public virtual CredentialViewModel DescribeCredential(Credential credential) { var kind = GetCredentialKind(credential.Type); Authenticator auther = null; if (kind == CredentialKind.External) { string providerName = credential.Type.Split('.')[1]; if (!Authenticators.TryGetValue(providerName, out auther)) { auther = null; } } return(new CredentialViewModel { Type = credential.Type, TypeCaption = FormatCredentialType(credential.Type), Identity = credential.Identity, Value = kind == CredentialKind.Token ? credential.Value : String.Empty, Created = credential.Created, Expires = credential.Expires, Kind = kind, AuthUI = auther?.GetUI() }); }
public virtual CredentialViewModel DescribeCredential(Credential credential) { var kind = GetCredentialKind(credential.Type); Authenticator auther = null; if (kind == CredentialKind.External) { string providerName = credential.Type.Split('.')[1]; Authenticators.TryGetValue(providerName, out auther); } var credentialViewModel = new CredentialViewModel { Key = credential.Key, Type = credential.Type, TypeCaption = FormatCredentialType(credential.Type), Identity = credential.Identity, Created = credential.Created, Expires = credential.Expires, Kind = kind, AuthUI = auther?.GetUI(), // Set the description as the value for legacy API keys Description = credential.Description, Value = kind == CredentialKind.Token && credential.Description == null ? credential.Value : null, Scopes = credential.Scopes.Select(s => new ScopeViewModel(s.Subject, NuGetScopes.Describe(s.AllowedAction))).ToList(), ExpirationDuration = credential.ExpirationTicks != null ? new TimeSpan?(new TimeSpan(credential.ExpirationTicks.Value)) : null }; credentialViewModel.HasExpired = credential.HasExpired || (credentialViewModel.IsNonScopedV1ApiKey && !credential.HasBeenUsedInLastDays(_config.ExpirationInDaysForApiKeyV1)); return(credentialViewModel); }
private string FormatExternalCredentialType(string externalType) { Authenticator authenticator; if (!Authenticators.TryGetValue(externalType, out authenticator)) { return(externalType); } var ui = authenticator.GetUI(); return(ui == null ? authenticator.Name : ui.AccountNoun); }
public virtual async Task <AuthenticateExternalLoginResult> ReadExternalLoginCredential(IOwinContext context) { var result = await context.Authentication.AuthenticateAsync(AuthenticationTypes.External); if (result == null) { _trace.Information("No external login found."); return(new AuthenticateExternalLoginResult()); } var idClaim = result.Identity.FindFirst(ClaimTypes.NameIdentifier); if (idClaim == null) { _trace.Error("External Authentication is missing required claim: " + ClaimTypes.NameIdentifier); return(new AuthenticateExternalLoginResult()); } var nameClaim = result.Identity.FindFirst(ClaimTypes.Name); if (nameClaim == null) { _trace.Error("External Authentication is missing required claim: " + ClaimTypes.Name); return(new AuthenticateExternalLoginResult()); } var emailClaim = result.Identity.FindFirst(ClaimTypes.Email); string emailSuffix = emailClaim == null ? String.Empty : (" <" + emailClaim.Value + ">"); var tenantIdClaim = result.Identity.FindFirst(tenantIdClaimType); Authenticator auther; string authenticationType = idClaim.Issuer; if (!Authenticators.TryGetValue(idClaim.Issuer, out auther)) { foreach (var authenticator in Authenticators.Values) { if (authenticator.TryMapIssuerToAuthenticationType(idClaim.Issuer, out authenticationType)) { auther = authenticator; break; } } } return(new AuthenticateExternalLoginResult() { Authentication = null, ExternalIdentity = result.Identity, Authenticator = auther, Credential = _credentialBuilder.CreateExternalCredential(authenticationType, idClaim.Value, nameClaim.Value + emailSuffix, tenantIdClaim?.Value) }); }
public virtual CredentialViewModel DescribeCredential(Credential credential) { var kind = GetCredentialKind(credential.Type); Authenticator authenticator = null; if (kind == CredentialKind.External) { if (string.IsNullOrEmpty(credential.TenantId)) { string providerName = credential.Type.Split('.')