public UserContext(string tenantId, string company, AuthenticationScheme authenticationScheme, string userName = null, string password = null)
{
TenantId = tenantId;
Company = company;
AuthenticationScheme = authenticationScheme;
UserName = userName;
Password = password;
}
public Task InitializeAsync(AuthenticationScheme scheme, HttpContext context)
{
HttpContext = context;
_scheme = scheme;
return(Task.CompletedTask);
}
public CookieReceivedContext(HttpContext context,
AuthenticationScheme scheme,
WordPressCookieAuthenticationOptions options) : base(context, scheme, options)
{
}
/// <summary>
/// Creates user's <see cref="AuthenticationTicket" /> from user's <see cref="IIdentity" /> and current <see cref="AuthenticationScheme" />
/// </summary>
public static AuthenticationTicket CreateTicket(IIdentity identity, AuthenticationScheme scheme) =>
new AuthenticationTicket(
new ClaimsPrincipal(identity),
new AuthenticationProperties(),
scheme.Name);
protected RestCaller(string serverUrl, AuthenticationScheme authenticationScheme = AuthenticationScheme.Jwt)
{
this.serverUrl = serverUrl;
this.authenticationScheme = authenticationScheme;
}
public RequiresAuthenticationAttribute(AuthenticationScheme scheme, bool isRequired)
{
Scheme = scheme;
IsRequired = isRequired;
}
public void RemoveCredentials(AuthenticationTarget target, AuthenticationScheme scheme)
{
try
{
if (job2 != null)// only supported from IBackgroundCopyJob2 and above
{
job2.RemoveCredentials((BG_AUTH_TARGET)target, (BG_AUTH_SCHEME)scheme);
}
}
catch (COMException exception)
{
manager.PublishException(this, exception);
}
}
internal static IntPtr GetAuthScheme (AuthenticationScheme scheme)
{
switch (scheme) {
case AuthenticationScheme.Default:
return IntPtr.Zero;
case AuthenticationScheme.Basic:
return _AuthenticationSchemeBasic.Handle;
case AuthenticationScheme.Negotiate:
return _AuthenticationSchemeNegotiate.Handle;
case AuthenticationScheme.NTLM:
return _AuthenticationSchemeNTLM.Handle;
case AuthenticationScheme.Digest:
return _AuthenticationSchemeDigest.Handle;
default:
throw new ArgumentException ();
}
}
/// <summary>
/// Initializes a new <see cref="T:Microsoft.AspNetCore.Authentication.OAuth.OAuthCreatingTicketContext" />.
/// </summary>
/// <param name="principal">The <see cref="T:System.Security.Claims.ClaimsPrincipal" />.</param>
/// <param name="properties">The <see cref="T:Microsoft.AspNetCore.Authentication.AuthenticationProperties" />.</param>
/// <param name="context">The HTTP environment.</param>
/// <param name="scheme">The authentication scheme.</param>
/// <param name="options">The options used by the authentication middleware.</param>
/// <param name="backchannel">The HTTP client used by the authentication middleware</param>
/// <param name="tokens">The tokens returned from the token endpoint.</param>
/// <param name="user">The JSON-serialized user.</param>
public EHealthOAuthCreatingTicketContext(ClaimsPrincipal principal, AuthenticationProperties properties, HttpContext context, AuthenticationScheme scheme, OAuthOptions options, HttpClient backchannel, EHealthOAuthTokenResponse tokens, JObject user)
: base(context, scheme, options)
{
TokenResponse = tokens ?? throw new ArgumentNullException(nameof(tokens));
Backchannel = backchannel ?? throw new ArgumentNullException(nameof(backchannel));
User = user ?? throw new ArgumentNullException(nameof(user));
Principal = principal;
Properties = properties;
}
/// <summary>
/// Initializes a new <see cref="T:Microsoft.AspNetCore.Authentication.OAuth.OAuthCreatingTicketContext" />.
