public bool IsValid(string appName, string username, string password, out UserValidationError userValidationError, out string customError, out bool hasCustomValidation, out bool customValid)
{
return(new DuradosAuthorizationHelper().IsValid(appName, username, password, out userValidationError, out customError, out hasCustomValidation, out customValid));
}
// public override async Task GrantRefreshToken(
//OAuthGrantRefreshTokenContext context)
// {
// var originalClient = context.Ticket.Properties.Dictionary["as:client_id"];
// var currentClient = context.OwinContext.Get<string>("as:client_id");
// // enforce client binding of refresh token
// if (originalClient != currentClient)
// {
// context.Rejected();
// return;
// }
// // chance to change authentication ticket for refresh token requests
// var newId = new ClaimsIdentity(context.Ticket.Identity);
// newId.AddClaim(new Claim("newClaim", "refreshToken"));
// var newTicket = new Microsoft.Owin.Security.AuthenticationTicket(newId, context.Ticket.Properties);
// context.Validated(newTicket);
// }
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });
if (System.Web.HttpContext.Current.Request.Form["username"] == null && System.Web.HttpContext.Current.Request.Form["userid"] != null)
{
ValidateById(context);
return;
}
else if (System.Web.HttpContext.Current.Request.Form["username"] == null && System.Web.HttpContext.Current.Request.Form["accessToken"] != null)
{
ValidateByOneTimeAccessToken(context);
return;
}
else if (System.Web.HttpContext.Current.Request.Form["refreshToken"] != null)
{
if (System.Web.HttpContext.Current.Request.Form["username"] == null)
{
throw new DuradosException("username is missing.");
}
if (System.Web.HttpContext.Current.Request.Form[Database.AppName] == null)
{
throw new DuradosException(Database.AppName + " is missing.");
}
if (!System.Web.HttpContext.Current.Items.Contains(Database.AppName))
{
System.Web.HttpContext.Current.Items.Add(Database.AppName, System.Web.HttpContext.Current.Request.Form[Database.AppName]);
}
if (!System.Web.HttpContext.Current.Items.Contains(Database.Username))
{
System.Web.HttpContext.Current.Items.Add(Database.Username, System.Web.HttpContext.Current.Request.Form["username"]);
}
ValidateByRefreshToken(context, System.Web.HttpContext.Current.Request.Form["username"], System.Web.HttpContext.Current.Request.Form[Database.AppName], System.Web.HttpContext.Current.Request.Form["refreshToken"]);
return;
}
string appname = null;
appname = System.Web.HttpContext.Current.Request.Form[Database.AppName];
if (SharedMemorySingeltone.Instance.Contains(appname, Durados.Data.SharedMemoryKey.DebugMode))
{
System.Web.HttpContext.Current.Items[Durados.Workflow.JavaScript.Debug] = true;
}
if (string.IsNullOrEmpty(appname))
{
context.SetError(UserValidationErrorMessages.InvalidGrant, UserValidationErrorMessages.AppNameNotSupplied);
return;
}
if (!IsAppExists(appname))
{
context.SetError(UserValidationErrorMessages.InvalidGrant, string.Format(UserValidationErrorMessages.AppNameNotExists, appname));
return;
}
System.Collections.Specialized.NameValueCollection form = GetFixedForm();
string username = context.UserName;
try
{
username = form["username"];
}
catch { }
string password = context.Password;
try
{
password = form["password"];
}
catch { }
if (!Durados.Web.Mvc.Maps.IsDevUser(username) && IsAppLocked(appname))
{
context.SetError(UserValidationErrorMessages.InvalidGrant, string.Format(UserValidationErrorMessages.AppLocked, appname));
return;
}
if (!System.Web.HttpContext.Current.Items.Contains(Database.AppName))
{
System.Web.HttpContext.Current.Items.Add(Database.AppName, appname);
}
if (!System.Web.HttpContext.Current.Items.Contains(Database.Username))
{
System.Web.HttpContext.Current.Items.Add(Database.Username, username);
}
Durados.Web.Mvc.Maps.Instance.DuradosMap.Logger.Log("auth-start", appname, username, null, 3, string.Empty);
if (Durados.Web.Mvc.Maps.Instance.AppInCach(appname))
{
Durados.Web.Mvc.Maps.Instance.GetMap(appname).Logger.Log("auth-start", appname, username, null, 3, string.Empty);
}
UserValidationError userValidationError = UserValidationError.Valid;
string customError = null;
bool hasCustomValidation = false;
bool customValid = false;
try
{
if (!IsValid(appname, username, password, out userValidationError, out customError, out hasCustomValidation, out customValid))
{
Durados.Web.Mvc.Controllers.AccountMembershipService accountMembershipService = new Durados.Web.Mvc.Controllers.AccountMembershipService();
string message = UserValidationErrorMessages.Unknown;
switch (userValidationError)
{
case UserValidationError.IncorrectUsernameOrPassword:
message = UserValidationErrorMessages.IncorrectUsernameOrPassword;
