/// <summary>
/// Closes the session to the remote AceQL server and Close on server all the connections to the database.
/// This is the preferred method of closing any open connection.
/// </summary>
public async Task LogoutAsync()
{
if (logoutAsyncDone)
{
return;
}
UserLoginStore loginStore = new UserLoginStore(this.aceQLHttpApi.GetServer(), this.aceQLHttpApi.GetUsername(), this.aceQLHttpApi.GetDatabase());
loginStore.Remove();
await aceQLHttpApi.CallApiNoResultAsync("logout", null).ConfigureAwait(false);
logoutAsyncDone = true;
}
/// <summary>
/// Ctor
/// </summary>
public IdentityStore(IdentityContext context)
{
if (context == null)
{
throw new ArgumentNullException("context");
}
_context = context;
Logins = new UserLoginStore <UserLogin>(_context);
Roles = new RoleStore <Role, UserRole>(_context);
Secrets = new UserSecretStore <UserSecret>(_context);
Tokens = new TokenStore <Token>(_context);
UserClaims = new UserClaimStore <UserClaim>(_context);
UserManagement = new UserManagementStore <UserManagement>(_context);
Users = new UserStore <User>(_context);
}
/// <summary>
/// Ctor
/// </summary>
public IdentityStore(IdentityContext context)
{
if (context == null)
{
throw new ArgumentNullException("context");
}
_context = context;
Logins = new UserLoginStore<UserLogin>(_context);
Roles = new RoleStore<Role, UserRole>(_context);
Secrets = new UserSecretStore<UserSecret>(_context);
Tokens = new TokenStore<Token>(_context);
UserClaims = new UserClaimStore<UserClaim>(_context);
UserManagement = new UserManagementStore<UserManagement>(_context);
Users = new UserStore<User>(_context);
}
private async Task <(User user, string provider, string providerUserId, IEnumerable <Claim> claims)> FindUserFromExternalProviderAsync(AuthenticateResult result)
{
var externalUser = result.Principal;
// try to determine the unique id of the external user (issued by the provider)
// the most common claim type for that are the sub claim and the NameIdentifier
// depending on the external provider, some other claim type might be used
var userIdClaim = externalUser.FindFirst(JwtClaimTypes.Subject) ??
externalUser.FindFirst(ClaimTypes.NameIdentifier) ??
throw new Exception("Unknown userid");
// remove the user id claim so we don't include it as an extra claim if/when we provision the user
var claims = externalUser.Claims.ToList();
claims.Remove(userIdClaim);
var loginProvider = result.Properties.Items["scheme"];
var providerKey = userIdClaim.Value;
// find external user
var user = await UserLoginStore.FindByLoginAsync(loginProvider, providerKey, CancellationToken.None);
return(user, loginProvider, providerKey, claims);
}
/// <summary>
/// Opens this instance.
/// </summary>
/// <exception cref="ArgumentNullException"> if a required parameter extracted from connection string is missing.
/// </exception>
/// <exception cref="AceQLException"> if any other Exception occurs.