/// </summary>
/// <param name="principal">The <see cref="T:System.Security.Claims.ClaimsPrincipal" />.</param>
/// <param name="properties">The <see cref="T:Microsoft.AspNetCore.Authentication.AuthenticationProperties" />.</param>
/// <param name="context">The HTTP environment.</param>
/// <param name="scheme">The authentication scheme.</param>
/// <param name="options">The options used by the authentication middleware.</param>
/// <param name="backchannel">The HTTP client used by the authentication middleware</param>
/// <param name="tokens">The tokens returned from the token endpoint.</param>
public EHealthOAuthCreatingTicketContext(ClaimsPrincipal principal, AuthenticationProperties properties, HttpContext context, AuthenticationScheme scheme, OAuthOptions options, HttpClient backchannel, EHealthOAuthTokenResponse tokens)
: this(principal, properties, context, scheme, options, backchannel, tokens, new JObject())
{
}
/// <summary>
/// Initializes a new instance of <see cref="RemoteSignOutContext"/>.
/// </summary>
/// <inheritdoc />
public RemoteSignOutContext(HttpContext context, AuthenticationScheme scheme, OpenIdConnectOptions options, OpenIdConnectMessage message)
: base(context, scheme, options, new AuthenticationProperties())
=> ProtocolMessage = message;
public async Task <AuthenticationTicket> ValidateTicket(HttpContext context, AuthenticationProperties properties, AuthenticationScheme scheme, CasOptions options, string ticket, string service)
{
var validateEndpoint = string.IsNullOrEmpty(options.CasValidationUrl) ? $"{options.CasServerUrlBase}/serviceValidate" : options.CasValidationUrl;
var validateUrl = $"{validateEndpoint}?service={service}&ticket={Uri.EscapeDataString(ticket)}";
var response = await options.Backchannel.GetAsync(validateUrl, context.RequestAborted);
response.EnsureSuccessStatusCode();
var responseBody = await response.Content.ReadAsStringAsync();
var doc = XDocument.Parse(responseBody);
XNamespace ns = string.IsNullOrEmpty(options.TicketNamespace) ? _ns : options.TicketNamespace;
var serviceResponse = doc.Element(ns + "serviceResponse");
var successNode = serviceResponse?.Element(ns + "authenticationSuccess");
var userNode = successNode?.Element(ns + "user");
var validatedUserName = userNode?.Value;
if (string.IsNullOrEmpty(validatedUserName))
{
return(null);
}
var identity = BuildIdentity(options, scheme, validatedUserName, successNode, ns);
var ticketContext = new CasCreatingTicketContext(context, scheme, options, new ClaimsPrincipal(identity), properties, validatedUserName);
await options.Events.CreatingTicket(ticketContext);
return(new AuthenticationTicket(ticketContext.Principal, ticketContext.Properties, scheme.Name));
}
public Authentication(AuthenticationScheme scheme)
{
_scheme = scheme;
}
public bool AddAuthentication (CFHTTPMessage failureResponse, NSString username,
NSString password, AuthenticationScheme scheme,
bool forProxy)
{
if (username == null)
throw new ArgumentNullException ("username");
if (password == null)
throw new ArgumentNullException ("password");
return CFHTTPMessageAddAuthentication (
Handle, failureResponse.GetHandle (), username.Handle,
password.Handle, GetAuthScheme (scheme), forProxy);
}
internal static IntPtr GetAuthScheme (AuthenticationScheme scheme)
{
switch (scheme) {
case AuthenticationScheme.Default:
return IntPtr.Zero;
case AuthenticationScheme.Basic:
return _AuthenticationSchemeBasic.Handle;
case AuthenticationScheme.Negotiate:
return _AuthenticationSchemeNegotiate.Handle;
case AuthenticationScheme.NTLM:
return _AuthenticationSchemeNTLM.Handle;
case AuthenticationScheme.Digest:
return _AuthenticationSchemeDigest.Handle;
case AuthenticationScheme.OAuth1:
if (_AuthenticationSchemeOAuth1 == null)
throw new NotSupportedException ("requires iOS 7.0 or OSX 10.9");
return _AuthenticationSchemeOAuth1.Handle;
default:
throw new ArgumentException ();
}
}
public CertificateAuthenticationFailedContext(HttpContext context, CertificateAuthenticationOptions options, AuthenticationScheme scheme) : base(context, scheme, options)
{
}
/// <summary>
/// Initializes a new instance of <see cref="AuthenticationFailedContext"/>.
