public override IHttpResult OnAuthenticated(IServiceBase authService, IAuthSession session, IAuthTokens tokens, Dictionary <string, string> authInfo)
{
authService.Request.RemoveSession();
// Override session options
authService.Request.AddSessionOptions(SessionOptions.Temporary);
// Create new session cookies
session.Id = authService.Request.Response.CreateSessionIds(authService.Request);
// authInfo = new Dictionary<string, string>();
// authInfo.Add("Security", (authService.GetSession() as CustomUserSession).SecurityLevel.ToString());
try
{
session.IsAuthenticated = true;
session.OnAuthenticated(authService, session, tokens, authInfo);
AuthEvents.OnAuthenticated(authService.Request, session, authService, tokens, authInfo);
}
finally
{
authService.SaveSession(session, SessionExpiry);
}
return(null);
// return base.OnAuthenticated(authService, session, tokens, authInfo);
}
public override IHttpResult OnAuthenticated(IServiceBase authService, IAuthSession session, IAuthTokens tokens, Dictionary <string, string> authInfo)
{
session.AuthProvider = Name;
if (session is AuthUserSession userSession)
{
LoadUserAuthInfo(userSession, tokens, authInfo);
HostContext.TryResolve <IAuthMetadataProvider>().SafeAddMetadata(tokens, authInfo);
}
if (session is IAuthSessionExtended authSession)
{
var failed = authSession.Validate(authService, session, tokens, authInfo);
if (failed != null)
{
authService.RemoveSession();
return(failed);
}
}
var authRepo = HostContext.AppHost.GetAuthRepository(authService.Request);
using (authRepo as IDisposable)
{
if (authRepo != null)
{
if (tokens != null)
{
authInfo.ForEach((x, y) => tokens.Items[x] = y);
session.UserAuthId = authRepo.CreateOrMergeAuthSession(session, tokens).UserAuthId.ToString();
}
foreach (var oAuthToken in session.GetAuthTokens())
{
var authProvider = AuthenticateService.GetAuthProvider(oAuthToken.Provider);
var userAuthProvider = authProvider as OAuthProvider;
userAuthProvider?.LoadUserOAuthProvider(session, oAuthToken);
}
var failed = ValidateAccount(authService, authRepo, session, tokens);
if (failed != null)
{
return(failed);
}
}
}
try
{
session.OnAuthenticated(authService, session, tokens, authInfo);
AuthEvents.OnAuthenticated(authService.Request, session, authService, tokens, authInfo);
}
finally
{
this.SaveSession(authService, session, SessionExpiry);
authService.Request.Items[Keywords.DidAuthenticate] = true;
}
return(null);
}
public override IHttpResult OnAuthenticated(IServiceBase authService, IAuthSession session, IAuthTokens tokens, Dictionary <string, string> authInfo)
{
var userSession = session as AuthUserSession;
if (userSession != null)
{
LoadUserAuthInfo(userSession, tokens, authInfo);
HostContext.TryResolve <IAuthMetadataProvider>().SafeAddMetadata(tokens, authInfo);
}
var authRepo = authService.TryResolve <IAuthRepository>();
if (authRepo != null)
{
if (tokens != null)
{
authInfo.ForEach((x, y) => tokens.Items[x] = y);
session.UserAuthId = authRepo.CreateOrMergeAuthSession(session, tokens).UserAuthId.ToString();
}
foreach (var oAuthToken in session.ProviderOAuthAccess)
{
var authProvider = AuthenticateService.GetAuthProvider(oAuthToken.Provider);
if (authProvider == null)
{
continue;
}
var userAuthProvider = authProvider as OAuthProvider;
if (userAuthProvider != null)
{
userAuthProvider.LoadUserOAuthProvider(session, oAuthToken);
}
}
var httpRes = authService.Request.Response as IHttpResponse;
if (httpRes != null)
{
httpRes.Cookies.AddPermanentCookie(HttpHeaders.XUserAuthId, session.UserAuthId);
}
var failed = ValidateAccount(authService, authRepo, session, tokens);
if (failed != null)
{
return(failed);
}
}
try
{
session.IsAuthenticated = true;
session.OnAuthenticated(authService, session, tokens, authInfo);
AuthEvents.OnAuthenticated(authService.Request, session, authService, tokens, authInfo);
}
finally
{
authService.SaveSession(session, SessionExpiry);
}
return(null);
}
public virtual void OnAuthenticated(IServiceBase authService, IAuthSession session, IAuthTokens tokens, Dictionary <string, string> authInfo)
