public override Task SigningIn(CookieSigningInContext context)
{
var userIdClaim = context.Principal.Claims.SingleOrDefault(c => c.Type == ClaimTypes.NameIdentifier);
if (userIdClaim == null)
{
throw new NullReferenceException("User ID Claim cannot be null");
}
var dbContext = (ApplicationDbContext)context.HttpContext.RequestServices.GetService(typeof(ApplicationDbContext));
var newSessionId = Guid.NewGuid();
var newSessionObj = new UserSession();
newSessionObj.UserSessionId = newSessionId;
newSessionObj.UserId = userIdClaim.Value;
newSessionObj.ExpiresOn = DateTime.Now.AddMinutes(10);
dbContext.UserSession.Add(newSessionObj);
dbContext.SaveChanges();
var claims = new List <Claim>();
claims.Add(new Claim(_claimsKey, newSessionId.ToString()));
var appIdentity = new ClaimsIdentity(claims);
context.Principal.AddIdentity(appIdentity);
return(base.SigningIn(context));
}
public override async Task SigningIn(CookieSigningInContext context)
{
_logger.LogDebug($"Before {nameof(SigningIn)}");
await base.SigningIn(context);
_logger.LogDebug($"After {nameof(SigningIn)}");
}
public static async Task CookieSignin(CookieSigningInContext context)
{
UserManager <Models.ApplicationUser> userManager = context.HttpContext.RequestServices.GetRequiredService <UserManager <Models.ApplicationUser> >();
SignInManager <Models.ApplicationUser> signinManager = context.HttpContext.RequestServices.GetRequiredService <SignInManager <Models.ApplicationUser> >();
RoleManager <IdentityRole> roleManager = context.HttpContext.RequestServices.GetRequiredService <RoleManager <IdentityRole> >();
ILoggerFactory logger = context.HttpContext.RequestServices.GetRequiredService <ILoggerFactory>();
IMemoryCache cache = context.HttpContext.RequestServices.GetRequiredService <IMemoryCache>();
Utilities.IAuthUtils authutils = context.HttpContext.RequestServices.GetRequiredService <Utilities.IAuthUtils>();
RedditSharp.RefreshTokenWebAgentPool agentPool = context.HttpContext.RequestServices.GetRequiredService <RedditSharp.RefreshTokenWebAgentPool>();
await agentPool.RemoveWebAgentAsync(context.Principal.Identity.Name);
var user = await userManager.FindByNameAsync(context.Principal.Identity.Name);
await authutils.UpdateModeratedSubredditsAsync(user);
user = await userManager.FindByNameAsync(context.Principal.Identity.Name);
var newPrincipal = await signinManager.CreateUserPrincipalAsync(user);
if (user.HasWiki)
{
((ClaimsIdentity)newPrincipal.Identity).AddClaim(new Claim("uri:snoonotes:haswiki", "true"));
}
if (user.HasConfig)
{
((ClaimsIdentity)newPrincipal.Identity).AddClaim(new Claim("uri:snoonotes:hasconfig", "true"));
}
((ClaimsIdentity)newPrincipal.Identity).AddClaim(new Claim("lastupdated", DateTime.UtcNow.ToString()));
context.Principal = newPrincipal;
}
public override Task SigningIn(CookieSigningInContext context)
{
var stsTokenValidToText = context.Response.Headers["STS_TOKEN_VALID_TO"];
var stsTokenValidToDateTime = DateTime.ParseExact(stsTokenValidToText, "o", CultureInfo.InvariantCulture, DateTimeStyles.RoundtripKind);
context.CookieOptions.Expires = new DateTimeOffset(stsTokenValidToDateTime);
return(base.SigningIn(context));
}
/// <summary>
///
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
/// <remarks>
/// This is a very important part of the demonstration. Here is where we're getting a call from within the
/// CookieAuthenticationOptions.Events.OnSigningIn so that we can clear the old permissions out and reset them for the
/// security context
/// </remarks>
public Task SigningIn(CookieSigningInContext context)
{
var authorizationContext = authorizationContextBuilder.Build(context.Principal);
permissionSetProvider.Clear(authorizationContext.Key);
return(Task.CompletedTask);
}
//Remove all the claims that are unrelated to our identity
private static Task FilterGroupClaims(CookieSigningInContext context)
{
var principal = context.Principal;
if (principal.Identity is ClaimsIdentity identity)
{
var unused = identity.FindAll(GroupsToRemove).ToList();
unused.ForEach(c => identity.TryRemoveClaim(c));
}
return(Task.FromResult(principal));
}