/// </summary>
/// <inheritdoc />
public AuthenticationFailedContext(HttpContext context, AuthenticationScheme scheme, OpenIdConnectOptions options)
: base(context, scheme, options, new AuthenticationProperties())
{
}
public static Mock <IAuthenticationSchemeProvider> CreateMockAuthenticationSchemeProvider(AuthenticationScheme scheme = null)
{
var mock = new Mock <IAuthenticationSchemeProvider>();
mock.Setup(m => m.GetDefaultAuthenticateSchemeAsync()).ReturnsAsync(() =>
{
return(scheme ?? DefaultAuthenticationScheme);
});
return(mock);
}
public Task InitializeAsync(AuthenticationScheme scheme, HttpContext context)
{
throw new NotImplementedException();
}
public AutoRefreshConfigureCookieOptions(IAuthenticationSchemeProvider provider)
{
_signInScheme = provider.GetDefaultSignInSchemeAsync().GetAwaiter().GetResult();
}
/// <summary>
/// Sets scheme to the built authentication header value with the provided AuthenticationScheme enumeration.
/// </summary>
/// <param name="scheme">Enumeration with default authentication header schemes.</param>
/// <returns>Authentication header value parameter builder.</returns>
public IAuthenticationHeaderValueParameterBuilder WithScheme(AuthenticationScheme scheme)
{
this.authenticatedHeaderValue.Scheme = scheme.ToString();
return this;
}
public async Task <AuthenticationTicket> BuildAuthenticationTicket(UserResult userResult, AuthenticationScheme scheme)
{
var claims = new[] {
new Claim(ClaimTypes.NameIdentifier, userResult.Id.ToString()),
new Claim(ClaimTypes.Name, userResult.UserName)
};
PK userId = GetPK(userResult);
var roles = await GetUserRolesAsync(userId);
foreach (var role in roles)
{
claims = claims.Concat(new Claim[] { new Claim(ClaimTypes.Role, role) }).ToArray();
}
var identity = new ClaimsIdentity(claims, scheme.Name);
var principal = new ClaimsPrincipal(identity);
var ticket = new AuthenticationTicket(principal, scheme.Name);
return(ticket);
}
public AuthenticatedContext(HttpContext context, AuthenticationScheme scheme, IntranetAuthenticationOptions authenticationOptions) :
base(context, scheme, authenticationOptions)
{
}
public ApiKeyChallengeContext(HttpContext context, AuthenticationScheme scheme, ApiKeyOptions options, AuthenticationProperties properties)
: base(context, scheme, options, properties)
{
}
/// <summary>
/// Creates a new instance of the <see cref="OneIdValidateIdTokenContext"/> class.
/// </summary>
/// <param name="context">The HTTP context.</param>
/// <param name="scheme">The authentication scheme.</param>
/// <param name="options">The authentication options associated with the scheme.</param>
/// <param name="idToken">The OneID ID token for the user to validate.</param>
public OneIdValidateIdTokenContext(HttpContext context, AuthenticationScheme scheme, OneIdAuthenticationOptions options, string idToken)
: base(context, scheme, options)
{
IdToken = idToken;
}
public AuthenticationFailedContext(HttpContext context, AuthenticationScheme scheme, ApiKeyOptions options)
: base(context, scheme, options)
{
}
/// <summary>
/// Creates a <see cref="SecurityTokenValidatedContext"/>
/// </summary>
public SecurityTokenValidatedContext(HttpContext context, AuthenticationScheme scheme, WsFederationOptions options, ClaimsPrincipal principal, AuthenticationProperties properties)
: base(context, scheme, options, properties)
=> Principal = principal;
/// <summary>
/// Creates a <see cref="SecurityTokenReceivedContext"/>
/// </summary>
public SecurityTokenReceivedContext(HttpContext context, AuthenticationScheme scheme, WsFederationOptions options, AuthenticationProperties properties)
: base(context, scheme, options, properties)
{
}
public ApiKeyValidatedContext(HttpContext context, AuthenticationScheme scheme, ApiKeyOptions options)
: base(context, scheme, options)
{
Principal = new ClaimsPrincipal();
}
/// <summary>
/// Constructor.
