C# (CSharp) OrderCloud.Catalyst JwtOrderCloud Beispiele

Beispiel #1

 public VerifiedOrderCloudUser(ClaimsPrincipal principal)
 {
     Principal = principal;
     if (Principal.Claims.Any())
     {
         _token = new JwtOrderCloud(this.AccessToken);
     }
 }

Beispiel #2

Datei: OrderCloudUserAuth.cs Projekt: oliverheywood451/ordercloud-dotnet-catalyst

        protected override Task HandleForbiddenAsync(AuthenticationProperties properties)
        {
            var token = GetTokenFromAuthHeader();
            var jwt   = new JwtOrderCloud(token);

            throw new InsufficientRolesException(new InsufficientRolesError()
            {
                SufficientRoles = GetUserAuthAttribute().Roles.Select(r => r.ToString()).ToList(),
                AssignedRoles   = jwt.Roles,
            });
        }

Beispiel #3

Datei: OrderCloudUserAuth.cs Projekt: oliverheywood451/ordercloud-dotnet-catalyst

        // todo: add caching?
        protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
        {
            try {
                var token = GetTokenFromAuthHeader();

                if (string.IsNullOrEmpty(token))
                {
                    return(AuthenticateResult.Fail("The OrderCloud bearer token was not provided in the Authorization header."));
                }

                var jwt = new JwtOrderCloud(token);
                if (jwt.ClientID == null)
                {
                    return(AuthenticateResult.Fail("The provided bearer token does not contain a 'cid' (Client ID) claim."));
                }

                // we've validated the token as much as we can on this end, go make sure it's ok on OC
                var user = await _ocClient.Me.GetAsync(token);

                if (!user.Active)
                {
                    return(AuthenticateResult.Fail("Authentication failure"));
                }
                var cid = new ClaimsIdentity("OcUser");
                cid.AddClaim(new Claim("clientid", jwt.ClientID));
                cid.AddClaim(new Claim("accesstoken", token));
                cid.AddClaim(new Claim("username", user.Username));
                cid.AddClaim(new Claim("userid", user.ID));
                cid.AddClaim(new Claim("email", user.Email ?? ""));
                cid.AddClaim(new Claim("buyer", user.Buyer?.ID ?? ""));
                cid.AddClaim(new Claim("supplier", user.Supplier?.ID ?? ""));
                cid.AddClaim(new Claim("seller", user?.Seller?.ID ?? ""));
                cid.AddClaims(user.AvailableRoles.Select(r => new Claim(ClaimTypes.Role, r)));

                if (jwt.IsAnon)
                {
                    cid.AddClaim(new Claim("anonorderid", jwt.OrderID));
                }

                var ticket = new AuthenticationTicket(new ClaimsPrincipal(cid), "OcUser");
                return(AuthenticateResult.Success(ticket));
            }
            catch (Exception ex) {
                return(AuthenticateResult.Fail(ex.Message));
            }
        }

Beispiel #4

Datei: OrderCloudUserAuth.cs Projekt: mmoebeck/ordercloud-dotnet-catalyst

        protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
        {
            try {
                var token = GetTokenFromAuthHeader();

                if (string.IsNullOrEmpty(token))
                {
                    return(AuthenticateResult.Fail("The OrderCloud bearer token was not provided in the Authorization header."));
                }

                var jwt = new JwtOrderCloud(token);
                if (jwt.ClientID == null)
                {
                    return(AuthenticateResult.Fail("The provided bearer token does not contain a 'cid' (Client ID) claim."));
                }

                // we've validated the token as much as we can on this end, go make sure it's ok on OC
                var allowFetchUserRetry = false;
                var user = await _cache.GetOrAddAsync(token, TimeSpan.FromMinutes(5), () =>
                {
                    try
                    {
                        return(_ocClient.Me.GetAsync(token));
                    }
                    catch (FlurlHttpException ex) when((int?)ex.Call.Response?.StatusCode < 500)
                    {
                        return(null);
                    }
                    catch (Exception)
                    {
                        allowFetchUserRetry = true;
                        return(null);
                    }
                });

                if (allowFetchUserRetry)
                {
                    _cache.RemoveAsync(token);                     // not their fault, don't make them wait 5 min
                }
                if (user == null || !user.Active)
                {
                    return(AuthenticateResult.Fail("Authentication failure"));
                }
                var cid = new ClaimsIdentity("OcUser");
                cid.AddClaim(new Claim("clientid", jwt.ClientID));
                cid.AddClaim(new Claim("accesstoken", token));
                cid.AddClaim(new Claim("username", user.Username));
                cid.AddClaim(new Claim("userid", user.ID));
                cid.AddClaim(new Claim("email", user.Email ?? ""));
                cid.AddClaim(new Claim("buyer", user.Buyer?.ID ?? ""));
                cid.AddClaim(new Claim("supplier", user.Supplier?.ID ?? ""));
                cid.AddClaim(new Claim("seller", user?.Seller?.ID ?? ""));
                cid.AddClaims(user.AvailableRoles.Select(r => new Claim(ClaimTypes.Role, r)));

                if (jwt.IsAnon)
                {
                    cid.AddClaim(new Claim("anonorderid", jwt.AnonOrderID));
                }

                var ticket = new AuthenticationTicket(new ClaimsPrincipal(cid), "OcUser");
                return(AuthenticateResult.Success(ticket));
            }
            catch (Exception ex) {
                return(AuthenticateResult.Fail(ex.Message));
            }
        }