public override async Task SigningIn(CookieSigningInContext context)
{
var email = context.Principal.Email();
_logger.LogInformation($"Obtained email {email}");
var id = await _mediator.Send(new SignInViaGoogle.Command(email));
(context.Principal.Identity as ClaimsIdentity).AddClaim(
new Claim(IdentityExtensions.ID_CLAIM_NAME, id.ToString())
);
}
public override async Task SigningIn(CookieSigningInContext context)
{
var email = context.Principal.Email();
var firstname = context.Principal.Firstname();
var lastname = context.Principal.Lastname();
var id = await _mediator.Send(new CreateOrGet.Command(email, firstname, lastname));
(context.Principal.Identity as ClaimsIdentity).AddClaim(
new Claim(IdentityExtensions.ID_CLAIM_NAME, id.ToString())
);
}
public override async Task SigningIn(CookieSigningInContext context)
{
ClaimsPrincipal principal = context.Principal;
ClaimsIdentity identity = (ClaimsIdentity)principal.Identity;
string provider = identity.AuthenticationType;
string id = identity.Claims.Single(c => c.Type == ClaimTypes.NameIdentifier).Value;
string name = identity.Name;
OAuthUserInfo oAuthUserInfo = new OAuthUserInfo(provider, id, name);
UserInfo userInfo = await _authRepository.TrySigninAsync(oAuthUserInfo);
await base.SigningIn(context);
}
// Because we don't have a persistent token cache, after a web app
// restart the user can have a valid token set in a cookie, but the
// server side TokenCache doesn't have the refresh token and hence we cannot
// get Graph or ARM resource tokens.
// For this reason we set a marker to indicate the user has logged into
// this instance of the web app at least once.
private static Task SetIncarnationCacheKey(CookieSigningInContext context)
{
var cache = context.HttpContext.RequestServices.GetRequiredService <IMemoryCache>();
var cacheKey = CacheKey(context.Principal);
if (!cache.TryGetValue(cacheKey, out var value))
{
// Set a user specific key to indicate they have logged in during this
// web app lifetime.
var incarnationId = Guid.NewGuid().ToString();
cache.Set <string>(cacheKey, incarnationId);
}
return(Task.CompletedTask);
}
public override Task SigningIn(CookieSigningInContext context)
{
using (var dbContext = _serviceProvider.GetService <AddInContext>())
{
var hostUrl = ((ClaimsIdentity)context.Principal.Identity).FindFirst(SPAddinClaimTypes.SPHostUrl).Value;
var navigationManager = new NavigationManager(dbContext);
var host = navigationManager.EnsureHostByUrl(hostUrl);
((ClaimsIdentity)context.Principal.Identity).AddClaim(new Claim(SPAddinClaimTypes.ShortHandUrl, host.ShortHandUrl));
return(Task.FromResult <object>(null));
}
}
private Task OnSigningIn(CookieSigningInContext cookieSignedInContext)
{
var users = new AzureTableStorage <User>(this.Configuration);
var id = cookieSignedInContext.Principal.Claims.First(c => c.Type == ClaimTypes.NameIdentifier).Value;
var user = users.GetAsync("user", id).GetAwaiter().GetResult();
if (user != null && user.IsAdmin)
{
var identity = new ClaimsIdentity(cookieSignedInContext.Principal.Identity);
identity.AddClaim(new Claim(ClaimTypes.Role, "Admin"));
var principal = new ClaimsPrincipal(identity);
cookieSignedInContext.Principal = new ClaimsPrincipal(principal);
}
return(Task.CompletedTask);
}
/// <summary>
/// 抹掉大部分信息,只留token
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
public override async Task SigningIn(CookieSigningInContext context)
{
var _context = context.HttpContext;
try
{
var auth_type = context.Scheme.Name;
var json = context.Principal?.FindFirst(ClaimTypes.UserData)?.Value;
if (ValidateHelper.IsEmpty(json))
{
throw new ArgumentException("未找到用户数据");
}
var loginuser = json.JsonToEntity <WCloudUserInfo>() ?? throw new ArgumentException("数据格式错误");
var token = loginuser.ExtraData["token"];
if (ValidateHelper.IsEmpty(token))
{
throw new ArgumentException("token不存在");
}
var identity = new ClaimsIdentity(authenticationType: auth_type);
identity.AddClaim_(ClaimTypes.NameIdentifier, token);
context.Principal = new ClaimsPrincipal(identity);
await base.SigningIn(context);
//缓存相关
var key_manager = _context.RequestServices.Resolve_ <ICacheKeyManager>();
