> /// <exception cref="ArgumentNullException"> if a required parameter extracted from connection string is missing. /// </exception> /// <exception cref="AceQLException"> if any other Exception occurs. /// </exception> internal async Task OpenAsync() { string sessionId; try { ConnectionStringDecoder connectionStringDecoder = new ConnectionStringDecoder(); connectionStringDecoder.Decode(connectionString); this.server = connectionStringDecoder.Server; this.database = connectionStringDecoder.Database; this.username = connectionStringDecoder.Username; this.password = connectionStringDecoder.Password; sessionId = connectionStringDecoder.SessionId; this.proxyUri = connectionStringDecoder.ProxyUri; this.proxyCredentials = connectionStringDecoder.ProxyCredentials; this.useCredentialCache = connectionStringDecoder.UseCredentialCache; this.timeout = connectionStringDecoder.Timeout; this.enableDefaultSystemAuthentication = connectionStringDecoder.EnableDefaultSystemAuthentication; if (connectionStringDecoder.EnableTrace) { simpleTracer.SetTraceOn(true); } await simpleTracer.TraceAsync("connectionString: " + connectionString).ConfigureAwait(false); await simpleTracer.TraceAsync("DecodeConnectionString() done!").ConfigureAwait(false); if (credential != null) { username = credential.Username; if (credential.Password != null) { password = credential.Password; } if (credential.SessionId != null) { sessionId = credential.SessionId; } } if (server == null) { throw new ArgumentNullException("Server keyword not found in connection string."); } if (password == null && sessionId == null) { throw new ArgumentNullException("Password keyword or SessionId keyword not found in connection string or AceQLCredential not set"); } if (database == null) { throw new ArgumentNullException("Database keyword not found in connection string."); } this.username = username ?? throw new ArgumentNullException("Username keyword not found in connection string or AceQLCredential not set."); // Create the HttpManager instance this.httpManager = new HttpManager(proxyUri, proxyCredentials, timeout, enableDefaultSystemAuthentication); this.httpManager.SetSimpleTracer(simpleTracer); Debug("httpManager.Proxy: " + httpManager.Proxy); UserLoginStore userLoginStore = new UserLoginStore(server, username, database); if (sessionId != null) { userLoginStore.SetSessionId(sessionId); } if (userLoginStore.IsAlreadyLogged()) { await simpleTracer.TraceAsync("Get a new connection with get_connection").ConfigureAwait(false); sessionId = userLoginStore.GetSessionId(); String theUrl = server + "/session/" + sessionId + "/get_connection"; String result = await httpManager.CallWithGetAsync(theUrl).ConfigureAwait(false); await simpleTracer.TraceAsync("result: " + result).ConfigureAwait(false); ResultAnalyzer resultAnalyzer = new ResultAnalyzer(result, HttpStatusCode); if (!resultAnalyzer.IsStatusOk()) { throw new AceQLException(resultAnalyzer.GetErrorMessage(), resultAnalyzer.GetErrorId(), resultAnalyzer.GetStackTrace(), HttpStatusCode); } String connectionId = resultAnalyzer.GetValue("connection_id"); await simpleTracer.TraceAsync("Ok. New Connection created: " + connectionId).ConfigureAwait(false); this.url = server + "/session/" + sessionId + "/connection/" + connectionId + "/"; } else { await DummyGetCallForProxyAuthentication().ConfigureAwait(false); String theUrl = server + "/database/" + database + "/username/" + username + "/login"; ConsoleEmul.WriteLine("theUrl: " + theUrl); Dictionary <string, string> parametersMap = new Dictionary <string, string> { { "password", new String(password) }, { "client_version", VersionValues.VERSION } }; await simpleTracer.TraceAsync("Before CallWithPostAsyncReturnString: " + theUrl); String result = await httpManager.CallWithPostAsyncReturnString(new Uri(theUrl), parametersMap).ConfigureAwait(false); ConsoleEmul.WriteLine("result: " + result); await simpleTracer.TraceAsync("result: " + result).ConfigureAwait(false); ResultAnalyzer resultAnalyzer = new ResultAnalyzer(result, HttpStatusCode); if (!resultAnalyzer.IsStatusOk()) { throw new