public virtual void SignIn(TAccount account, string method, bool persistent = false)
{
if (account == null)
{
throw new ArgumentNullException("account");
}
if (String.IsNullOrWhiteSpace(method))
{
throw new ArgumentNullException("method");
}
Tracing.Information("[AuthenticationService.SignIn] sign in called: {0}", account.ID);
if (!account.IsLoginAllowed || account.IsAccountClosed)
{
throw new ValidationException(UserAccountService.GetValidationMessage(MembershipRebootConstants.ValidationMessages.LoginNotAllowed));
}
if (!account.IsAccountVerified && UserAccountService.Configuration.RequireAccountVerification)
{
throw new ValidationException(UserAccountService.GetValidationMessage(MembershipRebootConstants.ValidationMessages.AccountNotVerified));
}
if (account.RequiresTwoFactorAuthToSignIn() ||
account.RequiresPasswordReset ||
this.UserAccountService.IsPasswordExpired(account))
{
Tracing.Verbose("[AuthenticationService.SignIn] detected account requires two factor or password reset to sign in: {0}", account.ID);
IssuePartialSignInToken(account, method);
return;
}
// gather claims
var claims = GetAllClaims(account, method);
// get custom claims from properties
var cmd = new MapClaimsFromAccount <TAccount> {
Account = account
};
this.UserAccountService.ExecuteCommand(cmd);
if (cmd.MappedClaims != null)
{
claims.AddRange(cmd.MappedClaims);
}
// create principal/identity
var id = new ClaimsIdentity(claims, method);
var cp = new ClaimsPrincipal(id);
// claims transform
if (this.ClaimsAuthenticationManager != null)
{
cp = ClaimsAuthenticationManager.Authenticate(String.Empty, cp);
}
// issue cookie
Tracing.Verbose("[AuthenticationService.SignIn] token issued: {0}", account.ID);
IssueToken(cp, persistentCookie: persistent);
}
public virtual void SignIn(TAccount account, string method, bool persistent = false)
{
if (account == null)
{
throw new ArgumentNullException("account");
}
if (String.IsNullOrWhiteSpace(method))
{
throw new ArgumentNullException("method");
}
if (!account.IsLoginAllowed || account.IsAccountClosed)
{
throw new ValidationException(UserAccountService.GetValidationMessage("LoginNotAllowed"));
}
if (!account.IsAccountVerified && UserAccountService.Configuration.RequireAccountVerification)
{
throw new ValidationException(UserAccountService.GetValidationMessage("AccountNotVerified"));
}
if (account.RequiresTwoFactorAuthToSignIn() ||
account.RequiresPasswordReset ||
this.UserAccountService.IsPasswordExpired(account))
{
Tracing.Verbose("[AuthenticationService.SignIn] detected account requires two factor or password reset to sign in: {0}", account.ID);
IssuePartialSignInToken(account, method);
return;
}
// gather claims
var claims = GetBasicClaims(account, method);
// get the rest
if (!String.IsNullOrWhiteSpace(account.Email))
{
claims.Add(new Claim(ClaimTypes.Email, account.Email));
}
if (!String.IsNullOrWhiteSpace(account.MobilePhoneNumber))
{
claims.Add(new Claim(ClaimTypes.MobilePhone, account.MobilePhoneNumber));
}
var x509 = from c in account.Certificates
select new Claim(ClaimTypes.X500DistinguishedName, c.Subject);
claims.AddRange(x509);
var otherClaims =
(from uc in account.Claims
select new Claim(uc.Type, uc.Value)).ToList();
claims.AddRange(otherClaims);
// get custom claims from properties
var cmd = new MapClaimsFromAccount <TAccount> {
Account = account
};
this.UserAccountService.ExecuteCommand(cmd);
if (cmd.MappedClaims != null)
{
claims.AddRange(cmd.MappedClaims);
}
// create principal/identity
var id = new ClaimsIdentity(claims, method);
var cp = new ClaimsPrincipal(id);
// claims transform
if (this.ClaimsAuthenticationManager != null)
{
cp = ClaimsAuthenticationManager.Authenticate(String.Empty, cp);
}
// issue cookie
IssueToken(cp, persistentCookie: persistent);
}