var _cache = _context.RequestServices.ResolveDistributedCache_();
//删除用户缓存
var key = key_manager.UserInfo(loginuser.UserID);
await _cache.RemoveAsync(key);
//删除token缓存
key = key_manager.AuthToken(token);
await _cache.RemoveAsync(key);
}
catch (Exception e)
{
throw new LoginException("登录异常", e);
}
}
public override async Task SigningIn(CookieSigningInContext context)
{
AppUser user = await _userManager.GetUserAsync(context.Principal);
AuthSession session = new AuthSession
{
CreationTime = SystemClock.Instance.GetCurrentInstant(),
Name = "TODO Name",
User = user,
};
_authDbContext.AuthSessions.Add(session);
await _authDbContext.SaveChangesAsync();
ClaimsIdentity identity = (ClaimsIdentity)context.Principal.Identity;
identity.AddClaim(new Claim("cookie_identifier", session.Id.ToString()));
}
public override Task SigningIn(CookieSigningInContext context)
{
var stsTokenValidToText = context.Response.Headers["STS_TOKEN_VALID_TO"];
var restoredDateTime = DateTime.ParseExact(stsTokenValidToText, "s", CultureInfo.InvariantCulture);
var cookieExpirationDateTime = new DateTime(
restoredDateTime.Year,
restoredDateTime.Month,
restoredDateTime.Day,
restoredDateTime.Hour,
restoredDateTime.Minute,
restoredDateTime.Second,
restoredDateTime.Millisecond,
DateTimeKind.Utc
);
context.CookieOptions.Expires = new DateTimeOffset(cookieExpirationDateTime);
return(base.SigningIn(context));
}
public override Task SigningIn(CookieSigningInContext context)
{
var services = context.HttpContext.RequestServices;
var sessionRepository = services.GetRequiredService <ICreyService <SessionRepository> >().Value;
var logger = services.GetService <ILogger <IdentityToSessionCookieAuthenticationEvents> >();
if (!context.Principal.Identities.Any(identity => identity.AuthenticationType == IdentityConstants.ApplicationScheme))
{
throw new AccessDeniedException("Missing identity");
}
ClaimsIdentity claimsIdentity = context.Principal.Identities.FirstOrDefault(identity => identity.AuthenticationType == IdentityConstants.ApplicationScheme);
string userId = claimsIdentity.FindFirst(ClaimTypes.NameIdentifier).Value;
//logger.LogCritical($"Signing In UserId {userId} with {IdentityConstants.ApplicationScheme}");
var siteInfo = context.HttpContext.GetSiteInfo().Result;
var credentialType = GetCredentialType(context.Principal);
SessionInfo sessionInfo;
if (credentialType == CredentialType.RefreshKey)
{
sessionInfo = sessionRepository.RefreshSessionForIdentityUser(userId, siteInfo).Result;
}
else
{
sessionInfo = sessionRepository.CreateNewSessionForIdentityUser(userId, siteInfo, credentialType).Result;
}
var sessionInfoStore = services.GetRequiredService <SessionInfoStore>();
sessionInfoStore.Value = sessionInfo;
//logger.LogCritical($"AccountId: {ok.SessionInfo.AccountId}, Key: {ok.SessionInfo.Key}");
var creyIdentity = new ClaimsIdentity(sessionInfo.IntoClaims(), IdentityConstants.ApplicationScheme);
creyIdentity.AddClaim(new Claim(ClaimTypes.NameIdentifier, userId));
context.Principal = new ClaimsPrincipal(creyIdentity);
var analyticsClient = services.GetRequiredService <AnalyticsClient>();
analyticsClient.SendLoginEvent(credentialType);
return(base.SigningIn(context));
}
private async Task OnSigningIn(CookieSigningInContext context)
{
if (!string.IsNullOrWhiteSpace(context.Properties.GetTokenValue(TOKEN_NAME)))
{
return;
}
var userId = GetUserId(context.Principal);
var cookieId = Guid.NewGuid();
var cookie = new AuthenticationCookie(userId, cookieId, context.Properties.ExpiresUtc.Value);
var db = context.HttpContext.RequestServices.GetRequiredService <ApplicationDbContext>();
await db.AuthenticationCookies.AddAsync(cookie);
await db.SaveChangesAsync();
context.Properties.StoreTokens(new[] { new AuthenticationToken()
{
Name = TOKEN_NAME, Value = cookieId.ToString()
} });
}
protected async override Task HandleSignInAsync(ClaimsPrincipal user, AuthenticationProperties properties)
{
if (user == null)
{
throw new ArgumentNullException(nameof(user));
}
properties = properties ?? new AuthenticationProperties();
_signInCalled = true;
// Process the request cookie to initialize members like _sessionKey.