{
var userSession = session as AuthUserSession;
if (userSession != null)
{
LoadUserAuthInfo(userSession, tokens, authInfo);
}
var authRepo = authService.TryResolve <IAuthRepository>();
if (authRepo != null)
{
if (tokens != null)
{
authInfo.ForEach((x, y) => tokens.Items[x] = y);
session.UserAuthId = authRepo.CreateOrMergeAuthSession(session, tokens);
}
//SaveUserAuth(authService, userSession, authRepo, tokens);
authRepo.LoadUserAuth(session, tokens);
foreach (var oAuthToken in session.ProviderOAuthAccess)
{
var authProvider = AuthenticateService.GetAuthProvider(oAuthToken.Provider);
if (authProvider == null)
{
continue;
}
var userAuthProvider = authProvider as OAuthProvider;
if (userAuthProvider != null)
{
userAuthProvider.LoadUserOAuthProvider(session, oAuthToken);
}
}
var httpRes = authService.Request.Response as IHttpResponse;
if (httpRes != null)
{
httpRes.Cookies.AddPermanentCookie(HttpHeaders.XUserAuthId, session.UserAuthId);
}
}
try
{
session.IsAuthenticated = true;
session.OnAuthenticated(authService, session, tokens, authInfo);
}
finally
{
authService.SaveSession(session, SessionExpiry);
}
}
public override IHttpResult OnAuthenticated(IServiceBase authService, IAuthSession session, IAuthTokens tokens, Dictionary <string, string> authInfo)
{
var userSession = session as AuthUserSession;
if (userSession != null)
{
LoadUserAuthInfo(userSession, tokens, authInfo);
}
var authRepo = authService.TryResolve <IAuthRepository>();
if (authRepo != null)
{
if (tokens != null)
{
authInfo.ForEach((x, y) => tokens.Items[x] = y);
session.UserAuthId = authRepo.CreateOrMergeAuthSession(session, tokens);
}
foreach (var oAuthToken in session.ProviderOAuthAccess)
{
var authProvider = AuthenticateService.GetAuthProvider(oAuthToken.Provider);
if (authProvider == null)
{
continue;
}
var userAuthProvider = authProvider as OAuthProvider;
if (userAuthProvider != null)
{
userAuthProvider.LoadUserOAuthProvider(session, oAuthToken);
}
}
var failed = ValidateAccount(authService, authRepo, session, tokens);
if (failed != null)
{
return(failed);
}
}
try
{
session.OnAuthenticated(authService, session, tokens, authInfo);
}
finally
{
authService.SaveSession(session, SessionExpiry);
}
return(null);
}
public override void OnAuthenticated(IServiceBase authService, IAuthSession session, IOAuthTokens tokens, Dictionary <string, string> authInfo)
{
var userSession = session as AuthUserSession;
if (userSession != null)
{
LoadUserAuthInfo(userSession, tokens, authInfo);
}
var authRepo = authService.TryResolve <IUserAuthRepository>();
if (authRepo != null)
{
if (tokens != null)
{
authInfo.ForEach((x, y) => tokens.Items[x] = y);
session.UserAuthId = authRepo.CreateOrMergeAuthSession(session, tokens);
}
foreach (var oAuthToken in session.ProviderOAuthAccess)
{
var authProvider = AuthService.GetAuthProvider(oAuthToken.Provider);
if (authProvider == null)
{
continue;
}
var userAuthProvider = authProvider as OAuthProvider;
if (userAuthProvider != null)
{
userAuthProvider.LoadUserOAuthProvider(session, oAuthToken);
}
}
//var httpRes = authService.RequestContext.Get<IHttpResponse>();
//if (httpRes != null)
//{
// httpRes.Cookies.AddPermanentCookie(HttpHeaders.XUserAuthId, session.UserAuthId);
//}
}
authService.SaveSession(session, SessionExpiry);
session.OnAuthenticated(authService, session, tokens, authInfo);
}
public virtual object Authenticate(IServiceBase service, Auth request, IAuthSession session,
IOAuthTokens tokens, OAuthAuthorizer oAuth)
{
//Default oAuth logic based on Twitter's oAuth workflow
if (!tokens.RequestToken.IsNullOrEmpty() && !request.oauth_token.IsNullOrEmpty())
{
oAuth.RequestToken = tokens.RequestToken;
oAuth.RequestTokenSecret = tokens.RequestTokenSecret;
oAuth.AuthorizationToken = request.oauth_token;
oAuth.AuthorizationVerifier = request.oauth_verifier;
if (oAuth.AcquireAccessToken())
{
tokens.AccessToken = oAuth.AccessToken;
tokens.AccessTokenSecret = oAuth.AccessTokenSecret;
session.OnAuthenticated(service, tokens, oAuth.AuthInfo);
service.SaveSession(session);
//Haz access!
