public SessionInfo CreateIdentity(string ParentLRI, string ParentUser, string ParentPINHash, string username, string passwordhash, string ChildPinHash, string SessionKey)
{
SessionInfo sessinfo = new SessionInfo();
//create temporary user w/ key (reserve userid)
string ReservationKey = Guid.NewGuid().ToString();
IDRequestInfo info = UserManager.ReserveGUID(ReservationKey);
string UserLRI = UserManager.DomainLRI + "/~users/" + info.GUID;
string UserID = info.GUID;
//generate child key
string ChildKey = Guid.NewGuid().ToString();
FDebugLog.WriteLog("CreateIdentity Requested: ParentDomain-" + ParentLRI + " ParentUser-" + ParentUser + " username-" + username );
if (ParentLRI != null && ParentLRI != "")
{
//construct parentLRI
FDebugLog.WriteLog("Create ID From Parent: " + ParentLRI + "("+ParentUser+")");
LRI ParentLRIParsed = new LRI(ParentLRI);
//get parent userid from parent domain
string parentUserID = RetrieveUserParentAuth(ParentLRIParsed, ParentUser, ParentPINHash, ChildKey, SessionKey, UserLRI);
if (parentUserID != "")
{
FDebugLog.WriteLog("Parent Located");
//CreateChildIdentity
bool addSucceed = UserManager.AddChildIdentity(ParentLRIParsed.LRIString, username, UserLRI, passwordhash, ChildPinHash, ChildKey, info);
//login user
sessinfo = LoginID(UserLRI, passwordhash, SessionKey);
}
else
{
FDebugLog.WriteLog("Parent not found");
sessinfo.Error = true;
sessinfo.ErrorType = SESSION_ERROR.INVALID_PARENT_CREDENTIALS;
}
}
else
{
FDebugLog.WriteLog("No Parent: Creating CORE User.");
//CreateChildIdentity
bool addSucceed = UserManager.AddIdentity(username, UserLRI, passwordhash, ChildPinHash, ChildKey, info);
//login user
sessinfo = LoginID(UserLRI, passwordhash);
}
return sessinfo;
}
public SessionInfo NewSession(LIdentity ID)
{
Random rnd = new Random();
SessionInfo info = new SessionInfo();
info.Identity = ID;
info.Created = DateTime.Now;
info.Expires = DateTime.Now.AddHours(1);
string sessionkey = Guid.NewGuid().ToString();
while(Sessions.ContainsKey(sessionkey))
sessionkey = Guid.NewGuid().ToString();
info.SessionKey = sessionkey;
Sessions[info.SessionKey] = info;
SaveSession(info.SessionKey);
FDebugLog.WriteLog("New Session : " + ID.UserLRI + " ("+sessionkey+")");
return info;
}
//private GetParentUserID(string ParentDomain, string ParentUsername, )
//{
//}
//returns session info
public SessionInfo LoginID(string UserLRI, string passwordhash, string ParentSessionKey="", bool LoginChildren = false)
{
SessionInfo info = new SessionInfo();
bool parentLoggedIn = false;
ILIdentityProvider client = null;
//validate user credentials
FDebugLog.WriteLog("Login Request: " + UserLRI);
if (UserManager.VerifyLocalUserAccount(passwordhash, new LRI(UserLRI)))
{
UserInfo uinfo = UserManager.Identities[UserLRI];
if (uinfo.Identity.ParentBaseLRI == "~LCHARMS-CORE~")
{
FDebugLog.WriteLog("Parent Login Skipped - CORE account");
parentLoggedIn = true;
}
else
{
//uinfo.Identity.ParentDomainLRI
//validate parent ID is logged in
FDebugLog.WriteLog("Checking Parent Login: "******"Checking URI: " + new LRI(uinfo.Identity.ParentBaseLRI).BaseURI);
var myBinding = new BasicHttpBinding();
//var myIdent = new DnsEndpointIdentity(new LRI(uinfo.Identity.ParentBaseLRI).URIDomain);
var myEndpoint = new EndpointAddress(new Uri("http://" + new LRI(uinfo.Identity.ParentBaseLRI).BaseURI));//,
//EndpointIdentity.CreateDnsIdentity(new LRI(uinfo.Identity.ParentBaseLRI).URIDomain));
var myChannelFactory = new ChannelFactory<ILIdentityProvider>(myBinding, myEndpoint);
try
{
FDebugLog.WriteLog("CHECKING..." + uinfo.Identity.ParentBaseLRI + "/~users/" + uinfo.Identity.ParentUserID);
client = myChannelFactory.CreateChannel();