await EnsureCookieTicket();
var cookieOptions = BuildCookieOptions();
var signInContext = new CookieSigningInContext(
Context,
Scheme,
Options,
user,
properties,
cookieOptions);
DateTimeOffset issuedUtc;
if (signInContext.Properties.IssuedUtc.HasValue)
{
issuedUtc = signInContext.Properties.IssuedUtc.Value;
}
else
{
issuedUtc = Clock.UtcNow;
signInContext.Properties.IssuedUtc = issuedUtc;
}
if (!signInContext.Properties.ExpiresUtc.HasValue)
{
signInContext.Properties.ExpiresUtc = issuedUtc.Add(Options.ExpireTimeSpan);
}
await Events.SigningIn(signInContext);
if (signInContext.Properties.IsPersistent)
{
var expiresUtc = signInContext.Properties.ExpiresUtc ?? issuedUtc.Add(Options.ExpireTimeSpan);
signInContext.CookieOptions.Expires = expiresUtc.ToUniversalTime();
}
var ticket = new AuthenticationTicket(signInContext.Principal, signInContext.Properties, signInContext.Scheme.Name);
if (Options.SessionStore != null)
{
if (_sessionKey != null)
{
await Options.SessionStore.RemoveAsync(_sessionKey);
}
_sessionKey = await Options.SessionStore.StoreAsync(ticket);
var principal = new ClaimsPrincipal(
new ClaimsIdentity(
new[] { new Claim(SessionIdClaim, _sessionKey, ClaimValueTypes.String, Options.ClaimsIssuer) },
Options.ClaimsIssuer));
ticket = new AuthenticationTicket(principal, null, Scheme.Name);
}
var cookieValue = Options.TicketDataFormat.Protect(ticket);
Options.CookieManager.AppendResponseCookie(
Context,
Options.Cookie.Name,
cookieValue,
signInContext.CookieOptions);
var signedInContext = new CookieSignedInContext(
Context,
Scheme,
signInContext.Principal,
signInContext.Properties,
Options);
await Events.SignedIn(signedInContext);
// Only redirect on the login path
var shouldRedirect = Options.LoginPath.HasValue && OriginalPath == Options.LoginPath;
await ApplyHeaders(shouldRedirect, signedInContext.Properties);
Logger.SignedIn(Scheme.Name);
}
/// <summary> /// Invoked during sign in. /// </summary> /// <param name="context">The <see cref="CookieSigningInContext"/>.</param> public virtual Task SigningIn(CookieSigningInContext context) => OnSigningIn(context);
protected override async Task HandleSignInAsync(SignInContext signin)
{
var ticket = await EnsureCookieTicket(signin is WsFedSignInContext);
var cookieOptions = BuildCookieOptions();
var signInContext = new CookieSigningInContext(
Context,
Options,
Options.AuthenticationScheme,
signin.Principal,
new AuthenticationProperties(signin.Properties),
cookieOptions);
DateTimeOffset issuedUtc;
if (signInContext.Properties.IssuedUtc.HasValue)
{
issuedUtc = signInContext.Properties.IssuedUtc.Value;
}
else
{
issuedUtc = Options.SystemClock.UtcNow;
signInContext.Properties.IssuedUtc = issuedUtc;
}
if (!signInContext.Properties.ExpiresUtc.HasValue)
{
signInContext.Properties.ExpiresUtc = issuedUtc.Add(Options.ExpireTimeSpan);
}
await Options.Events.SigningIn(signInContext);
if (signInContext.Properties.IsPersistent)
{
var expiresUtc = signInContext.Properties.ExpiresUtc ?? issuedUtc.Add(Options.ExpireTimeSpan);
signInContext.CookieOptions.Expires = DateTime.SpecifyKind(expiresUtc.ToUniversalTime().DateTime, DateTimeKind.Utc);
}
ticket = new AuthenticationTicket(signInContext.Principal, signInContext.Properties, signInContext.AuthenticationScheme);
if (Options.SessionStore != null)
{
