public static void AddToResponse(SiteMinderAuthenticationToken token, HttpResponse res) { res.Cookies.Append(SM_TOKEN_NAME, token.ToString().Base64Encode(), new CookieOptions { SameSite = SameSiteMode.Strict, Expires = DateTimeOffset.Now.AddSeconds(30), HttpOnly = true }); }
private static ClaimsPrincipal CreatePrincipalFor(SiteMinderAuthenticationToken smAuthToken) { var claims = new List <Claim> { new Claim(ClaimTypes.Sid, smAuthToken.smgov_userguid), new Claim(ClaimTypes.Upn, smAuthToken.sm_universalid), new Claim(SiteMinderClaimTypes.NAME, smAuthToken.smgov_userdisplayname), new Claim(SiteMinderClaimTypes.GIVEN_NAME, smAuthToken.smgov_givenname), new Claim(SiteMinderClaimTypes.SURNAME, smAuthToken.smgov_sn), new Claim(SiteMinderClaimTypes.DEPARTMENT, smAuthToken.smgov_department), new Claim(SiteMinderClaimTypes.COMPANY, smAuthToken.smgov_company), new Claim(SiteMinderClaimTypes.EMAIL, smAuthToken.smgov_email), }; return(new ClaimsPrincipal(new ClaimsIdentity(claims, SiteMinderAuthOptions.Scheme))); }
protected override async Task <AuthenticateResult> HandleAuthenticateAsync() { var smAuthToken = SiteMinderAuthenticationToken.CreateFromFwdHeaders(Request); if (!_environment.IsProduction() && smAuthToken.IsAnonymous()) { smAuthToken = SiteMinderAuthenticationToken.CreateForDev(Request); Response.Cookies.Delete(SiteMinderAuthenticationToken.SM_TOKEN_NAME); } string claims = Context.Session.GetString("app.principal"); if (!string.IsNullOrEmpty(claims)) { var principal = claims.FromJwt(); _logger.LogInformation("Successfully authenticated user {User} from session with authentication token {@SmAuthToken}", principal.Identity.Name, smAuthToken); return(AuthenticateResult.Success(new AuthenticationTicket(principal, SiteMinderAuthOptions.Scheme))); } if (smAuthToken.IsAnonymous()) { _logger.LogInformation("Did not authenticate anonymous user with authentication token {@SmAuthToken}", smAuthToken); return(AuthenticateResult.NoResult()); } try { var principal = CreatePrincipalFor(smAuthToken); Context.Session.SetString("app.principal", principal.ToJwt()); _logger.LogInformation("Successfully authenticated user {User} with authentication token {@SmAuthToken}", principal.Identity.Name, smAuthToken); return(AuthenticateResult.Success(new AuthenticationTicket(principal, SiteMinderAuthOptions.Scheme))); } catch (ApplicationException e) { _logger.LogError(e, "Failed to authenticate user with authentication token {@SmAuthToken}", smAuthToken); return(AuthenticateResult.Fail(e.Message)); } }