return(service.Redirect(session.ReferrerUrl.AddHashParam("s", "1")));
}
//No Joy :(
tokens.RequestToken = null;
tokens.RequestTokenSecret = null;
service.SaveSession(session);
return(service.Redirect(session.ReferrerUrl.AddHashParam("f", "AccessTokenFailed")));
}
if (oAuth.AcquireRequestToken())
{
tokens.RequestToken = oAuth.RequestToken;
tokens.RequestTokenSecret = oAuth.RequestTokenSecret;
service.SaveSession(session);
//Redirect to OAuth provider to approve access
return(service.Redirect(this.AuthorizeUrl
.AddQueryParam("oauth_token", tokens.RequestToken)
.AddQueryParam("oauth_callback", session.ReferrerUrl)));
}
return(service.Redirect(session.ReferrerUrl.AddHashParam("f", "RequestTokenFailed")));
}
public override object Authenticate(IServiceBase service, Auth request, IAuthSession session, IOAuthTokens tokens, OAuthAuthorizer oAuth)
{
var code = service.RequestContext.Get <IHttpRequest>().QueryString["code"];
var isPreAuthCallback = !code.IsNullOrEmpty();
if (!isPreAuthCallback)
{
var preAuthUrl = PreAuthUrl + "?client_id={0}&redirect_uri={1}&scope={2}"
.Fmt(AppId, this.CallbackUrl.UrlEncode(), string.Join(",", Permissions));
return(service.Redirect(preAuthUrl));
}
var accessTokenUrl = this.AccessTokenUrl + "?client_id={0}&redirect_uri={1}&client_secret={2}&code={3}"
.Fmt(AppId, this.CallbackUrl.UrlEncode(), AppSecret, code);
try
{
var contents = accessTokenUrl.DownloadUrl();
var authInfo = HttpUtility.ParseQueryString(contents);
tokens.AccessTokenSecret = authInfo["access_token"];
service.SaveSession(session);
session.OnAuthenticated(service, tokens, authInfo.ToDictionary());
//Haz access!
return(service.Redirect(session.ReferrerUrl.AddHashParam("s", "1")));
}
catch (WebException we)
{
var statusCode = ((HttpWebResponse)we.Response).StatusCode;
if (statusCode == HttpStatusCode.BadRequest)
{
return(service.Redirect(session.ReferrerUrl.AddHashParam("f", "AccessTokenFailed")));
}
}
//Shouldn't get here
return(service.Redirect(session.ReferrerUrl.AddHashParam("f", "Unknown")));
}
public virtual void OnAuthenticated(IServiceBase authService, IAuthSession session, IOAuthTokens tokens, Dictionary <string, string> authInfo)
{
var userSession = session as AuthUserSession;
if (userSession != null)
{
LoadUserAuthInfo(userSession, tokens, authInfo);
}
var authRepo = authService.TryResolve <IUserAuthRepository>();
if (authRepo != null)
{
if (tokens != null)
{
authInfo.ForEach((x, y) => tokens.Items[x] = y);
}
SaveUserAuth(authService, userSession, authRepo, tokens);
}
OnSaveUserAuth(authService, session);
authService.SaveSession(session, SessionExpiry);
session.OnAuthenticated(authService, session, tokens, authInfo);
}
public override void OnAuthenticated(IServiceBase authService, IAuthSession session, IAuthTokens tokens, Dictionary<string, string> authInfo)
{
var userSession = session as AuthUserSession;
if (userSession != null) {
LoadUserAuthInfo(userSession, tokens, authInfo);
}
var authRepo = authService.TryResolve<IAuthRepository>();
if (authRepo != null) {
if (tokens != null) {
authInfo.ForEach((x, y) => tokens.Items[x] = y);
session.UserAuthId = authRepo.CreateOrMergeAuthSession(session, tokens);
}
foreach (var oAuthToken in session.ProviderOAuthAccess) {
var authProvider = AuthenticateService.GetAuthProvider(oAuthToken.Provider);
if (authProvider == null) {
continue;
}
var userAuthProvider = authProvider as OAuthProvider;
if (userAuthProvider != null) {
userAuthProvider.LoadUserOAuthProvider(session, oAuthToken);
}
}
}
try
{
session.OnAuthenticated(authService, session, tokens, authInfo);
}
finally
{
authService.SaveSession(session, SessionExpiry);
}
}
public override IHttpResult OnAuthenticated(IServiceBase authService, IAuthSession session, IAuthTokens tokens, Dictionary<string, string> authInfo)
{
var userSession = session as AuthUserSession;
if (userSession != null) {
LoadUserAuthInfo(userSession, tokens, authInfo);
HostContext.TryResolve<IAuthMetadataProvider>().SafeAddMetadata(tokens, authInfo);
}
var authRepo = authService.TryResolve<IAuthRepository>();
if (authRepo != null) {
if (tokens != null) {
authInfo.ForEach((x, y) => tokens.Items[x] = y);
session.UserAuthId = authRepo.CreateOrMergeAuthSession(session, tokens);