if (_sessionKey != null)
{
await Options.SessionStore.RemoveAsync(_sessionKey);
}
_sessionKey = await Options.SessionStore.StoreAsync(ticket);
var principal = new ClaimsPrincipal(
new ClaimsIdentity(
new[] { new Claim(SessionIdClaim, _sessionKey, ClaimValueTypes.String, Options.ClaimsIssuer) },
Options.ClaimsIssuer));
ticket = new AuthenticationTicket(principal, null, Options.AuthenticationScheme);
}
var cookieValue = Options.TicketDataFormat.Protect(ticket, GetTlsTokenBinding());
Options.CookieManager.AppendResponseCookie(
Context,
Options.CookieName,
cookieValue,
signInContext.CookieOptions);
var signedInContext = new CookieSignedInContext(
Context,
Options,
Options.AuthenticationScheme,
signInContext.Principal,
signInContext.Properties);
await Options.Events.SignedIn(signedInContext);
//should always redirect for WsFed - well for passive anyway.
string returnUrl = null;
if (signin is WsFedSignInContext)
{
returnUrl = (signin as WsFedSignInContext).ReturnUrl;
}
await ApplyHeaders(true, returnUrl);
}
public override Task SigningIn(CookieSigningInContext context)
{
return(base.SigningIn(context));
}
// Implements the interface method by invoking the related delegate method.
public override Task SigningIn(CookieSigningInContext context)
{
GetLogger(context).LogCallerMethodName();
return(base.SigningIn(context));
}
private static string GetTlsTokenBinding(CookieSigningInContext context)
{
var binding = context.HttpContext.Features.Get <ITlsTokenBindingFeature>()?.GetProvidedTokenBindingId();
return(binding == null ? null : Convert.ToBase64String(binding));
}
public override Task SigningIn(CookieSigningInContext context)
{
context.CookieOptions.Expires = new DateTimeOffset(DateTime.UtcNow.AddMinutes(1));
return(base.SigningIn(context));
}
public Task SigningIn(CookieSigningInContext context)
{
return(Task.CompletedTask);
}
public override Task SigningIn(CookieSigningInContext context)
{
return(_options.CookieEvents.SigningIn(context));
}
public override async Task SigningIn(CookieSigningInContext context)
{
AppUser user = await _userManager.GetUserAsync(context.Principal);
StringValues userAgent;
context.HttpContext.Request.Headers.TryGetValue("User-Agent", out userAgent);
string?deviceId;
context.HttpContext.Request.Cookies.TryGetValue(DeviceCookieManager.DEVICE_COOKIE_STRING, out deviceId);
DeviceCookie deviceCookie;
if (deviceId == null)
{
deviceCookie = _deviceCookieManager.BuildNewDeviceCookie();
_authDbContext.Add(deviceCookie);
EncryptedDeviceCookie encryptedDeviceCookie = _deviceCookieManager.GetEncryptedDeviceCookie(deviceCookie);
context.Response.Cookies.Append(
DeviceCookieManager.DEVICE_COOKIE_STRING,
encryptedDeviceCookie.EncryptedValue,
new Microsoft.AspNetCore.Http.CookieOptions
{
IsEssential = true,
Expires = new DateTimeOffset(2038, 1, 1, 0, 0, 0, TimeSpan.FromHours(0)),
HttpOnly = true,
}
);
}
else
{
DeviceCookie?potentialDeviceCookie = await _deviceCookieManager.GetDeviceCookieAsync(
new EncryptedDeviceCookie(deviceId)
);
if (potentialDeviceCookie == null)
{
throw new Exception("User has an invalid device cookie: " + deviceId);
}
deviceCookie = potentialDeviceCookie;
}
AuthSession session = new AuthSession
{
CreationTime = SystemClock.Instance.GetCurrentInstant(),
User = user,
UserAgent = userAgent,
DeviceCookie = deviceCookie,
};
