public AuthenticationApiClient(IApiEndpointConfig settings, ILogServiceAsync <ILogServiceSettings> logService)
: base(settings, logService)
{
_appRepo = new AppEndpointRepo(Settings, logService);
_appUserRepo = new AppUserEndpointRepo(Settings, logService);
orgAppUserAuthIpRepo = new AuthorizedIpEndpointRepo(Settings, logService);
_orgAppUserRoleRepo = new RolesEndpointRepo(Settings, logService);
_userClaimsRepo = new UserClaimsEndpointRepo(Settings, logService);
_orgAppUserClaimsRepo = new OrgAppUserClaimsEndpointRepo(Settings, logService);
}
private async Task <AuthenticationTicket> CreateAuthenticationTicket(IOwinContext owinContext, ClaimsIdentity oAuthIdentity)
{
ILogServiceAsync <ILogServiceSettings> logService = GlobalConfiguration.Configuration.DependencyResolver.GetService <ILogServiceAsync <ILogServiceSettings> >();
var sqlUserManager = owinContext.GetUserManager <ApplicationUserManager>();
var sqlUser = await sqlUserManager.FindByNameAsync(oAuthIdentity.Name);
//http://www.c-sharpcorner.com/UploadFile/ff2f08/angularjs-enable-owin-refresh-tokens-using-asp-net-web-api/
var newIdentity = new ClaimsIdentity(oAuthIdentity);
//SqlServerClaimsGenerator claimsGenerator = new SqlServerClaimsGenerator(
// sqlUser,
// oAuthIdentity,
// owinContext.Get<RepoBase<SystemUser>>());
//claimsGenerator.GenerateClaims();
oAuthIdentity.AddClaim(new Claim("projectRequestRole", JsonConvert.SerializeObject(new SimpleRoleClaim
{
UserId = 2154, //_user.SystemUserID,
DomainLogin = "******", //_user.DomainLogin.Trim(),
UserName = "******", //_user.DomainLogin.Trim(),
EmailAddress = "*****@*****.**", //_user.EmailAddress.Trim(),
DepartmentDescription = "some dp des", //_user.DepartmentDescr,
DepartmentId = 33, //_user.DepartmentID,
IsActive = true, //_user.boolIsActive,
Role = "user", //_user.AppRole
})));
var currentUtc = new Microsoft.Owin.Infrastructure.SystemClock().UtcNow;
AuthenticationProperties properties = CreateProperties(sqlUser);
AuthenticationTicket ticket = new AuthenticationTicket(newIdentity, properties);
ticket.Properties.IssuedUtc = DateTime.UtcNow;
ticket.Properties.ExpiresUtc = currentUtc.Add(TimeSpan.FromDays(365));//TODO: configure token expiration time in web config
ticket.Properties.AllowRefresh = true;
var principal = new ClaimsPrincipal(new[] { oAuthIdentity });
owinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });
logService.LogMessage(new
{
type = "claimsRefreshed",
endpoint = owinContext.Request.Uri,
userName = oAuthIdentity.Name,
data = new
{
orgUsers = principal.GetClaim <SimpleRoleClaim>("projectRequestRole"),
}
});
return(ticket);
}
static void Main(string[] args)
{
ILogServiceAsync <LogServiceOptions> logService = LogServiceAsync <LogServiceOptions> .Instance;
List <int> x = Enumerable.Repeat(1, 10000000).ToList();
int counter = 0;
x.AsParallel().WithDegreeOfParallelism(100).ForAll(item =>
{
logService.LogMessage(new
{
messag = String.Format("Loop count: {0}", counter++)
});
});
}
public HealthController(ILogServiceAsync <ILogServiceSettings> logService)
: base(logService)
{
}
public LogMessageEndpointRepo(IApiEndpointConfig settings, ILogServiceAsync <ILogServiceSettings> logService)
: base(settings, logService)
{
}
public EndpointRepo(IApiEndpointConfig settings, ILogServiceAsync <ILogServiceSettings> logService)
{
_settings = settings;
_logService = logService;
}
public UserClaimsEndpointRepo(IApiEndpointConfig settings, ILogServiceAsync <ILogServiceSettings> logService)
: base(settings, logService)
{
_settings.BaseAddress = settings.BaseAddress;
}
