Beispiel #1
0
        protected override async Task <AuthenticationTicket> AuthenticateCoreAsync()
        {
            AuthenticationProperties properties = null;

            try
            {
                string token = null;

                IReadableStringCollection query  = Request.Query;
                IList <string>            values = query.GetValues("token");
                if (values != null && values.Count == 1)
                {
                    token = values[0];
                }

                string stateCookieKey = Constants.StatePrefix + Options.AuthenticationType;
                string stateCookie    = Request.Cookies[stateCookieKey];
                if (string.IsNullOrWhiteSpace(stateCookie))
                {
                    _logger.WriteWarning("{0} cookie not found.", stateCookie);
                    return(null);
                }

                var cookieOptions = new CookieOptions
                {
                    HttpOnly = true,
                    Secure   = Request.IsSecure
                };

                Response.Cookies.Delete(stateCookieKey, cookieOptions);

                properties = Options.StateDataFormat.Unprotect(stateCookie);
                if (properties == null)
                {
                    return(null);
                }

                // Request the token
                ActivityDetails activityDetails = await _yotiClient.GetActivityDetailsAsync(token);

                if (activityDetails.Outcome != ActivityOutcome.Success)
                {
                    // TODO: Check how this is handled
                    throw new HttpRequestException();
                }

                var context = new YotiAuthenticatedContext(Context, activityDetails.UserProfile);

                context.Identity = new ClaimsIdentity(
                    Options.AuthenticationType,
                    ClaimsIdentity.DefaultNameClaimType,
                    ClaimsIdentity.DefaultRoleClaimType);

                if (!string.IsNullOrEmpty(context.User.Id))
                {
                    context.Identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, context.User.Id, ClaimValueTypes.String, Options.AuthenticationType));
                }

                if (context.User.Selfie != null)
                {
                    context.Identity.AddClaim(new Claim("selfie", Convert.ToBase64String(context.User.Selfie.Data), context.User.Selfie.Type.ToString(), Options.AuthenticationType));
                }

                if (!string.IsNullOrEmpty(context.User.GivenNames))
                {
                    context.Identity.AddClaim(new Claim("given_names", context.User.GivenNames, ClaimValueTypes.String, Options.AuthenticationType));
                }

                if (!string.IsNullOrEmpty(context.User.FamilyName))
                {
                    context.Identity.AddClaim(new Claim("family_name", context.User.FamilyName, ClaimValueTypes.String, Options.AuthenticationType));
                }

                if (!string.IsNullOrEmpty(context.User.MobileNumber))
                {
                    context.Identity.AddClaim(new Claim("phone_number", context.User.MobileNumber, ClaimValueTypes.String, Options.AuthenticationType));
                }

                if (!string.IsNullOrEmpty(context.User.EmailAddress))
                {
                    context.Identity.AddClaim(new Claim("email_address", context.User.EmailAddress, ClaimValueTypes.String, Options.AuthenticationType));
                }

                if (context.User.DateOfBirth != null)
                {
                    context.Identity.AddClaim(new Claim("date_of_birth", context.User.DateOfBirth.Value.ToString("yyyy-MM-dd"), ClaimValueTypes.String, Options.AuthenticationType));
                }

                if (!string.IsNullOrEmpty(context.User.Address))
                {
                    context.Identity.AddClaim(new Claim("postal_address", context.User.Address, ClaimValueTypes.String, Options.AuthenticationType));
                }

                if (!string.IsNullOrEmpty(context.User.Gender))
                {
                    context.Identity.AddClaim(new Claim("gender", context.User.Gender, ClaimValueTypes.String, Options.AuthenticationType));
                }

                if (!string.IsNullOrEmpty(context.User.Nationality))
                {
                    context.Identity.AddClaim(new Claim("nationality", context.User.Nationality, ClaimValueTypes.String, Options.AuthenticationType));
                }

                foreach (var attributeName in context.User.OtherAttributes.Keys)
                {
                    var attributeValue = context.User.OtherAttributes[attributeName];
                    context.Identity.AddClaim(new Claim(attributeName, attributeValue.ToString(), attributeValue.Type.ToString(), Options.AuthenticationType));
                }

                context.Properties = properties;

                await Options.Provider.Authenticated(context);

                return(new AuthenticationTicket(context.Identity, context.Properties));
            }
            catch (Exception ex)
            {
                _logger.WriteError("Authentication failed", ex);
                return(new AuthenticationTicket(null, properties));
            }
        }
 /// <summary>
 /// Invoked whenever Yoti succesfully authenticates a user
 /// </summary>
 /// <param name="context">Contains information about the login session as well as the user <see cref="System.Security.Claims.ClaimsIdentity"/>.</param>
 /// <returns>A <see cref="Task"/> representing the completed operation.</returns>
 public virtual Task Authenticated(YotiAuthenticatedContext context)
 {
     return(OnAuthenticated(context));
 }