/// </exception>
internal async Task OpenAsync()
{
string sessionId;
try
{
ConnectionStringDecoder connectionStringDecoder = new ConnectionStringDecoder();
connectionStringDecoder.Decode(connectionString);
this.server = connectionStringDecoder.Server;
this.database = connectionStringDecoder.Database;
this.username = connectionStringDecoder.Username;
this.password = connectionStringDecoder.Password;
sessionId = connectionStringDecoder.SessionId;
this.proxyUri = connectionStringDecoder.ProxyUri;
this.proxyCredentials = connectionStringDecoder.ProxyCredentials;
this.useCredentialCache = connectionStringDecoder.UseCredentialCache;
this.timeout = connectionStringDecoder.Timeout;
this.enableDefaultSystemAuthentication = connectionStringDecoder.EnableDefaultSystemAuthentication;
if (connectionStringDecoder.EnableTrace)
{
simpleTracer.SetTraceOn(true);
}
await simpleTracer.TraceAsync("connectionString: " + connectionString).ConfigureAwait(false);
await simpleTracer.TraceAsync("DecodeConnectionString() done!").ConfigureAwait(false);
if (credential != null)
{
username = credential.Username;
if (credential.Password != null)
{
password = credential.Password;
}
if (credential.SessionId != null)
{
sessionId = credential.SessionId;
}
}
if (server == null)
{
throw new ArgumentNullException("Server keyword not found in connection string.");
}
if (password == null && sessionId == null)
{
throw new ArgumentNullException("Password keyword or SessionId keyword not found in connection string or AceQLCredential not set");
}
if (database == null)
{
throw new ArgumentNullException("Database keyword not found in connection string.");
}
this.username = username ?? throw new ArgumentNullException("Username keyword not found in connection string or AceQLCredential not set.");
// Create the HttpManager instance
this.httpManager = new HttpManager(proxyUri, proxyCredentials, timeout, enableDefaultSystemAuthentication);
this.httpManager.SetSimpleTracer(simpleTracer);
Debug("httpManager.Proxy: " + httpManager.Proxy);
UserLoginStore userLoginStore = new UserLoginStore(server, username,
database);
if (sessionId != null)
{
userLoginStore.SetSessionId(sessionId);
}
if (userLoginStore.IsAlreadyLogged())
{
await simpleTracer.TraceAsync("Get a new connection with get_connection").ConfigureAwait(false);
sessionId = userLoginStore.GetSessionId();
String theUrl = server + "/session/" + sessionId + "/get_connection";
String result = await httpManager.CallWithGetAsync(theUrl).ConfigureAwait(false);
await simpleTracer.TraceAsync("result: " + result).ConfigureAwait(false);
ResultAnalyzer resultAnalyzer = new ResultAnalyzer(result,
HttpStatusCode);
if (!resultAnalyzer.IsStatusOk())
{
throw new AceQLException(resultAnalyzer.GetErrorMessage(),
resultAnalyzer.GetErrorId(),
resultAnalyzer.GetStackTrace(),
HttpStatusCode);
}
String connectionId = resultAnalyzer.GetValue("connection_id");
await simpleTracer.TraceAsync("Ok. New Connection created: " + connectionId).ConfigureAwait(false);
this.url = server + "/session/" + sessionId + "/connection/"
+ connectionId + "/";
}
else
{
await DummyGetCallForProxyAuthentication().ConfigureAwait(false);
String theUrl = server + "/database/" + database + "/username/" + username + "/login";
ConsoleEmul.WriteLine("theUrl: " + theUrl);
Dictionary <string, string> parametersMap = new Dictionary <string, string>
{
{ "password", new String(password) },
{ "client_version", VersionValues.VERSION }
};
await simpleTracer.TraceAsync("Before CallWithPostAsyncReturnString: " + theUrl);
String result = await httpManager.CallWithPostAsyncReturnString(new Uri(theUrl), parametersMap).ConfigureAwait(false);
ConsoleEmul.WriteLine("result: " + result);
await simpleTracer.TraceAsync("result: " + result).ConfigureAwait(false);
ResultAnalyzer resultAnalyzer = new ResultAnalyzer(result, HttpStatusCode);
if (!resultAnalyzer.IsStatusOk())
{
throw new AceQLException(resultAnalyzer.GetErrorMessage(),
resultAnalyzer.GetErrorId(),
resultAnalyzer.GetStackTrace(),