}
foreach (var oAuthToken in session.ProviderOAuthAccess) {
var authProvider = AuthenticateService.GetAuthProvider(oAuthToken.Provider);
if (authProvider == null) {
continue;
}
var userAuthProvider = authProvider as OAuthProvider;
if (userAuthProvider != null) {
userAuthProvider.LoadUserOAuthProvider(session, oAuthToken);
}
}
var failed = ValidateAccount(authService, authRepo, session, tokens);
if (failed != null)
return failed;
}
try
{
session.OnAuthenticated(authService, session, tokens, authInfo);
AuthEvents.OnAuthenticated(authService.Request, session, authService, tokens, authInfo);
}
finally
{
authService.SaveSession(session, SessionExpiry);
}
return null;
}
public virtual IHttpResult OnAuthenticated(IServiceBase authService, IAuthSession session, IAuthTokens tokens, Dictionary <string, string> authInfo)
{
session.AuthProvider = Provider;
if (session is AuthUserSession userSession)
{
LoadUserAuthInfo(userSession, tokens, authInfo);
HostContext.TryResolve <IAuthMetadataProvider>().SafeAddMetadata(tokens, authInfo);
LoadUserAuthFilter?.Invoke(userSession, tokens, authInfo);
}
var hasTokens = tokens != null && authInfo != null;
if (hasTokens && SaveExtendedUserInfo)
{
if (tokens.Items == null)
{
tokens.Items = new Dictionary <string, string>();
}
authInfo.ForEach((x, y) => tokens.Items[x] = y);
}
var authRepo = GetAuthRepository(authService.Request);
using (authRepo as IDisposable)
{
if (CustomValidationFilter != null)
{
var ctx = new AuthContext
{
Request = authService.Request,
Service = authService,
AuthProvider = this,
Session = session,
AuthTokens = tokens,
AuthInfo = authInfo,
AuthRepository = authRepo,
};
var response = CustomValidationFilter(ctx);
if (response != null)
{
authService.RemoveSession();
return(response);
}
}
if (authRepo != null)
{
var failed = ValidateAccount(authService, authRepo, session, tokens);
if (failed != null)
{
authService.RemoveSession();
return(failed);
}
if (hasTokens)
{
var authDetails = authRepo.CreateOrMergeAuthSession(session, tokens);
session.UserAuthId = authDetails.UserAuthId.ToString();
var firstTimeAuthenticated = authDetails.CreatedDate == authDetails.ModifiedDate;
if (firstTimeAuthenticated)
{
session.OnRegistered(authService.Request, session, authService);
AuthEvents.OnRegistered(authService.Request, session, authService);
}
}
authRepo.LoadUserAuth(session, tokens);
foreach (var oAuthToken in session.GetAuthTokens())
{
var authProvider = AuthenticateService.GetAuthProvider(oAuthToken.Provider);
var userAuthProvider = authProvider as OAuthProvider;
userAuthProvider?.LoadUserOAuthProvider(session, oAuthToken);
}
var httpRes = authService.Request.Response as IHttpResponse;
if (session.UserAuthId != null)
{
httpRes?.Cookies.AddPermanentCookie(HttpHeaders.XUserAuthId, session.UserAuthId);
}
}
else
{
if (hasTokens)
{
session.UserAuthId = CreateOrMergeAuthSession(session, tokens);
}
}
}
try
{
session.IsAuthenticated = true;
session.OnAuthenticated(authService, session, tokens, authInfo);
AuthEvents.OnAuthenticated(authService.Request, session, authService, tokens, authInfo);
}
finally
{
this.SaveSession(authService, session, SessionExpiry);
authService.Request.Items[Keywords.DidAuthenticate] = true;
}
return(null);
}
public virtual IHttpResult OnAuthenticated(IServiceBase authService, IAuthSession session, IAuthTokens tokens, Dictionary<string, string> authInfo)
{
var userSession = session as AuthUserSession;
if (userSession != null)
{
LoadUserAuthInfo(userSession, tokens, authInfo);
HostContext.TryResolve<IAuthMetadataProvider>().SafeAddMetadata(tokens, authInfo);
if (LoadUserAuthFilter != null)
{
LoadUserAuthFilter(userSession, tokens, authInfo);
}
}
var hasTokens = tokens != null && authInfo != null;
if (hasTokens)
{
authInfo.ForEach((x, y) => tokens.Items[x] = y);
}
var authRepo = authService.TryResolve<IAuthRepository>();
if (authRepo != null)
{
var failed = ValidateAccount(authService, authRepo, session, tokens);
if (failed != null)
return failed;
if (hasTokens)
{
session.UserAuthId = authRepo.CreateOrMergeAuthSession(session, tokens);
}
authRepo.LoadUserAuth(session, tokens);
foreach (var oAuthToken in session.ProviderOAuthAccess)
{