break;
case UserValidationError.LockedOut:
message = UserValidationErrorMessages.LockedOut;
break;
case UserValidationError.NotApproved:
message = UserValidationErrorMessages.NotApproved;
break;
case UserValidationError.NotRegistered:
message = UserValidationErrorMessages.NotRegistered;
break;
case UserValidationError.UserDoesNotBelongToApp:
message = UserValidationErrorMessages.UserDoesNotBelongToApp;
break;
case UserValidationError.Custom:
if (customError != null)
{
message = customError;
}
else
{
message = UserValidationErrorMessages.Unknown;
}
break;
default:
message = UserValidationErrorMessages.Unknown;
break;
}
context.SetError(UserValidationErrorMessages.InvalidGrant, message);
Durados.Web.Mvc.Maps.Instance.DuradosMap.Logger.Log("auth-end-failure", appname, username, null, 3, message);
if (Durados.Web.Mvc.Maps.Instance.AppInCach(appname))
{
Durados.Web.Mvc.Maps.Instance.GetMap(appname).Logger.Log("auth-start", appname, username, null, 3, message);
}
return;
}
}
catch (System.Exception exception)
{
context.SetError(UserValidationErrorMessages.InvalidGrant, exception.Message);
Durados.Web.Mvc.Maps.Instance.DuradosMap.Logger.Log("auth-end-failure", appname, username, null, 1, exception.Message);
if (Durados.Web.Mvc.Maps.Instance.AppInCach(appname))
{
Durados.Web.Mvc.Maps.Instance.GetMap(appname).Logger.Log("auth-end-failure", appname, username, null, 1, exception.Message);
}
return;
}
Durados.Web.Mvc.Map map = Durados.Web.Mvc.Maps.Instance.GetMap(appname);
Durados.Web.Mvc.Controllers.AccountMembershipService account = new Durados.Web.Mvc.Controllers.AccountMembershipService();
if (!hasCustomValidation || !customValid)
{
if (map.Database.SecureLevel == SecureLevel.AllUsers)
{
try
{
if (!(account.AuthenticateUser(map, username, password)))
{
context.SetError(UserValidationErrorMessages.InvalidGrant, UserValidationErrorMessages.IncorrectUsernameOrPassword);
Durados.Web.Mvc.Maps.Instance.DuradosMap.Logger.Log("auth-end-failure", appname, username, null, 3, UserValidationErrorMessages.IncorrectUsernameOrPassword);
if (Durados.Web.Mvc.Maps.Instance.AppInCach(appname))
{
Durados.Web.Mvc.Maps.Instance.GetMap(appname).Logger.Log("auth-end-failure", appname, username, null, 3, UserValidationErrorMessages.IncorrectUsernameOrPassword);
}
return;
}
else if (!(account.IsApproved(username)))
{
if (map.HasAuthApp && account.IsApproved(username, map.AuthAppName))
{
userController uc = new userController();
var userRow = map.GetAuthAppMap().Database.GetUserRow(username);
var signUpResults = uc.SignUp(appname, null, null, true, GetFirstName(userRow), username, GetLastName(userRow), password, password, new Dictionary <string, object>());
}
else
{
context.SetError(UserValidationErrorMessages.InvalidGrant, UserValidationErrorMessages.NotApproved);
Durados.Web.Mvc.Maps.Instance.DuradosMap.Logger.Log("auth-end-failure", appname, username, null, 3, UserValidationErrorMessages.NotApproved);
if (Durados.Web.Mvc.Maps.Instance.AppInCach(appname))
{
Durados.Web.Mvc.Maps.Instance.GetMap(appname).Logger.Log("auth-end-failure", appname, username, null, 3, UserValidationErrorMessages.NotApproved);
}
return;
}
}
}
catch (System.Exception exception)
{
context.SetError(UserValidationErrorMessages.Unknown, exception.Message);
return;
}
}
}
if (!string.IsNullOrEmpty(map.Database.LogOnUrlAuth) && !new DuradosAuthorizationHelper().ValidateLogOnAuthUrl(map, System.Web.HttpContext.Current.Request.Form))
{
string message = "External authentication failer";
context.SetError(UserValidationErrorMessages.InvalidGrant, message);
Durados.Web.Mvc.Maps.Instance.DuradosMap.Logger.Log("auth-end-failure", appname, username, null, 3, message);
if (Durados.Web.Mvc.Maps.Instance.AppInCach(appname))
{
Durados.Web.Mvc.Maps.Instance.GetMap(appname).Logger.Log("auth-end-failure", appname, username, null, 3, message);
}
return;
}
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
identity.AddClaim(new Claim(Database.Username, username));
identity.AddClaim(new Claim(Database.AppName, appname));
// create metadata to pass on to refresh token provider
//var props = new Microsoft.Owin.Security.AuthenticationProperties(new Dictionary<string, string>
//{
// { "as:client_id", context.ClientId }
//});
//var ticket = new Microsoft.Owin.Security.AuthenticationTicket(identity, props);
//context.Validated(ticket);
context.Validated(identity);
Durados.Web.Mvc.Maps.Instance.DuradosMap.Logger.Log("auth-end", appname, username, null, 3, string.Empty);
if (Durados.Web.Mvc.Maps.Instance.AppInCach(appname))
{
Durados.Web.Mvc.Maps.Instance.GetMap(appname).Logger.Log("auth-end", appname, username, null, 3, string.Empty);
}
}