/// </summary>
/// <param name="context">The context.</param>
/// <param name="scheme">The authentication scheme.</param>
/// <param name="options">The authentication options associated with the scheme.</param>
/// <param name="properties">The authentication properties.</param>
protected PrincipalContext(HttpContext context, AuthenticationScheme scheme, TOptions options, AuthenticationProperties?properties)
: base(context, scheme, options, properties)
{
}
/// <summary>
/// Creates a new context object
/// </summary>
/// <param name="context"></param>
/// <param name="scheme"></param>
/// <param name="options"></param>
public AuthenticationFailedContext(HttpContext context, AuthenticationScheme scheme, WsFederationOptions options)
: base(context, scheme, options, new AuthenticationProperties())
{
}
/// <summary>
/// Creates a <see cref="TokenResponseReceivedContext"/>
/// </summary>
public TokenResponseReceivedContext(HttpContext context, AuthenticationScheme scheme, OpenIdConnectOptions options, ClaimsPrincipal user, AuthenticationProperties properties)
: base(context, scheme, options, properties)
=> Principal = user;
public AutomaticTokenManagementConfigureCookieOptions(IAuthenticationSchemeProvider provider)
{
_scheme = provider.GetDefaultSignInSchemeAsync().GetAwaiter().GetResult();
}
/// <summary>
/// Creates a <see cref="TokenValidatedContext"/>
/// </summary>
public TokenValidatedContext(HttpContext context, AuthenticationScheme scheme, OpenIdConnectOptions options, ClaimsPrincipal principal, AuthenticationProperties properties)
: base(context, scheme, options, properties)
=> Principal = principal;
/// <summary>
/// Constructor.
/// </summary>
/// <param name="context"></param>
/// <param name="scheme"></param>
/// <param name="options"></param>
/// <param name="properties"></param>
public BasicHandleChallengeContext(HttpContext context, AuthenticationScheme scheme, BasicOptions options, AuthenticationProperties properties)
: base(context, scheme, options, properties)
{
}
public async Task AuthenticateSessionAsync_EmptyOptions_ThrowsArgumentException()
{
var target = GetTarget(SessionState.Negotiating);
AuthenticationScheme[] schemeOptions = new AuthenticationScheme[0];
var cancellationToken = DataUtil.CreateCancellationToken();
var actual = await target.AuthenticateSessionAsync(schemeOptions, cancellationToken);
}
public bool AddAuthentication (CFHTTPMessage failureResponse, NSString username,
NSString password, AuthenticationScheme scheme,
bool forProxy)
{
return CFHTTPMessageAddAuthentication (
Handle, failureResponse.Handle, username.Handle,
password.Handle, GetAuthScheme (scheme), forProxy);
}
/// <summary>
/// Initializes a <see cref="BaseWeixinOAuthContext"/>
/// </summary>
/// <param name="context">The HTTP environment</param>
/// <param name="options">The options for WeixinOAuth</param>
public BaseWeixinOAuthContext(HttpContext context, AuthenticationScheme scheme, WeixinOAuthOptions options)
: base(context, scheme, options)
{
}
private static string ExecuteGet(string text, IEnumerable<string> words, string query, Func<string, string, string> function, string username, string password, AuthenticationScheme scheme)
{
foreach (var word in words)
{
if (!word.IsValidUrl())
{
// not valid
continue;
}
if (word.IsShortenedUrl())
{
// already shortened
continue;
}
var hasAuth = !username.IsNullOrBlank() && !password.IsNullOrBlank();
string url;
string response;
if(hasAuth)
{
switch(scheme)
{
case AuthenticationScheme.Http:
url = query.FormatWith(word.UrlEncode());
response = WebQueryBase.QuickGet(url, username, password);
break;
case AuthenticationScheme.Parameters:
url = query.FormatWith(word.UrlEncode(), username, password);
response = WebQueryBase.QuickGet(url);
break;
default:
throw new ArgumentException(
"Authentication was provided to shortening service call with no valid scheme.");
}
}
else
{
url = query.FormatWith(word.UrlEncode());
response = WebQueryBase.QuickGet(url);
}
if(function != null)
{
// post-process the http response
return function.Invoke(response, word);
}
if (response != null)
{
// the response is the shortened url
text = text.Replace(word, response);
}
}
return text;
}
public AuthenticatedEventContext(HttpContext context, AuthenticationScheme scheme, ApiKeyOptions options, string clientID, System.Security.Claims.ClaimsIdentity identity) : base(context, scheme, options)
{
this.ClientID = clientID;
this.Identity = identity;
}
/// <summary>
/// Changes the session state and
/// sends an authenticat envelope
/// to the node with the available options
/// and awaits for the client authentication.
