/// <summary>
/// Creates <see cref="KlusterKite.Security.Attributes.AuthenticationResult"/> from user data
/// </summary>
/// <param name="user">The user</param>
/// <returns>The <see cref="KlusterKite.Security.Attributes.AuthenticationResult"/></returns>
private AuthenticationResult CreateUserAuthenticationResult(User user)
{
// ReSharper disable ArrangeRedundantParentheses
if (user.IsDeleted || user.IsBlocked ||
(user.ActiveTill.HasValue && user.ActiveTill.Value < this.system.Scheduler.Now) ||
(user.BlockedTill.HasValue && user.BlockedTill.Value > this.system.Scheduler.Now))
{
return(null);
}
// ReSharper restore ArrangeRedundantParentheses
// todo: move expiring time-span to config
var accessTicket = new AccessTicket(
user.GetDescription(),
user.GetScope(),
this.ClientId,
this.Type,
this.OwnScope,
this.system.Scheduler.Now,
this.system.Scheduler.Now.AddMinutes(30),
null);
var refreshTicket = new RefreshTicket(
user.Uid.ToString("N"),
this.ClientId,
this.Type,
this.system.Scheduler.Now,
this.system.Scheduler.Now.AddDays(1));
return(new AuthenticationResult(accessTicket, refreshTicket));
}
/// <inheritdoc />
public Task <string> CreateAccessToken(AccessTicket session)
{
var tokenUid = Guid.NewGuid();
var token = tokenUid.ToString("N");
var data = session.SerializeToAkka(this.system);
using (var connection = ConnectionMultiplexer.Connect(this.redisConnectionString))
{
var db = connection.GetDatabase(this.redisDb);
var result = db.StringSet(
this.GetRedisAccessKey(token),
data,
session.Expiring.HasValue ? (TimeSpan?)(session.Expiring.Value - DateTimeOffset.Now) : null);
if (result)
{
return(Task.FromResult(token));
}
var exception = new Exception("Session data server is unavailable");
this.system.Log.Error(exception, "{Type}: Session data server is unavailable", this.GetType().Name);
throw exception;
}
}
/// <summary>
/// Sets the client authenticated session
/// </summary>
/// <returns>The user token</returns>
private async Task <string> SetClientSession()
{
var session = new AccessTicket(
null,
null,
"testClient-2",
"testClientType",
new[] { "Client1-2", "Client2-2" },
DateTimeOffset.Now,
DateTimeOffset.Now.AddMinutes(1),
"hello world");
return(await this.Container.Resolve <ITokenManager>().CreateAccessToken(session));
}
/// <summary>
/// Sets the user authenticated session
/// </summary>
/// <returns>The user token</returns>
private async Task <string> SetUserSession()
{
var session = new AccessTicket(
new User {
UserId = "testUser"
},
new[] { "User1", "User.AuthorizedUserExactAction" },
"testClient",
"testClientType",
new[] { "Client1", "Client2", "Client.AuthorizedUserExactAction" },
DateTimeOffset.Now,
DateTimeOffset.Now.AddMinutes(1),
"hello world");
return(await this.Container.Resolve <ITokenManager>().CreateAccessToken(session));
}
private void CheckAccessTicket(AccessTicketCheckPhase phase)
{
if (this.Enabled && IsCheckPhaseMatched(phase))
{
PageRenderMode renderMode = Request.GetRequestPageRenderMode();
if (renderMode == null || renderMode.UseNewPage == false)
{
Uri matchedUrl = null;
if (this.CheckUrl)
{
matchedUrl = this.Page.Request.Url;
}
AccessTicketCheckEventArgs eventArgs = null;
try
{
AccessTicket ticket = AccessTicketManager.CheckAccessTicket(matchedUrl, this.UrlCheckParts, this.Timeout);
eventArgs = new AccessTicketCheckEventArgs(ticket, true, string.Empty);
}
catch (AccessTicketCheckException ex)
{
AccessTicket ticket = AccessTicketManager.GetAccessTicket();
eventArgs = new AccessTicketCheckEventArgs(ticket, false, ex.Message);
}
OnTicketChecking(eventArgs);
if (eventArgs.IsValid == false)
{
throw new AccessTicketCheckException(eventArgs.ErrorMessage);
}
}
}
}
/// <summary>
/// Creates the authentication result
/// </summary>
/// <param name="userName">The user name</param>
/// <returns>The authentication result</returns>
private AuthenticationResult CreateAuthenticationResult(string userName)
{
var accessTicket = new AccessTicket(
new User {
UserId = userName
},
new[] { "User" },
this.ClientId,
this.Type,
this.OwnScope,
DateTimeOffset.Now,
DateTimeOffset.Now.AddSeconds(60),
null);
var refreshTicket = new RefreshTicket(
userName,
this.ClientId,
this.Type,
DateTimeOffset.Now,
DateTimeOffset.Now.AddSeconds(60));
var authenticationResult = new AuthenticationResult(accessTicket, refreshTicket);
return(authenticationResult);
}
internal AccessTicketCheckEventArgs(AccessTicket ticket, bool isValid, string errorMessage)
{
this.Ticket = ticket;
this.IsValid = isValid;
this.ErrorMessage = errorMessage;
}