var authProvider = AuthenticateService.GetAuthProvider(oAuthToken.Provider);
if (authProvider == null) continue;
var userAuthProvider = authProvider as OAuthProvider;
if (userAuthProvider != null)
{
userAuthProvider.LoadUserOAuthProvider(session, oAuthToken);
}
}
var httpRes = authService.Request.Response as IHttpResponse;
if (session.UserAuthId != null && httpRes != null)
{
httpRes.Cookies.AddPermanentCookie(HttpHeaders.XUserAuthId, session.UserAuthId);
}
}
else
{
if (hasTokens)
{
session.UserAuthId = CreateOrMergeAuthSession(session, tokens);
}
}
try
{
session.IsAuthenticated = true;
session.OnAuthenticated(authService, session, tokens, authInfo);
}
finally
{
authService.SaveSession(session, SessionExpiry);
}
return null;
}
public virtual void OnAuthenticated(IServiceBase authService, IAuthSession session, IOAuthTokens tokens, Dictionary<string, string> authInfo)
{
var userSession = session as AuthUserSession;
if (userSession != null)
{
LoadUserAuthInfo(userSession, tokens, authInfo);
}
var authRepo = authService.TryResolve<IUserAuthRepository>();
if (authRepo != null)
{
if (tokens != null)
{
authInfo.ForEach((x, y) => tokens.Items[x] = y);
}
SaveUserAuth(authService, userSession, authRepo, tokens);
}
OnSaveUserAuth(authService, session);
authService.SaveSession(session, SessionExpiry);
session.OnAuthenticated(authService, session, tokens, authInfo);
}
public virtual void OnAuthenticated(IServiceBase authService, IAuthSession session, IOAuthTokens tokens, Dictionary<string, string> authInfo)
{
var userSession = session as AuthUserSession;
if (userSession != null)
{
LoadUserAuthInfo(userSession, tokens, authInfo);
}
var authRepo = authService.TryResolve<IUserAuthRepository>();
if (authRepo != null)
{
if (tokens != null)
{
authInfo.ForEach((x, y) => tokens.Items[x] = y);
session.UserAuthId = authRepo.CreateOrMergeAuthSession(session, tokens);
}
//SaveUserAuth(authService, userSession, authRepo, tokens);
authRepo.LoadUserAuth(session, tokens);
foreach (var oAuthToken in session.ProviderOAuthAccess)
{
var authProvider = AuthService.GetAuthProvider(oAuthToken.Provider);
if (authProvider == null) continue;
var userAuthProvider = authProvider as OAuthProvider;
if (userAuthProvider != null)
{
userAuthProvider.LoadUserOAuthProvider(session, oAuthToken);
}
}
var httpRes = authService.RequestContext.Get<IHttpResponse>();
if (httpRes != null)
{
httpRes.Cookies.AddPermanentCookie(HttpHeaders.XUserAuthId, session.UserAuthId);
}
}
//OnSaveUserAuth(authService, session);
authService.SaveSession(session, SessionExpiry);
session.OnAuthenticated(authService, session, tokens, authInfo);
}
public override IHttpResult OnAuthenticated(IServiceBase authService, IAuthSession session, IAuthTokens tokens, Dictionary <string, string> authInfo)
{
session.AuthProvider = Provider;
var userSession = session as AuthUserSession;
if (userSession != null)
{
LoadUserAuthInfo(userSession, tokens, authInfo);
HostContext.TryResolve <IAuthMetadataProvider>().SafeAddMetadata(tokens, authInfo);
LoadUserAuthFilter?.Invoke(userSession, tokens, authInfo);
}
var authRepo = HostContext.AppHost.GetAuthRepository(authService.Request);
using (authRepo as IDisposable)
{
if (CustomValidationFilter != null)
{
var ctx = new AuthContext
{
Request = authService.Request,
Service = authService,
AuthProvider = this,
Session = session,
AuthTokens = tokens,
AuthInfo = authInfo,
AuthRepository = authRepo,
};
var response = CustomValidationFilter(ctx);
if (response != null)
{
authService.RemoveSession();
return(response);
}
}
if (authRepo != null)
{
if (tokens != null)
{
authInfo.ForEach((x, y) => tokens.Items[x] = y);
session.UserAuthId = authRepo.CreateOrMergeAuthSession(session, tokens).UserAuthId.ToString();
}
foreach (var oAuthToken in session.GetAuthTokens())
{
var authProvider = AuthenticateService.GetAuthProvider(oAuthToken.Provider);
var userAuthProvider = authProvider as OAuthProvider;
userAuthProvider?.LoadUserOAuthProvider(session, oAuthToken);
}
var httpRes = authService.Request.Response as IHttpResponse;
httpRes?.Cookies.AddPermanentCookie(HttpHeaders.XUserAuthId, session.UserAuthId);
var failed = ValidateAccount(authService, authRepo, session, tokens);
if (failed != null)
{
return(failed);