parentLoggedIn = client.ValidateParentSession(uinfo.Identity.ParentBaseLRI + "/~users/" + uinfo.Identity.ParentUserID, ParentSessionKey);
((ICommunicationObject)client).Close();
}
catch (Exception ex)
{
FDebugLog.WriteLog("Parent Login Check Failed" + ex.ToString());
if (client != null)
{
FDebugLog.WriteLog("Checked URI:" + myEndpoint.Uri);
((ICommunicationObject)client).Abort();
}
}
}
if (parentLoggedIn)
{
FDebugLog.WriteLog("Parent Logged In - Authenticating user...");
//login user
//generate session key
info = SessManager.NewSession(uinfo.Identity);
info.Identity.KeyForParent = "";
//login children
if (uinfo.Children.Count > 0)
{
FDebugLog.WriteLog("Logging In Children...");
foreach (KeyValuePair<string, ChildIdentity> child in uinfo.Children)
{
var childBinding = new BasicHttpBinding();
var childEndpoint = new EndpointAddress("http://" + new LRI(child.Value.ChildLRI).BaseURI);
var childChannelFactory = new ChannelFactory<ILIdentityProvider>(childBinding, childEndpoint);
try
{
client = childChannelFactory.CreateChannel();
client.LoginChild(uinfo.Identity.ParentUserID, child.Value.ChildLRI, info.Identity.KeyForParent, info.SessionKey, true);//need a version of this that allows the childpin to be used!
((ICommunicationObject)client).Close();
}
catch
{
if (client != null)
{
((ICommunicationObject)client).Abort();
}
}
}
}
}
else
{
FDebugLog.WriteLog("Parent Not Logged In");
info.Error = true;
info.ErrorType = SESSION_ERROR.PARENT_NOT_LOGGED_IN;
}
}
else
{
FDebugLog.WriteLog("Invalid Credentials - Rejecting Login");
info.Error = true;
info.ErrorType = SESSION_ERROR.INVALID_CREDENTIALS;
}
return info;
}
public bool LoginChild(string ParentLRI, string ChildUserLRI, string KeyFromChild, string ParentSessionKey, bool LoginChildren = true)
{
//login this account
FDebugLog.WriteLog("Child Login Request: \n parent-" + ParentLRI + " \n child-" + ChildUserLRI + "(" + KeyFromChild + ")");
SessionInfo info = new SessionInfo();
//validate user credentials
if (UserManager.VerifyChildUserAccount(KeyFromChild, new LRI(ChildUserLRI)))
{
FDebugLog.WriteLog("Checking Parent Login(child): " + ParentLRI);
UserInfo uinfo = UserManager.Identities[ChildUserLRI];
//validate parent ID is logged in
var myBinding = new BasicHttpBinding();
var myEndpoint = new EndpointAddress("http://" + new LRI(uinfo.Identity.ParentBaseLRI).BaseURI);
var myChannelFactory = new ChannelFactory<ILIdentityProvider>(myBinding, myEndpoint);
ILIdentityProvider client = null;
bool parentLoggedIn = false;
try
{
client = myChannelFactory.CreateChannel();
parentLoggedIn = client.ValidateParentSession(uinfo.Identity.ParentUserID, ParentSessionKey);
((ICommunicationObject)client).Close();
}
catch
{
if (client != null)
{
((ICommunicationObject)client).Abort();
}
}
if (parentLoggedIn)
{
FDebugLog.WriteLog("Parent Logged In(child) - Authenticating user...");
//login user
//generate session key
info = SessManager.NewSession(uinfo.Identity);
info.Identity.KeyForParent = "";
//login all known children for this account
if (uinfo.Children.Count > 0)
{
foreach (KeyValuePair<string, ChildIdentity> child in uinfo.Children)
{
var childBinding = new BasicHttpBinding();
var childEndpoint = new EndpointAddress("http://" + new LRI(child.Value.ChildLRI).BaseURI);
var childChannelFactory = new ChannelFactory<ILIdentityProvider>(childBinding, childEndpoint);
try
{
client = childChannelFactory.CreateChannel();
client.LoginChild(uinfo.Identity.ParentUserID, child.Value.ChildLRI, child.Value.ChildGeneratedKey, info.SessionKey, true);//need a version of this that allows the childpin to be used!
((ICommunicationObject)client).Close();
}
catch
{
if (client != null)
{
((ICommunicationObject)client).Abort();
}
}
}
}
}
}
return true;
}
