public async Task RefreshAsync(string userAreaCode, int userId) { if (userAreaCode == null) { throw new ArgumentNullException(nameof(userAreaCode)); } if (userId < 1) { throw new ArgumentOutOfRangeException(nameof(userId)); } ValidateHttpContext("refresh a user sign in"); var userArea = _userAreaDefinitionRepository.GetRequiredByCode(userAreaCode); var loggedInUser = await GetUserIdByUserAreaCodeAsync(userAreaCode); // Only refresh the sign in if the user is currently logged in if (loggedInUser != userId) { return; } var scheme = AuthenticationSchemeNames.UserArea(userArea.UserAreaCode); var auth = await _httpContextAccessor.HttpContext.AuthenticateAsync(scheme); var isPeristent = auth?.Properties?.IsPersistent ?? false; await SignInAsync(userAreaCode, userId, isPeristent); }
/// <summary> /// Returns the authenitcation scheme name that should be set as the default /// in a call to <see cref="AuthenticationServiceCollectionExtensions.AddAuthentication"/>. /// Override this if you want to change the default scheme. /// </summary> protected virtual string GetDefaultScheme() { var defaultSchemeCode = _userAreaDefinitionRepository.GetDefault()?.UserAreaCode; if (defaultSchemeCode == null) { throw new InvalidOperationException("Default user area expected, but none are defined. The Cofoundry Admin user area should be defined at least."); } var defaultScheme = AuthenticationSchemeNames.UserArea(defaultSchemeCode); return(defaultScheme); }
public async Task SignOutOfAllUserAreasAsync() { ValidateHttpContext("sign out a user"); await _inMemoryUserSessionService.SignOutOfAllUserAreasAsync(); foreach (var userArea in _userAreaDefinitionRepository.GetAll()) { var scheme = AuthenticationSchemeNames.UserArea(userArea.UserAreaCode); await _httpContextAccessor.HttpContext.SignOutAsync(scheme); TrackSignOut(userArea.UserAreaCode); } }
protected virtual void ConfigureAuthBuilder(AuthenticationBuilder authBuilder) { var allUserAreas = _userAreaDefinitionRepository.GetAll(); foreach (var userArea in allUserAreas) { var cookieNamespace = _authCookieNamespaceProvider.GetNamespace(userArea.UserAreaCode); var scheme = AuthenticationSchemeNames.UserArea(userArea.UserAreaCode); var options = new UserAreaSchemeRegistrationOptions(userArea, scheme, cookieNamespace); ConfigureUserAreaScheme(authBuilder, options); } }
public async Task SignOutAsync(string userAreaCode) { if (userAreaCode == null) { throw new ArgumentNullException(nameof(userAreaCode)); } ValidateHttpContext("sign out a user"); await _inMemoryUserSessionService.SignOutAsync(userAreaCode); var scheme = AuthenticationSchemeNames.UserArea(userAreaCode); await _httpContextAccessor.HttpContext.SignOutAsync(scheme); TrackSignOut(userAreaCode); }
public async Task <int?> GetUserIdByUserAreaCodeAsync(string userAreaCode) { if (userAreaCode == null) { throw new ArgumentNullException(nameof(userAreaCode)); } if (_signedOutUserAreas.Contains(userAreaCode)) { return(null); } var cachedUserId = await _inMemoryUserSessionService.GetUserIdByUserAreaCodeAsync(userAreaCode); if (cachedUserId.HasValue) { return(cachedUserId); } if (_httpContextAccessor.HttpContext == null) { return(null); } var scheme = AuthenticationSchemeNames.UserArea(userAreaCode); var result = await _httpContextAccessor.HttpContext.AuthenticateAsync(scheme); if (!result.Succeeded) { return(null); } var userIdClaim = result.Principal.FindFirst(CofoundryClaimTypes.UserId); if (userIdClaim == null) { return(null); } var userId = IntParser.ParseOrNull(userIdClaim.Value); if (userId.HasValue) { // cache the auth by logging into the in-memory service await _inMemoryUserSessionService.SignInAsync(userAreaCode, userId.Value, true); } return(userId); }
public Task <ClaimsPrincipal> CreateAsync(IClaimsPrincipalBuilderContext context) { if (context == null) { throw new ArgumentNullException(nameof(context)); } var scheme = AuthenticationSchemeNames.UserArea(context.UserAreaCode); var claims = new[] { new Claim(CofoundryClaimTypes.UserId, Convert.ToString(context.UserId)), new Claim(CofoundryClaimTypes.SecurityStamp, context.SecurityStamp), new Claim(CofoundryClaimTypes.UserAreaCode, context.UserAreaCode), }; var claimsIdentity = new ClaimsIdentity(claims, scheme); var claimsPrincipal = new ClaimsPrincipal(claimsIdentity); return(Task.FromResult(claimsPrincipal)); }
/// <summary> /// Creates a minimal service provider to support authentication /// </summary> private ServiceProvider CreateServiceProvider(IUserAreaDefinitionRepository userAreaDefinitionRepository) { var allUserAreas = userAreaDefinitionRepository.GetAll(); var defaultSchemaCode = userAreaDefinitionRepository.GetDefault().UserAreaCode; var defaultScheme = AuthenticationSchemeNames.UserArea(defaultSchemaCode); var services = new ServiceCollection(); var authBuilder = services.AddAuthentication(defaultScheme); foreach (var userAreaDefinition in allUserAreas) { var scheme = AuthenticationSchemeNames.UserArea(userAreaDefinition.UserAreaCode); authBuilder.AddCookie(scheme); } services.AddLogging(config => config.AddDebug().AddConsole()); services.AddControllersWithViews(); return(services.BuildServiceProvider()); }
public async Task SignInAsync(string userAreaCode, int userId, bool rememberUser) { if (userAreaCode == null) { throw new ArgumentNullException(nameof(userAreaCode)); } if (userId < 1) { throw new ArgumentOutOfRangeException(nameof(userId)); } ValidateHttpContext("sign in a user"); var userArea = _userAreaDefinitionRepository.GetRequiredByCode(userAreaCode); var userPrincipal = await CreateUserPrincipal(userId, userArea); var scheme = AuthenticationSchemeNames.UserArea(userArea.UserAreaCode); if (rememberUser) { var authProperties = new AuthenticationProperties() { IsPersistent = true }; await _httpContextAccessor.HttpContext.SignInAsync(scheme, userPrincipal, authProperties); } else { await _httpContextAccessor.HttpContext.SignInAsync(scheme, userPrincipal); } await _inMemoryUserSessionService.SignInAsync(userAreaCode, userId, rememberUser); if (_signedOutUserAreas.Contains(userAreaCode)) { // signed out and back in during the same request: odd but let's handle it. _signedOutUserAreas.Remove(userAreaCode); } }