public async Task <IHttpActionResult> PostToken(Guid accountProductId, bool setAsDefault = false)
{
return(await CurrentAccountExecuteAsync(async delegate(Account user)
{
if (!user.IsActivated && !user.IsAnonymous)
{
return AccountNotActivated();
}
AuthenticationTicket ticket;
var sessionId = UserManagerHelper.Session(Request, out ticket);
var sessions = await _auth.SessionTokensGetAsync(user.Id);
var sessionToken = sessions.FirstOrDefault(e => e.Id == sessionId);
if (object.Equals(sessionToken, null))
{
return AccountUnauthorized();
}
var products = await _authProduct.AccountProductsGetAsync(sessionToken.AccountId, sessionToken.SystemId);
var scopeWorker = SaaSScopeWorkerFactory.Create(sessionToken.Scope);
scopeWorker.FilterProducts(products, sessionToken);
var product = products.FirstOrDefault(e => e.AccountProductId == accountProductId && !e.IsDisabled);
return await PostToken(products, product, sessions, sessionToken, user, ticket);
}));
}
internal async Task <IHttpActionResult> PostToken(List <ViewAccountProduct> products, ViewAccountProduct product,
List <SessionToken> sessions, SessionToken session,
Account user, AuthenticationTicket ticket)
{
if (object.Equals(product, null))
{
return(ProductNotFound());
}
var scopeWorker = SaaSScopeWorkerFactory.Create(session.Scope, _auth, _authProduct);
if (!scopeWorker.ValidateSessionTokenAsync(user, sessions, session, product))
{
return(ErrorContent("invalid_grant", "You are logged into too many devices.", HttpStatusCode.Conflict));
}
if (!await scopeWorker.ValidateAccountSystemAsync(user, session, product))
{
return(ErrorContent("invalid_grant", "Your license is currently associated with another device.", HttpStatusCode.Conflict));
}
var modules = UserManagerHelper.GetAllowedModules(products, product.AccountProductId, ticket.Identity);
var activeProducts = UserManagerHelper.GetActiveProducts(products, modules, product.AccountProductId);
var moduleFeatures = AccountController.GetModuleFeatures(product, modules);
var client = GetClient(session.ClientId);
var oldId = OauthManager.UpdateTicket(user, session, ticket, product, client);
await _auth.SessionTokenInsertAsync(session, oldId, false, product.IsPPC);
return(Ok(OauthManager.ReleaseToken(session, ticket, modules, moduleFeatures, activeProducts, user)));
}
public async Task <IHttpActionResult> PostToken()
{
return(await CurrentAccountExecuteAsync(async delegate(Account user)
{
AuthenticationTicket ticket;
var sessionId = UserManagerHelper.Session(Request, out ticket);
var sessions = await _auth.SessionTokensGetAsync(user.Id);
var sessionToken = sessions.FirstOrDefault(e => e.Id == sessionId);
if (object.Equals(sessionToken, null))
{
return AccountUnauthorized();
}
var products = await _authProduct.AccountProductsGetAsync(sessionToken.AccountId, sessionToken.SystemId);
var scopeWorker = SaaSScopeWorkerFactory.Create(sessionToken.Scope);
scopeWorker.FilterProducts(products, sessionToken);
var offeringProducts = products.Where(e => !e.IsDisabled && !e.IsMinor && !e.IsPPC);
var product = offeringProducts.FirstOrDefault(e => !e.IsFree) ??
offeringProducts.FirstOrDefault();
return await PostToken(products, product, sessions, sessionToken, user, ticket);
}));
}
private async Task <SessionTokenProducts> GetSessionTokenProducts()
{
AuthenticationTicket ticket;
var session = UserManagerHelper.Session(Request, out ticket);
var sessionToken = await _auth.SessionTokenGetAsync(session);
if (object.Equals(sessionToken, null))
{
return(new SessionTokenProducts());
}
var products = await _authProduct.AccountProductsGetAsync(sessionToken.AccountId, sessionToken.SystemId);
var scopeWorker = SaaSScopeWorkerFactory.Create(sessionToken.Scope);
scopeWorker.FilterProducts(products, sessionToken);
return(new SessionTokenProducts(sessionToken, products));
}
public async Task <IHttpActionResult> RegisterAnonymous(RegisterAnonymousViewModel model, Guid?visitorId = null)
{
try
{
var account = await _auth.AccountAnonymousCreateAsync(model.Password);
if (object.Equals(account, null))
{
return(AccountNotFound());
}
var client = GetClient(model.client_id);
if (object.Equals(client, null))
{
return(ClientNotFound());
}
var identity = new ClaimsIdentity(Startup.OAuthBearerOptions.AuthenticationType);
var session = Guid.NewGuid();
var properties = new Dictionary <string, string>
{
{ "session", session.ToString("N") }
};
identity.AddClaim(ClaimTypes.NameIdentifier, account.Id);
identity.AddClaim(ClaimTypes.Name, account.Email);
identity.AddClaims(account, client);
var ticket = new AuthenticationTicket(identity, new AuthenticationProperties(properties));
var issued = DateTime.UtcNow;
var expires = issued.Add(Startup.OAuthServerOptions.AccessTokenExpireTimeSpan);
var token = new SessionToken
{
Id = session,
AccountId = account.Id,
ClientId = client.Id,
ClientVersion = model.client_version,
IssuedUtc = issued,
ExpiresUtc = expires
};
ticket.Properties.IssuedUtc = issued;
ticket.Properties.ExpiresUtc = expires;
token.ProtectedTicket = Startup.OAuthServerOptions.AccessTokenFormat.Protect(ticket);
var scopeWorker = SaaSScopeWorkerFactory.Create("webeditor", _auth, _authProduct);
await scopeWorker.SessionTokenInsertAsync(token, null);
await _auth.AccountVisitorIdSetAsync(account, visitorId);
return(Ok(new
{
access_token = token.ProtectedTicket,
token_type = ticket.Identity.AuthenticationType,
expires_in = (int)(ticket.Properties.ExpiresUtc - ticket.Properties.IssuedUtc).Value.TotalSeconds,
refresh_token = token.Id.ToString("N"),
issued = ticket.Properties.IssuedUtc,
expires = ticket.Properties.ExpiresUtc,
email = account.Email,
firstName = account.FirstName,
lastName = account.LastName,
status = account.GetStatus()
}));
}
catch (Exception exc) { return(Request.HttpExceptionResult(exc)); }
}