public AuthorizedIpEndpointRepo(IApiEndpointConfig settings, ILogServiceAsync <ILogServiceSettings> logService)
: base(settings, logService)
{
_settings.BaseAddress = settings.BaseAddress;
}
public BaseApiController(ILogServiceAsync <ILogServiceSettings> logService)
{
_logService = logService;
}
public HealthControllerBase(ILogServiceAsync <ILogServiceSettings> logService)
{
_logService = logService;
}
public LoggingApiClient(IApiEndpointConfig settings, ILogServiceAsync <ILogServiceSettings> logService)
: base(settings, logService)
{
EndpointLogMessage = new LogMessageEndpointRepo(Settings, logService);
}
public BaseAuthClient(IApiEndpointConfig settings, ILogServiceAsync <ILogServiceSettings> logService)
{
_logService = logService;
Settings = settings;
}
public BaseAuthClient(IApiEndpointConfig settings)
{
Settings = settings;
_logService = LogServiceAsync <LogServiceOptions> .Instance;
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
ILogServiceAsync <ILogServiceSettings> logService = GlobalConfiguration.Configuration.DependencyResolver.GetService <ILogServiceAsync <ILogServiceSettings> >();
var sqlUserManager = context.OwinContext.GetUserManager <ApplicationUserManager>();
var sqlUser = await sqlUserManager.FindAsync(context.UserName, context.Password);
if (sqlUser == null || !sqlUser.IsActive)
{
context.SetError("invalid_grant", "The user name or password is incorrect.");
logService.LogMessage(new
{
type = "claimsGenerated",
endpoint = context.Request.Uri,
userName = context.UserName,
data = new
{
message = "invalid_grant The user name or password is incorrect",
}
});
return;
}
ClaimsIdentity oAuthIdentity = await sqlUser.GenerateUserIdentityAsync(sqlUserManager, OAuthDefaults.AuthenticationType);
//ClaimsGenerator claimsGenerator = new ClaimsGenerator(
// sqlUser,
// oAuthIdentity,
// context.OwinContext.Get<RepoBase<SystemUser>>());
//claimsGenerator.GenerateClaims();
//claims generator is the same as this:
oAuthIdentity.AddClaim(new Claim("projectRequestRole", JsonConvert.SerializeObject(new SimpleRoleClaim
{
UserId = 2154, //_user.SystemUserID,
DomainLogin = "******", //_user.DomainLogin.Trim(),
UserName = "******", //_user.DomainLogin.Trim(),
EmailAddress = "*****@*****.**", //_user.EmailAddress.Trim(),
DepartmentDescription = "some dp des", //_user.DepartmentDescr,
DepartmentId = 33, //_user.DepartmentID,
IsActive = true, //_user.boolIsActive,
Role = "user", //_user.AppRole
})));
ClaimsIdentity cookiesIdentity = await sqlUser.GenerateUserIdentityAsync(sqlUserManager, CookieAuthenticationDefaults.AuthenticationType);
AuthenticationProperties properties = CreateProperties(sqlUser);
AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, properties);
ticket.Properties.AllowRefresh = true;
context.Validated(ticket);
context.Request.Context.Authentication.SignIn(cookiesIdentity);
//TODO: Document this
/*http://stackoverflow.com/questions/21971190/asp-net-web-api-2-owin-authentication-unsuported-grant-type/21979279#21979279
*********************************
* it wasn't enough adding config.EnableCors(new EnableCorsAttribute("*", "*", "*")); to WebApiConfig.cs
* or the controllers. example:
* [EnableCors(origins: "*", headers: "*", methods: "*")]
* public class ValuesController : ApiController
*/
var principal = new ClaimsPrincipal(new[] { oAuthIdentity });
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });
logService.LogMessage(new
{
type = "claimsGenerated",
endpoint = context.Request.Uri,
userName = context.UserName,
data = new
{
orgUsers = principal.GetClaim <SimpleRoleClaim>("projectRequestRole"),
}
});
}
