/// <summary> /// Creates <see cref="KlusterKite.Security.Attributes.AuthenticationResult"/> from user data /// </summary> /// <param name="user">The user</param> /// <returns>The <see cref="KlusterKite.Security.Attributes.AuthenticationResult"/></returns> private AuthenticationResult CreateUserAuthenticationResult(User user) { // ReSharper disable ArrangeRedundantParentheses if (user.IsDeleted || user.IsBlocked || (user.ActiveTill.HasValue && user.ActiveTill.Value < this.system.Scheduler.Now) || (user.BlockedTill.HasValue && user.BlockedTill.Value > this.system.Scheduler.Now)) { return(null); } // ReSharper restore ArrangeRedundantParentheses // todo: move expiring time-span to config var accessTicket = new AccessTicket( user.GetDescription(), user.GetScope(), this.ClientId, this.Type, this.OwnScope, this.system.Scheduler.Now, this.system.Scheduler.Now.AddMinutes(30), null); var refreshTicket = new RefreshTicket( user.Uid.ToString("N"), this.ClientId, this.Type, this.system.Scheduler.Now, this.system.Scheduler.Now.AddDays(1)); return(new AuthenticationResult(accessTicket, refreshTicket)); }
/// <inheritdoc /> public Task <string> CreateAccessToken(AccessTicket session) { var tokenUid = Guid.NewGuid(); var token = tokenUid.ToString("N"); var data = session.SerializeToAkka(this.system); using (var connection = ConnectionMultiplexer.Connect(this.redisConnectionString)) { var db = connection.GetDatabase(this.redisDb); var result = db.StringSet( this.GetRedisAccessKey(token), data, session.Expiring.HasValue ? (TimeSpan?)(session.Expiring.Value - DateTimeOffset.Now) : null); if (result) { return(Task.FromResult(token)); } var exception = new Exception("Session data server is unavailable"); this.system.Log.Error(exception, "{Type}: Session data server is unavailable", this.GetType().Name); throw exception; } }
/// <summary> /// Sets the client authenticated session /// </summary> /// <returns>The user token</returns> private async Task <string> SetClientSession() { var session = new AccessTicket( null, null, "testClient-2", "testClientType", new[] { "Client1-2", "Client2-2" }, DateTimeOffset.Now, DateTimeOffset.Now.AddMinutes(1), "hello world"); return(await this.Container.Resolve <ITokenManager>().CreateAccessToken(session)); }
/// <summary> /// Sets the user authenticated session /// </summary> /// <returns>The user token</returns> private async Task <string> SetUserSession() { var session = new AccessTicket( new User { UserId = "testUser" }, new[] { "User1", "User.AuthorizedUserExactAction" }, "testClient", "testClientType", new[] { "Client1", "Client2", "Client.AuthorizedUserExactAction" }, DateTimeOffset.Now, DateTimeOffset.Now.AddMinutes(1), "hello world"); return(await this.Container.Resolve <ITokenManager>().CreateAccessToken(session)); }
private void CheckAccessTicket(AccessTicketCheckPhase phase) { if (this.Enabled && IsCheckPhaseMatched(phase)) { PageRenderMode renderMode = Request.GetRequestPageRenderMode(); if (renderMode == null || renderMode.UseNewPage == false) { Uri matchedUrl = null; if (this.CheckUrl) { matchedUrl = this.Page.Request.Url; } AccessTicketCheckEventArgs eventArgs = null; try { AccessTicket ticket = AccessTicketManager.CheckAccessTicket(matchedUrl, this.UrlCheckParts, this.Timeout); eventArgs = new AccessTicketCheckEventArgs(ticket, true, string.Empty); } catch (AccessTicketCheckException ex) { AccessTicket ticket = AccessTicketManager.GetAccessTicket(); eventArgs = new AccessTicketCheckEventArgs(ticket, false, ex.Message); } OnTicketChecking(eventArgs); if (eventArgs.IsValid == false) { throw new AccessTicketCheckException(eventArgs.ErrorMessage); } } } }
/// <summary> /// Creates the authentication result /// </summary> /// <param name="userName">The user name</param> /// <returns>The authentication result</returns> private AuthenticationResult CreateAuthenticationResult(string userName) { var accessTicket = new AccessTicket( new User { UserId = userName }, new[] { "User" }, this.ClientId, this.Type, this.OwnScope, DateTimeOffset.Now, DateTimeOffset.Now.AddSeconds(60), null); var refreshTicket = new RefreshTicket( userName, this.ClientId, this.Type, DateTimeOffset.Now, DateTimeOffset.Now.AddSeconds(60)); var authenticationResult = new AuthenticationResult(accessTicket, refreshTicket); return(authenticationResult); }
internal AccessTicketCheckEventArgs(AccessTicket ticket, bool isValid, string errorMessage) { this.Ticket = ticket; this.IsValid = isValid; this.ErrorMessage = errorMessage; }