_authDbContext.AuthSessions.Add(session);
AuthSessionIp?authSessionIp = null;
if (context.HttpContext.Connection.RemoteIpAddress != null)
{
authSessionIp = new AuthSessionIp
{
AuthSession = session,
IpAddress = context.HttpContext.Connection.RemoteIpAddress,
};
_authDbContext.AuthSessionIps.Add(authSessionIp);
}
await _authDbContext.SaveChangesAsync();
BackgroundJob.Enqueue <ISessionDeviceInfoResolver>(s => s.ResolveForAuthSession(session.Id));
if (authSessionIp != null)
{
BackgroundJob.Enqueue <ISessionLocationResolver>(s => s.ResolveForAuthSessionIp(authSessionIp.Id));
}
ClaimsIdentity identity = (ClaimsIdentity)context.Principal.Identity;
identity.AddClaim(new Claim("cookie_identifier", session.Id.ToString()));
}
/// <inheritdoc />
protected override async Task HandleSignInAsync(ClaimsPrincipal user, AuthenticationProperties?properties)
{
if (user == null)
{
throw new ArgumentNullException(nameof(user));
}
properties = properties ?? new AuthenticationProperties();
_signInCalled = true;
// Process the request cookie to initialize members like _sessionKey.
await EnsureCookieTicket();
var cookieOptions = BuildCookieOptions();
var signInContext = new CookieSigningInContext(
Context,
Scheme,
Options,
user,
properties,
cookieOptions);
DateTimeOffset issuedUtc;
if (signInContext.Properties.IssuedUtc.HasValue)
{
issuedUtc = signInContext.Properties.IssuedUtc.Value;
}
else
{
issuedUtc = Clock.UtcNow;
signInContext.Properties.IssuedUtc = issuedUtc;
}
if (!signInContext.Properties.ExpiresUtc.HasValue)
{
signInContext.Properties.ExpiresUtc = issuedUtc.Add(Options.ExpireTimeSpan);
}
await Events.SigningIn(signInContext);
if (signInContext.Properties.IsPersistent)
{
var expiresUtc = signInContext.Properties.ExpiresUtc ?? issuedUtc.Add(Options.ExpireTimeSpan);
signInContext.CookieOptions.Expires = expiresUtc.ToUniversalTime();
}
var ticket = new AuthenticationTicket(signInContext.Principal !, signInContext.Properties, signInContext.Scheme.Name);
if (Options.SessionStore != null)
{
if (_sessionKey != null)
{
// Renew the ticket in cases of multiple requests see: https://github.com/dotnet/aspnetcore/issues/22135
await Options.SessionStore.RenewAsync(_sessionKey, ticket, Context, Context.RequestAborted);
}
else
{
_sessionKey = await Options.SessionStore.StoreAsync(ticket, Context, Context.RequestAborted);
}
var principal = new ClaimsPrincipal(
new ClaimsIdentity(
new[] { new Claim(SessionIdClaim, _sessionKey, ClaimValueTypes.String, Options.ClaimsIssuer) },
Options.ClaimsIssuer));
ticket = new AuthenticationTicket(principal, null, Scheme.Name);
}
var cookieValue = Options.TicketDataFormat.Protect(ticket, GetTlsTokenBinding());
Options.CookieManager.AppendResponseCookie(
Context,
Options.Cookie.Name !,
cookieValue,
signInContext.CookieOptions);
var signedInContext = new CookieSignedInContext(
Context,
Scheme,
signInContext.Principal !,
signInContext.Properties,
Options);
await Events.SignedIn(signedInContext);
// Only honor the ReturnUrl query string parameter on the login path
var shouldHonorReturnUrlParameter = Options.LoginPath.HasValue && OriginalPath == Options.LoginPath;
await ApplyHeaders(shouldRedirect : true, shouldHonorReturnUrlParameter, signedInContext.Properties);
Logger.AuthenticationSchemeSignedIn(Scheme.Name);
}