}
}
}
try
{
session.IsAuthenticated = true;
session.OnAuthenticated(authService, session, tokens, authInfo);
AuthEvents.OnAuthenticated(authService.Request, session, authService, tokens, authInfo);
}
finally
{
this.SaveSession(authService, session, SessionExpiry);
}
return(null);
}
public virtual async Task <IHttpResult> OnAuthenticatedAsync(IServiceBase authService, IAuthSession session, IAuthTokens tokens, Dictionary <string, string> authInfo, CancellationToken token = default)
{
session.AuthProvider = Provider;
if (session is AuthUserSession userSession)
{
await LoadUserAuthInfoAsync(userSession, tokens, authInfo, token).ConfigAwait();
HostContext.TryResolve <IAuthMetadataProvider>().SafeAddMetadata(tokens, authInfo);
LoadUserAuthFilter?.Invoke(userSession, tokens, authInfo);
}
var hasTokens = tokens != null && authInfo != null;
if (hasTokens && SaveExtendedUserInfo)
{
if (tokens.Items == null)
{
tokens.Items = new Dictionary <string, string>();
}
foreach (var entry in authInfo)
{
if (ExcludeAuthInfoItems.Contains(entry.Key))
{
continue;
}
tokens.Items[entry.Key] = entry.Value;
}
}
if (session is IAuthSessionExtended authSession)
{
var failed = authSession.Validate(authService, session, tokens, authInfo)
?? AuthEvents.Validate(authService, session, tokens, authInfo);
if (failed != null)
{
await authService.RemoveSessionAsync(token).ConfigAwait();
return(failed);
}
}
var authRepo = GetAuthRepositoryAsync(authService.Request);
#if NET472 || NETSTANDARD2_0
await using (authRepo as IAsyncDisposable)
#else
using (authRepo as IDisposable)
#endif
{
if (CustomValidationFilter != null)
{
var ctx = new AuthContext
{
Request = authService.Request,
Service = authService,
AuthProvider = this,
Session = session,
AuthTokens = tokens,
AuthInfo = authInfo,
AuthRepositoryAsync = authRepo,
AuthRepository = authRepo as IAuthRepository,
};
var response = CustomValidationFilter(ctx);
if (response != null)
{
await authService.RemoveSessionAsync(token).ConfigAwait();
return(response);
}
}
if (authRepo != null)
{
var failed = await ValidateAccountAsync(authService, authRepo, session, tokens, token).ConfigAwait();
if (failed != null)
{
await authService.RemoveSessionAsync(token).ConfigAwait();
return(failed);
}
if (hasTokens)
{
var authDetails = await authRepo.CreateOrMergeAuthSessionAsync(session, tokens, token).ConfigAwait();
session.UserAuthId = authDetails.UserAuthId.ToString();
var firstTimeAuthenticated = authDetails.CreatedDate == authDetails.ModifiedDate;
if (firstTimeAuthenticated)
{
session.OnRegistered(authService.Request, session, authService);
AuthEvents.OnRegistered(authService.Request, session, authService);
}
}
await authRepo.LoadUserAuthAsync(session, tokens, token).ConfigAwait();
foreach (var oAuthToken in session.GetAuthTokens())
{
var authProvider = AuthenticateService.GetAuthProvider(oAuthToken.Provider);
var userAuthProvider = authProvider as OAuthProvider;
userAuthProvider?.LoadUserOAuthProvider(session, oAuthToken);
}
var httpRes = authService.Request.Response as IHttpResponse;
if (session.UserAuthId != null)
{
httpRes?.Cookies.AddPermanentCookie(HttpHeaders.XUserAuthId, session.UserAuthId);
}
}
else
{
if (hasTokens)
{
session.UserAuthId = CreateOrMergeAuthSession(session, tokens);
}
}
}
try
{
session.IsAuthenticated = true;
session.OnAuthenticated(authService, session, tokens, authInfo);
AuthEvents.OnAuthenticated(authService.Request, session, authService, tokens, authInfo);
}
finally
{
await this.SaveSessionAsync(authService, session, SessionExpiry, token).ConfigAwait();
authService.Request.Items[Keywords.DidAuthenticate] = true;
}
return(null);
}
public override async Task <IHttpResult> OnAuthenticatedAsync(IServiceBase authService, IAuthSession session, IAuthTokens tokens, Dictionary <string, string> authInfo, CancellationToken token = default)
{
session.AuthProvider = Name;
if (session is AuthUserSession userSession)
{
await LoadUserAuthInfoAsync(userSession, tokens, authInfo, token).ConfigAwait();
HostContext.TryResolve <IAuthMetadataProvider>().SafeAddMetadata(tokens, authInfo);
}
if (session is IAuthSessionExtended authSession)
{
var failed = authSession.Validate(authService, session, tokens, authInfo)