[1]; Authenticators.TryGetValue(providerName, out authenticator); } else { authenticator = Authenticators .Values .FirstOrDefault(provider => provider.Name.Equals(AzureActiveDirectoryV2Authenticator.DefaultAuthenticationType, StringComparison.OrdinalIgnoreCase)); } } var credentialViewModel = new CredentialViewModel { Key = credential.Key, Type = credential.Type, TypeCaption = FormatCredentialType(credential.Type), Identity = credential.Identity, Created = credential.Created, Expires = credential.Expires, Kind = kind, AuthUI = authenticator?.GetUI(), // Set the description as the value for legacy API keys Description = credential.Description, Value = kind == CredentialKind.Token && credential.Description == null ? credential.Value : null, Scopes = credential.Scopes.Select(s => new ScopeViewModel( s.Owner?.Username ?? credential.User.Username, s.Subject, NuGetScopes.Describe(s.AllowedAction))) .ToList(), ExpirationDuration = credential.ExpirationTicks != null ? new TimeSpan?(new TimeSpan(credential.ExpirationTicks.Value)) : null }; credentialViewModel.HasExpired = credential.HasExpired || (credentialViewModel.IsNonScopedApiKey && !credential.HasBeenUsedInLastDays(_config.ExpirationInDaysForApiKeyV1)); credentialViewModel.Description = credentialViewModel.IsNonScopedApiKey ? Strings.NonScopedApiKeyDescription : credentialViewModel.Description; return(credentialViewModel); }
public virtual CredentialViewModel DescribeCredential(Credential credential) { var kind = GetCredentialKind(credential.Type); Authenticator authenticator = null; if (kind == CredentialKind.External) { if (string.IsNullOrEmpty(credential.TenantId)) { string providerName = credential.Type.Split('.')[1]; Authenticators.TryGetValue(providerName, out authenticator); } else { authenticator = Authenticators .Values .FirstOrDefault(provider => provider.Name.Equals(AzureActiveDirectoryV2Authenticator.DefaultAuthenticationType, StringComparison.OrdinalIgnoreCase)); } } var credentialViewModel = new CredentialViewModel { Key = credential.Key, Type = credential.Type, TypeCaption = FormatCredentialType(credential.Type), Identity = credential.Identity, Created = credential.Created, Expires = credential.Expires, Kind = kind, AuthUI = authenticator?.GetUI(), Description = credential.Description, Scopes = credential.Scopes.Select(s => new ScopeViewModel( s.Owner?.Username ?? credential.User.Username, s.Subject, NuGetScopes.Describe(s.AllowedAction))) .ToList(), ExpirationDuration = credential.ExpirationTicks != null ? new TimeSpan?(new TimeSpan(credential.ExpirationTicks.Value)) : null, RevocationSource = credential.RevocationSourceKey != null?Enum.GetName(typeof(CredentialRevocationSource), credential.RevocationSourceKey) : null, }; credentialViewModel.HasExpired = IsCredentialExpiredOrNonScopedApiKeyNotUsedInLastDays(credential); credentialViewModel.Description = credentialViewModel.IsNonScopedApiKey ? ServicesStrings.NonScopedApiKeyDescription : credentialViewModel.Description; return(credentialViewModel); }
public async virtual Task <AuthenticateExternalLoginResult> ReadExternalLoginCredential(IOwinContext context) { var result = await context.Authentication.AuthenticateAsync(AuthenticationTypes.External); if (result == null) { Trace.Information("No external login found."); return(new AuthenticateExternalLoginResult()); } var idClaim = result.Identity.FindFirst(ClaimTypes.NameIdentifier); if (idClaim == null) { Trace.Error("External Authentication is missing required claim: " + ClaimTypes.NameIdentifier); return(new AuthenticateExternalLoginResult()); } var nameClaim = result.Identity.FindFirst(ClaimTypes.Name); if (nameClaim == null) { Trace.Error("External Authentication is missing required claim: " + ClaimTypes.Name); return(new AuthenticateExternalLoginResult()); } var emailClaim = result.Identity.FindFirst(ClaimTypes.Email); string emailSuffix = emailClaim == null ? String.Empty : (" <" + emailClaim.Value + ">"); Authenticator auther; if (!Authenticators.TryGetValue(idClaim.Issuer, out auther)) { auther = null; } return(new AuthenticateExternalLoginResult() { Authentication = null, ExternalIdentity = result.Identity, Authenticator = auther, Credential = CredentialBuilder.CreateExternalCredential(idClaim.Issuer, idClaim.Value, nameClaim.Value + emailSuffix) }); }
public virtual ActionResult Challenge(string providerName, string redirectUrl) { Authenticator provider; if (!Authenticators.TryGetValue(providerName, out provider)) { throw new InvalidOperationException(String.Format( CultureInfo.CurrentCulture, Strings.UnknownAuthenticationProvider, providerName)); } if (!provider.BaseConfig.Enabled) { throw new InvalidOperationException(String.Format( CultureInfo.CurrentCulture, Strings.AuthenticationProviderDisabled, providerName)); } return(provider.Challenge(redirectUrl)); }