protected override async Task HandleSignInAsync(SignInContext signin)
{
var ticket = await EnsureCookieTicket();
//try
//{
var tenantResolver = tenantResolverFactory.GetResolver();
var cookieOptions = BuildCookieOptions();
//var signInContext = new CookieResponseSignInContext(
// Context,
// Options,
// Options.AuthenticationScheme,
// signin.Principal,
// new AuthenticationProperties(signin.Properties),
// cookieOptions);
var signInContext = new CookieSigningInContext(
Context,
Options,
tenantResolver.ResolveAuthScheme(Options.AuthenticationScheme),
signin.Principal,
new AuthenticationProperties(signin.Properties),
cookieOptions);
DateTimeOffset issuedUtc;
if (signInContext.Properties.IssuedUtc.HasValue)
{
issuedUtc = signInContext.Properties.IssuedUtc.Value;
}
else
{
issuedUtc = Options.SystemClock.UtcNow;
signInContext.Properties.IssuedUtc = issuedUtc;
}
if (!signInContext.Properties.ExpiresUtc.HasValue)
{
signInContext.Properties.ExpiresUtc = issuedUtc.Add(Options.ExpireTimeSpan);
}
await Options.Events.SigningIn(signInContext);
if (signInContext.Properties.IsPersistent)
{
var expiresUtc = signInContext.Properties.ExpiresUtc ?? issuedUtc.Add(Options.ExpireTimeSpan);
signInContext.CookieOptions.Expires = expiresUtc.ToUniversalTime().DateTime;
}
ticket = new AuthenticationTicket(signInContext.Principal, signInContext.Properties, signInContext.AuthenticationScheme);
if (Options.SessionStore != null)
{
if (_sessionKey != null)
{
await Options.SessionStore.RemoveAsync(_sessionKey);
}
_sessionKey = await Options.SessionStore.StoreAsync(ticket);
var principal = new ClaimsPrincipal(
new ClaimsIdentity(
new[] { new Claim(SessionIdClaim, _sessionKey, ClaimValueTypes.String, Options.ClaimsIssuer) },
Options.ClaimsIssuer));
//ticket = new AuthenticationTicket(principal, null, Options.AuthenticationScheme);
ticket = new AuthenticationTicket(principal, null, tenantResolver.ResolveAuthScheme(Options.AuthenticationScheme));
}
//var cookieValue = Options.TicketDataFormat.Protect(ticket);
var ticketDataFormet = GetTicketDataFormat(tenantResolver);
var cookieValue = ticketDataFormet.Protect(ticket);
//Options.CookieManager.AppendResponseCookie(
// Context,
// Options.CookieName,
// cookieValue,
// signInContext.CookieOptions);
Options.CookieManager.AppendResponseCookie(
Context,
tenantResolver.ResolveCookieName(Options.CookieName),
cookieValue,
signInContext.CookieOptions);
//var signedInContext = new CookieResponseSignedInContext(
// Context,
// Options,
// Options.AuthenticationScheme,
// signInContext.Principal,
// signInContext.Properties);
var signedInContext = new CookieSignedInContext(
Context,
Options,
tenantResolver.ResolveAuthScheme(Options.AuthenticationScheme),
signInContext.Principal,
signInContext.Properties);
await Options.Events.SignedIn(signedInContext);
var shouldLoginRedirect = Options.LoginPath.HasValue && OriginalPath == Options.LoginPath;
await ApplyHeaders(shouldLoginRedirect);
//}
//catch (Exception exception)
//{
// var exceptionContext = new CookieExceptionContext(Context, Options,
// CookieExceptionContext.ExceptionLocation.SignIn, exception, ticket);
// await Options.Events.Exception(exceptionContext);
// if (exceptionContext.Rethrow)
// {
// throw;
// }
//}
}
public Task SigningIn(CookieSigningInContext context)
{
return(Task.FromResult(0));
}