?? await authSession.ValidateAsync(authService, session, tokens, authInfo, token)
?? AuthEvents.Validate(authService, session, tokens, authInfo)
?? (AuthEvents is IAuthEventsAsync asyncEvents
? await asyncEvents.ValidateAsync(authService, session, tokens, authInfo, token)
: null);
if (failed != null)
{
await authService.RemoveSessionAsync(token).ConfigAwait();
return(failed);
}
}
var authRepo = GetUserAuthRepositoryAsync(authService.Request);
#if NET472 || NETSTANDARD2_0
await using (authRepo as IAsyncDisposable)
#else
using (authRepo as IDisposable)
#endif
{
if (authRepo != null)
{
if (tokens != null)
{
authInfo.ForEach((x, y) => tokens.Items[x] = y);
session.UserAuthId = (await authRepo.CreateOrMergeAuthSessionAsync(session, tokens, token)).UserAuthId.ToString();
}
foreach (var oAuthToken in session.GetAuthTokens())
{
var authProvider = AuthenticateService.GetAuthProvider(oAuthToken.Provider);
var userAuthProvider = authProvider as OAuthProvider;
userAuthProvider?.LoadUserOAuthProvider(session, oAuthToken);
}
var failed = await ValidateAccountAsync(authService, authRepo, session, tokens, token).ConfigAwait();
if (failed != null)
{
return(failed);
}
}
}
try
{
session.IsAuthenticated = true;
session.OnAuthenticated(authService, session, tokens, authInfo);
if (session is IAuthSessionExtended sessionExt)
{
await sessionExt.OnAuthenticatedAsync(authService, session, tokens, authInfo, token).ConfigAwait();
}
AuthEvents.OnAuthenticated(authService.Request, session, authService, tokens, authInfo);
if (AuthEvents is IAuthEventsAsync asyncEvents)
{
await asyncEvents.OnAuthenticatedAsync(authService.Request, session, authService, tokens, authInfo, token).ConfigAwait();
}
}
finally
{
await this.SaveSessionAsync(authService, session, SessionExpiry, token).ConfigAwait();
authService.Request.Items[Keywords.DidAuthenticate] = true;
}
return(null);
}
public virtual object Authenticate(IServiceBase service, Auth request, IAuthSession session,
IOAuthTokens tokens, OAuthAuthorizer oAuth)
{
//Default oAuth logic based on Twitter's oAuth workflow
if (!tokens.RequestToken.IsNullOrEmpty() && !request.oauth_token.IsNullOrEmpty())
{
oAuth.RequestToken = tokens.RequestToken;
oAuth.RequestTokenSecret = tokens.RequestTokenSecret;
oAuth.AuthorizationToken = request.oauth_token;
oAuth.AuthorizationVerifier = request.oauth_verifier;
if (oAuth.AcquireAccessToken())
{
tokens.AccessToken = oAuth.AccessToken;
tokens.AccessTokenSecret = oAuth.AccessTokenSecret;
session.OnAuthenticated(service, tokens, oAuth.AuthInfo);
service.SaveSession(session);
//Haz access!
return service.Redirect(session.ReferrerUrl.AddHashParam("s", "1"));
}
//No Joy :(
tokens.RequestToken = null;
tokens.RequestTokenSecret = null;
service.SaveSession(session);
return service.Redirect(session.ReferrerUrl.AddHashParam("f", "AccessTokenFailed"));
}
if (oAuth.AcquireRequestToken())
{
tokens.RequestToken = oAuth.RequestToken;
tokens.RequestTokenSecret = oAuth.RequestTokenSecret;
service.SaveSession(session);
//Redirect to OAuth provider to approve access
return service.Redirect(this.AuthorizeUrl
.AddQueryParam("oauth_token", tokens.RequestToken)
.AddQueryParam("oauth_callback", session.ReferrerUrl));
}
return service.Redirect(session.ReferrerUrl.AddHashParam("f", "RequestTokenFailed"));
}
public override object Authenticate(IServiceBase service, Auth request, IAuthSession session, IOAuthTokens tokens, OAuthAuthorizer oAuth)
{
var code = service.RequestContext.Get<IHttpRequest>().QueryString["code"];
var isPreAuthCallback = !code.IsNullOrEmpty();
if (!isPreAuthCallback)
{
var preAuthUrl = PreAuthUrl + "?client_id={0}&redirect_uri={1}&scope={2}"
.Fmt(AppId, this.CallbackUrl.UrlEncode(), string.Join(",", Permissions));
return service.Redirect(preAuthUrl);
}
var accessTokenUrl = this.AccessTokenUrl + "?client_id={0}&redirect_uri={1}&client_secret={2}&code={3}"
.Fmt(AppId, this.CallbackUrl.UrlEncode(), AppSecret, code);
try
{
var contents = accessTokenUrl.DownloadUrl();
var authInfo = HttpUtility.ParseQueryString(contents);
tokens.AccessTokenSecret = authInfo["access_token"];
service.SaveSession(session);
session.OnAuthenticated(service, tokens, authInfo.ToDictionary());
//Haz access!