HttpStatusCode);
}
String theSessionId = resultAnalyzer.GetValue("session_id");
String theConnectionId = resultAnalyzer.GetValue("connection_id");
this.url = server + "/session/" + theSessionId + "/connection/" + theConnectionId + "/";
userLoginStore.SetSessionId(theSessionId);
await simpleTracer.TraceAsync("OpenAsync url: " + this.url).ConfigureAwait(false);
}
}
catch (Exception exception)
{
await simpleTracer.TraceAsync(exception.ToString()).ConfigureAwait(false);
if (exception.GetType() == typeof(AceQLException))
{
throw;
}
else
{
throw new AceQLException(exception.Message, 0, exception, HttpStatusCode);
}
}
}
public async Task <User> ProvisionUserAsync(string loginProvider, string providerKey, IEnumerable <Claim> claims, CancellationToken cancellationToken)
{
// create a list of claims that we want to transfer into our store
var filtered = new List <Claim>();
foreach (var claim in claims)
{
// if the external system sends a display name - translate that to the standard OIDC name claim
if (claim.Type == ClaimTypes.Name)
{
filtered.Add(new Claim(JwtClaimTypes.Name, claim.Value));
}
// if the JWT handler has an outbound mapping to an OIDC claim use that
else if (JwtSecurityTokenHandler.DefaultOutboundClaimTypeMap.ContainsKey(claim.Type))
{
filtered.Add(new Claim(JwtSecurityTokenHandler.DefaultOutboundClaimTypeMap[claim.Type], claim.Value));
}
// copy the claim as-is
else
{
filtered.Add(claim);
}
}
// if no display name was provided, try to construct by first and/or last name
if (filtered.All(x => x.Type != JwtClaimTypes.Name))
{
var first = filtered.FirstOrDefault(x => x.Type == JwtClaimTypes.GivenName)?.Value;
var last = filtered.FirstOrDefault(x => x.Type == JwtClaimTypes.FamilyName)?.Value;
if (first != null && last != null)
{
filtered.Add(new Claim(JwtClaimTypes.Name, first + " " + last));
}
else if (first != null)
{
filtered.Add(new Claim(JwtClaimTypes.Name, first));
}
else if (last != null)
{
filtered.Add(new Claim(JwtClaimTypes.Name, last));
}
}
// create a new unique subject id
var id = CryptoRandom.CreateUniqueId(format: CryptoRandom.OutputFormat.Hex);
// check if a display name is available, otherwise fallback to subject id
var displayName = filtered.FirstOrDefault(c => c.Type == JwtClaimTypes.Name)?.Value ?? id;
// get email, or cause exception if not present
var email = filtered.First(c => c.Type == JwtClaimTypes.Email).Value;
var normalizedEmail = LookupNormalizer.NormalizeEmail(email);
// create new user
var user = await UserEmailStore.FindByEmailAsync(email, cancellationToken) ?? await UserLoginStore.FindByLoginAsync(loginProvider, providerKey, cancellationToken) ?? new User
{
Id = id,
UserName = email,
NormalizedUserName = normalizedEmail,
Email = email,
NormalizedEmail = normalizedEmail
};
user.UserLogins.Add
(
new UserLogin
{
LoginProvider = loginProvider,
ProviderKey = providerKey,
ProviderDisplayName = displayName,
User = user
}
);
user.UserClaims = user.UserClaims.ToArray()
.Union
(
filtered
.Select
(
(claim) => new UserClaim
{
ClaimType = claim.Type,
ClaimValue = claim.Value,
User = user
}
).ToArray(),
EqualityComparer <UserClaim> .Default
)
.ToHashSet();
if (user.Id == id)
{
// add user to store
await UserStore.CreateAsync(user, cancellationToken);
}
else
{
// update user in store
await UserStore.UpdateAsync(user, cancellationToken);
}
return(user);
}
public JWTServerUserLoginManager(UserLoginStore <IdentityUser> userLoginStore) :
base(userLoginStore)
{
}
public CustomIdentityStore(System.Data.Entity.DbContext context)
{
if (context == null)
{
throw new ArgumentNullException("context");
}
_context = context;
Logins = new UserLoginStore<CustomUserLogin>(_context);
Roles = new RoleStore<CustomRole, CustomUserRole>(_context);
Secrets = new UserSecretStore<CustomUserSecret>(_context);
Tokens = new TokenStore<CustomToken>(_context);
UserClaims = new UserClaimStore<CustomUserClaim>(_context);
UserManagement = new UserManagementStore<CustomUserManagement>(_context);
Users = new UserStore<CustomUser>(_context);
}
