Beispiel #1
0
        private static CookieAuthenticationOptions GetCookieOptions(CloudFoundryOptions options)
        {
            var cookieOptions = new CookieAuthenticationOptions()
            {
                AuthenticationScheme  = CloudFoundryOptions.AUTHENTICATION_SCHEME,
                AutomaticAuthenticate = true,
                AutomaticChallenge    = false,
                CookieName            = CloudFoundryOptions.AUTHENTICATION_SCHEME
            };


            if (options.AccessDeniedPath != null)
            {
                cookieOptions.AccessDeniedPath = options.AccessDeniedPath;
            }

            if (options.TokenValidator != null)
            {
                cookieOptions.Events = new CookieAuthenticationEvents()
                {
                    OnValidatePrincipal = options.TokenValidator.ValidateCookieAsync
                };
            }

            return(cookieOptions);
        }
Beispiel #2
0
 public CloudFoundryTokenValidator(CloudFoundryOptions options)
 {
     if (options == null)
     {
         throw new ArgumentNullException(nameof(options));
     }
     Options = options;
 }
Beispiel #3
0
 public CloudFoundryTokenKeyResolver(CloudFoundryOptions options)
 {
     if (options == null)
     {
         throw new ArgumentNullException(nameof(options));
     }
     Options  = options;
     Resolved = new Dictionary <string, SecurityKey>();
 }
Beispiel #4
0
        public static IApplicationBuilder UseCloudFoundryAuthentication(this IApplicationBuilder builder)
        {
            if (builder == null)
            {
                throw new ArgumentNullException(nameof(builder));
            }

            CloudFoundryOptions options = UpdateCloudFoundryOptions(builder, new CloudFoundryOptions());

            options.TokenValidationParameters = GetTokenValidationParameters(options);

            var cookieOptions = GetCookieOptions(options);

            builder.UseCookieAuthentication(cookieOptions);

            return(builder.UseMiddleware <CloudFoundryMiddleware>(Options.Create(options)));
        }
Beispiel #5
0
        private static JwtBearerOptions GetJwtBearerOptions(CloudFoundryOptions options)
        {
            if (options.JwtBearerOptions != null)
            {
                return(options.JwtBearerOptions);
            }

            var tokenParameters = GetTokenValidationParameters(options);

            tokenParameters.ValidateAudience  = false;
            tokenParameters.AudienceValidator = null;

            var bearerOpts = new JwtBearerOptions()
            {
                ClaimsIssuer = options.ClaimsIssuer,
                TokenValidationParameters = tokenParameters,
                Events = new CloudFoundryJwtBearerEvents()
            };

            return(bearerOpts);
        }
Beispiel #6
0
        private static TokenValidationParameters GetTokenValidationParameters(CloudFoundryOptions options)
        {
            if (options.TokenValidationParameters != null)
            {
                return(options.TokenValidationParameters);
            }

            var parameters = new TokenValidationParameters();

            options.TokenKeyResolver = new CloudFoundryTokenKeyResolver(options);
            options.TokenValidator   = new CloudFoundryTokenValidator(options);

            parameters.ValidateAudience = true;
            parameters.ValidateIssuer   = true;
            parameters.ValidateLifetime = true;


            parameters.IssuerSigningKeyResolver = options.TokenKeyResolver.ResolveSigningKey;
            parameters.IssuerValidator          = options.TokenValidator.ValidateIssuer;
            parameters.AudienceValidator        = options.TokenValidator.ValidateAudience;

            return(parameters);
        }
Beispiel #7
0
        public static IApplicationBuilder UseCloudFoundryJwtAuthentication(this IApplicationBuilder builder, CloudFoundryOptions options)
        {
            if (builder == null)
            {
                throw new ArgumentNullException(nameof(builder));
            }

            if (options == null)
            {
                throw new ArgumentNullException(nameof(options));
            }

            options = UpdateCloudFoundryOptions(builder, options);

            var bearerOpts = GetJwtBearerOptions(options);

            return(builder.UseJwtBearerAuthentication(bearerOpts));
        }
Beispiel #8
0
        private static CloudFoundryOptions UpdateCloudFoundryOptions(IApplicationBuilder builder, CloudFoundryOptions cloudOpts)
        {
            var iopts      = builder.ApplicationServices.GetService(typeof(IOptions <OAuthServiceOptions>)) as IOptions <OAuthServiceOptions>;
            var signonOpts = iopts?.Value;

            cloudOpts.UpdateOptions(signonOpts);
            cloudOpts.BackchannelHttpHandler = cloudOpts.GetBackChannelHandler();

            return(cloudOpts);
        }