return service.Redirect(session.ReferrerUrl.AddHashParam("s", "1"));
}
catch (WebException we)
{
var statusCode = ((HttpWebResponse)we.Response).StatusCode;
if (statusCode == HttpStatusCode.BadRequest)
{
return service.Redirect(session.ReferrerUrl.AddHashParam("f", "AccessTokenFailed"));
}
}
//Shouldn't get here
return service.Redirect(session.ReferrerUrl.AddHashParam("f", "Unknown"));
}
public virtual IHttpResult OnAuthenticated(IServiceBase authService, IAuthSession session, IAuthTokens tokens, Dictionary<string, string> authInfo)
{
var userSession = session as AuthUserSession;
if (userSession != null)
{
LoadUserAuthInfo(userSession, tokens, authInfo);
HostContext.TryResolve<IAuthMetadataProvider>().SafeAddMetadata(tokens, authInfo);
if (LoadUserAuthFilter != null)
{
LoadUserAuthFilter(userSession, tokens, authInfo);
}
}
var hasTokens = tokens != null && authInfo != null;
if (hasTokens)
{
authInfo.ForEach((x, y) => tokens.Items[x] = y);
}
var authRepo = authService.TryResolve<IAuthRepository>();
if (CustomValidationFilter != null)
{
var ctx = new AuthContext
{
Request = authService.Request,
Service = authService,
AuthProvider = this,
Session = session,
AuthTokens = tokens,
AuthInfo = authInfo,
AuthRepository = authRepo,
};
var response = CustomValidationFilter(ctx);
if (response != null)
{
authService.RemoveSession();
return response;
}
}
if (authRepo != null)
{
var failed = ValidateAccount(authService, authRepo, session, tokens);
if (failed != null)
{
authService.RemoveSession();
return failed;
}
if (hasTokens)
{
var authDetails = authRepo.CreateOrMergeAuthSession(session, tokens);
session.UserAuthId = authDetails.UserAuthId.ToString();
var firstTimeAuthenticated = authDetails.CreatedDate == authDetails.ModifiedDate;
if (firstTimeAuthenticated)
{
session.OnRegistered(authService.Request, session, authService);
AuthEvents.OnRegistered(authService.Request, session, authService);
}
}
authRepo.LoadUserAuth(session, tokens);
foreach (var oAuthToken in session.ProviderOAuthAccess)
{
var authProvider = AuthenticateService.GetAuthProvider(oAuthToken.Provider);
if (authProvider == null) continue;
var userAuthProvider = authProvider as OAuthProvider;
if (userAuthProvider != null)
{
userAuthProvider.LoadUserOAuthProvider(session, oAuthToken);
}
}
var httpRes = authService.Request.Response as IHttpResponse;
if (session.UserAuthId != null && httpRes != null)
{
httpRes.Cookies.AddPermanentCookie(HttpHeaders.XUserAuthId, session.UserAuthId);
}
}
else
{
if (hasTokens)
{
session.UserAuthId = CreateOrMergeAuthSession(session, tokens);
}
}
try
{
session.IsAuthenticated = true;
session.OnAuthenticated(authService, session, tokens, authInfo);
AuthEvents.OnAuthenticated(authService.Request, session, authService, tokens, authInfo);
}
finally
{
authService.SaveSession(session, SessionExpiry);
}
return null;
}
public virtual IHttpResult OnAuthenticated(IServiceBase authService, IAuthSession session, IAuthTokens tokens, Dictionary <string, string> authInfo)
{
var userSession = session as AuthUserSession;
if (userSession != null)
{
LoadUserAuthInfo(userSession, tokens, authInfo);
HostContext.TryResolve <IAuthMetadataProvider>().SafeAddMetadata(tokens, authInfo);
if (LoadUserAuthFilter != null)
{
LoadUserAuthFilter(userSession, tokens, authInfo);
}
}
var hasTokens = tokens != null && authInfo != null;
if (hasTokens)
{
authInfo.ForEach((x, y) => tokens.Items[x] = y);
}
try
{
var authRepo = authService.TryResolve <IAuthRepository>();
if (CustomValidationFilter != null)
{
var ctx = new AuthContext
{
Service = authService,
AuthProvider = this,
Session = session,
AuthTokens = tokens,
AuthInfo = authInfo,
AuthRepository = authRepo,
};
var response = CustomValidationFilter(ctx);
if (response != null)
{
session.IsAuthenticated = false;
authService.SaveSession(session, SessionExpiry);
return(response);
}
}
if (authRepo != null)
{
var failed = ValidateAccount(authService, authRepo, session, tokens);
if (failed != null)
{
session.IsAuthenticated = false;
authService.SaveSession(session, SessionExpiry);
return(failed);
}
if (hasTokens)
{
session.UserAuthId = authRepo.CreateOrMergeAuthSession(session, tokens);
}
authRepo.LoadUserAuth(session, tokens);
foreach (var oAuthToken in session.ProviderOAuthAccess)
{
var authProvider = AuthenticateService.GetAuthProvider(oAuthToken.Provider);
if (authProvider == null)
{
continue;
}
var userAuthProvider = authProvider as OAuthProvider;
if (userAuthProvider != null)
{
userAuthProvider.LoadUserOAuthProvider(session, oAuthToken);
}
}
var httpRes = authService.Request.Response as IHttpResponse;
if (session.UserAuthId != null && httpRes != null)
{
httpRes.Cookies.AddPermanentCookie(HttpHeaders.XUserAuthId, session.UserAuthId);
}
}
else
{
if (hasTokens)
{
session.UserAuthId = CreateOrMergeAuthSession(session, tokens);
}
}
session.IsAuthenticated = true;
session.OnAuthenticated(authService, session, tokens, authInfo);
}
finally
{
authService.SaveSession(session, SessionExpiry);
}
return(null);
}