AceQLException(resultAnalyzer.GetErrorMessage(), resultAnalyzer.GetErrorId(), resultAnalyzer.GetStackTrace(), HttpStatusCode); } String theSessionId = resultAnalyzer.GetValue("session_id"); String theConnectionId = resultAnalyzer.GetValue("connection_id"); this.url = server + "/session/" + theSessionId + "/connection/" + theConnectionId + "/"; userLoginStore.SetSessionId(theSessionId); await simpleTracer.TraceAsync("OpenAsync url: " + this.url).ConfigureAwait(false); } } catch (Exception exception) { await simpleTracer.TraceAsync(exception.ToString()).ConfigureAwait(false); if (exception.GetType() == typeof(AceQLException)) { throw; } else { throw new AceQLException(exception.Message, 0, exception, HttpStatusCode); } } }
public async Task <User> ProvisionUserAsync(string loginProvider, string providerKey, IEnumerable <Claim> claims, CancellationToken cancellationToken) { // create a list of claims that we want to transfer into our store var filtered = new List <Claim>(); foreach (var claim in claims) { // if the external system sends a display name - translate that to the standard OIDC name claim if (claim.Type == ClaimTypes.Name) { filtered.Add(new Claim(JwtClaimTypes.Name, claim.Value)); } // if the JWT handler has an outbound mapping to an OIDC claim use that else if (JwtSecurityTokenHandler.DefaultOutboundClaimTypeMap.ContainsKey(claim.Type)) { filtered.Add(new Claim(JwtSecurityTokenHandler.DefaultOutboundClaimTypeMap[claim.Type], claim.Value)); } // copy the claim as-is else { filtered.Add(claim); } } // if no display name was provided, try to construct by first and/or last name if (filtered.All(x => x.Type != JwtClaimTypes.Name)) { var first = filtered.FirstOrDefault(x => x.Type == JwtClaimTypes.GivenName)?.Value; var last = filtered.FirstOrDefault(x => x.Type == JwtClaimTypes.FamilyName)?.Value; if (first != null && last != null) { filtered.Add(new Claim(JwtClaimTypes.Name, first + " " + last)); } else if (first != null) { filtered.Add(new Claim(JwtClaimTypes.Name, first)); } else if (last != null) { filtered.Add(new Claim(JwtClaimTypes.Name, last)); } } // create a new unique subject id var id = CryptoRandom.CreateUniqueId(format: CryptoRandom.OutputFormat.Hex); // check if a display name is available, otherwise fallback to subject id var displayName = filtered.FirstOrDefault(c => c.Type == JwtClaimTypes.Name)?.Value ?? id; // get email, or cause exception if not present var email = filtered.First(c => c.Type == JwtClaimTypes.Email).Value; var normalizedEmail = LookupNormalizer.NormalizeEmail(email); // create new user var user = await UserEmailStore.FindByEmailAsync(email, cancellationToken) ?? await UserLoginStore.FindByLoginAsync(loginProvider, providerKey, cancellationToken) ?? new User { Id = id, UserName = email, NormalizedUserName = normalizedEmail, Email = email, NormalizedEmail = normalizedEmail }; user.UserLogins.Add ( new UserLogin { LoginProvider = loginProvider, ProviderKey = providerKey, ProviderDisplayName = displayName, User = user } ); user.UserClaims = user.UserClaims.ToArray() .Union ( filtered .Select ( (claim) => new UserClaim { ClaimType = claim.Type, ClaimValue = claim.Value, User = user } ).ToArray(), EqualityComparer <UserClaim> .Default ) .ToHashSet(); if (user.Id == id) { // add user to store await UserStore.CreateAsync(user, cancellationToken); } else { // update user in store await UserStore.UpdateAsync(user, cancellationToken); } return(user); }
public JWTServerUserLoginManager(UserLoginStore <IdentityUser> userLoginStore) : base(userLoginStore) { }
public CustomIdentityStore(System.Data.Entity.DbContext context) { if (context == null) { throw new ArgumentNullException("context"); } _context = context; Logins = new UserLoginStore<CustomUserLogin>(_context); Roles = new RoleStore<CustomRole, CustomUserRole>(_context); Secrets = new UserSecretStore<CustomUserSecret>(_context); Tokens = new TokenStore<CustomToken>(_context); UserClaims = new UserClaimStore<CustomUserClaim>(_context); UserManagement = new UserManagementStore<CustomUserManagement>(_context); Users = new UserStore<CustomUser>(_context); }