/// </summary>
/// <param name="cancellationToken"></param>
/// <param name="schemeOptions"></param>
/// <returns>
/// A autheticating session envelope with the authentication information.
/// </returns>
/// <exception cref="System.ArgumentNullException">authentication</exception>
/// <exception cref="System.ArgumentException">No available options for authentication</exception>
/// <exception cref="System.InvalidOperationException">Cannot await for a session response since there's already a listener.</exception>
public async Task<Session> AuthenticateSessionAsync(AuthenticationScheme[] schemeOptions, CancellationToken cancellationToken)
{
if (this.State != SessionState.New &&
this.State != SessionState.Negotiating)
{
throw new InvalidOperationException(string.Format("Cannot start the session authentication in the '{0}' state", this.State));
}
if (schemeOptions == null)
{
throw new ArgumentNullException("authentication");
}
if (schemeOptions.Length == 0)
{
throw new ArgumentException("No available options for authentication");
}
base.State = SessionState.Authenticating;
var session = new Session()
{
Id = base.SessionId,
From = base.LocalNode,
State = base.State,
SchemeOptions = schemeOptions
};
await base.SendSessionAsync(session).ConfigureAwait(false);
return await this.ReceiveSessionAsync(cancellationToken).ConfigureAwait(false);
}
public Task InitializeAsync(AuthenticationScheme scheme, HttpContext context)
{
LogInformation($"scheme:{scheme.Name}");
return(Task.CompletedTask);
}
/// <summary>Inititialies a new <see cref="ClientSession"/>.</summary>
/// <param name="serviceAddress">The service Address.</param>
/// <param name="tenantId">The optional tenant id.</param>
/// <param name="company">The company to open</param>
/// <param name="authentication">The authentication.</param>
/// <param name="username">The username.</param>
/// <param name="password">The password.</param>
/// <returns>The initialize session.</returns>
public static ClientSession InitializeSession(string serviceAddress, string tenantId = null, string company = null, AuthenticationScheme? authentication = null, string username = null, string password = null)
{
if (string.IsNullOrWhiteSpace(serviceAddress))
{
throw new ArgumentNullException("serviceAddress");
}
if (!string.IsNullOrEmpty(tenantId))
{
serviceAddress += "?tenant=" + tenantId;
}
if (!string.IsNullOrEmpty(company))
{
serviceAddress += (string.IsNullOrEmpty(tenantId) ? "?" : "&") + "company=" + Uri.EscapeDataString(company);
}
Uri addressUri = ServiceAddressProvider.ServiceAddress(new Uri(serviceAddress));
ICredentials credentials = null;
if (authentication.GetValueOrDefault() == AuthenticationScheme.UserNamePassword)
{
credentials = new NetworkCredential(username, password);
}
var jsonClient = new JsonHttpClient(addressUri, credentials, authentication.GetValueOrDefault());
return new ClientSession(jsonClient, new NonDispatcher(), new TimerFactory<TaskTimer>());
}
public RequiresAuthenticationAttribute(AuthenticationScheme scheme)
{
Scheme = scheme;
IsRequired = true;
}
