public async Task <string> GenerateJwt(IdentityUser user, CancellationToken ct) { var claimsPrincipal = await ClaimsFactory.CreateAsync(user); var claims = claimsPrincipal.Claims?.ToList() ?? new List <Claim>(); var userClaims = await UserManager.GetClaimsAsync(user); if (userClaims != null) { claims.AddRange(userClaims); } var customClaims = user.Claims?.Select(x => x.ToClaim()).ToList(); if (customClaims != null) { claims.AddRange(customClaims); } claims.Add(new Claim(JwtRegisteredClaimNames.Jti, GuidGenerator.Create().ToString())); var token = new JwtSecurityToken( issuer: JwtSettings.Issuer, audience: JwtSettings.Audience, claims: claims, expires: Clock.Now.Add(JwtSettings.ExpirationDays), signingCredentials: JwtSettings.SigningCredentials); var jwtHandler = new JwtSecurityTokenHandler { MapInboundClaims = false }; return(jwtHandler.WriteToken(token)); }
public OmsUserManager(ApiUserContext dbContext) : base(new UsuarioStore(dbContext)) { if (Dbcontext == null) { Dbcontext = dbContext; } UserValidator = new UserValidator <Usuario, long>(this) { AllowOnlyAlphanumericUserNames = false, RequireUniqueEmail = true }; PasswordValidator = new PasswordValidator { RequiredLength = 6, RequireNonLetterOrDigit = false, RequireDigit = false, RequireLowercase = false, RequireUppercase = false, }; //UserTokenProvider = new EmailTokenProvider<ApplicationUser>(); ClaimsIdentityFactory = new ClaimsFactory(); // enable lockout on users DefaultAccountLockoutTimeSpan = TimeSpan.FromMinutes(1); MaxFailedAccessAttemptsBeforeLockout = 6; UserLockoutEnabledByDefault = true; }
public UserManager(ClaimsFactory claimsFactory, IdentityDataContext context, IdentityValidator identityValidator) { _identityManager = new UserManager <User>(new UserStore <User>(context)) { ClaimsIdentityFactory = claimsFactory, UserValidator = identityValidator }; }
/// <summary> /// Gets the claims for a user. /// </summary> /// <param name="user"></param> /// <returns></returns> protected virtual async Task <ClaimsPrincipal> GetClaimsPrincipalAsync(TUser user) { var principal = await ClaimsFactory.CreateAsync(user).ConfigureAwait(false); if (principal == null) { throw new InvalidOperationException("ClaimsFactory failed to create a principal"); } return(principal); }
/// <summary> /// 创建登陆成功的结果 /// </summary> /// <param name="user"></param> /// <returns></returns> protected virtual async Task <LoginResult> CreateLoginResultAsync(User user) { if (!user.IsActive) { return(new LoginResult(LoginResultType.UserIsNotActive)); } var claimsPrincipal = await ClaimsFactory.CreateAsync(user); return(new LoginResult(LoginResultType.Success, user, claimsPrincipal)); }
public async override Task SignInAsync(EasyUser user, AuthenticationProperties authenticationProperties, string authenticationMethod = null) { var userPrincipal = await ClaimsFactory.CreateAsync(user); if (authenticationMethod != null) { userPrincipal.Identities.First().AddClaim(new Claim(ClaimTypes.AuthenticationMethod, authenticationMethod)); } await Context.SignInAsync(IdentityConstants.ApplicationScheme, userPrincipal, authenticationProperties ?? new AuthenticationProperties()); }
public void IsClaimsFactoryCreatingValidClaims() { ClaimsFactory ClaimsFactory = new ClaimsFactory(); var Roles = new List <string> { "XunitRole" }; //Begin tests // create a claim var Claims = ClaimsFactory.CreateJwtClaims("Xunit", Roles); // test the type is Claim Assert.IsType <List <Claim> >(Claims); }
public override async Task GetProfileDataAsync(ProfileDataRequestContext context) { var sub = context.Subject?.GetSubjectId(); if (sub == null) { throw new Exception("No sub claim present"); } var user = await UserManager.FindByIdAsync(sub); Claim tenantClaim = null; if (user is IHaveTenantId) { tenantClaim = new Claim(_tenantClaimName, ((IHaveTenantId)user).TenantId); } if (user == null) { Logger?.LogWarning("No user found matching subject Id: {0}", sub); } else { var principal = await ClaimsFactory.CreateAsync(user); if (principal == null) { throw new Exception("ClaimsFactory failed to create a principal"); } var claims = principal.Claims.ToList(); if (tenantClaim != null && principal.FindFirst(_tenantClaimName) == null) { claims.Add(tenantClaim); } if (_externalClaimsService != null) { var externalClaims = await _externalClaimsService.GetClaims(claims); claims.AddRange(externalClaims); } context.AddRequestedClaims(claims); } }
public void Should_PassValidation_When_AllRulesPass() { // Arrange var claimsValidator = new ClaimsValidator(); var claimsFactory = new ClaimsFactory(); var claims = new UserClaims() { Claims = claimsFactory.Create(AccountTypes.Individual) }; // Act var result = claimsValidator.Validate(claims); var isValid = result.IsValid; // Assert isValid.Should().Be(true); }
public IdentityProfileService ( IIdentityServerInteractionService interaction, UserManager userManager, ClaimsFactory claimsFactory, SecurityPoolManager poolManager, SignInManager signInManager, IHttpContextAccessor contextAccessor, AegisTenantResolver tenantResolver ) { _interaction = interaction; _userManager = userManager; _claimsFactory = claimsFactory; _poolManager = poolManager; _signInManager = signInManager; _httpContextAccessor = contextAccessor; _tenantResolver = tenantResolver; }
/// <summary> /// /// </summary> /// <param name="dto"></param> /// <param name="userAccount"></param> /// <param name="passwordSalt"></param> /// <param name="userClaims"></param> /// <param name="userProfile"></param> /// <param name="securityQuestions"></param> /// <param name="securityAnswerSalts"></param> /// <returns></returns> private ResponseDto <bool> MapIndividualDtoToModel(RegisterUserDto dto, out UserAccount userAccount, out PasswordSalt passwordSalt, out UserClaims userClaims, out UserProfile userProfile, out IList <SecurityQuestion> securityQuestions, out IList <SecurityAnswerSalt> securityAnswerSalts) { var mappingResult = MapUserDtoToModel(dto, out userAccount, out passwordSalt, out userProfile, out securityQuestions, out securityAnswerSalts); // If mapping failed, return early. if (!mappingResult.Data) { userClaims = null; return(mappingResult); } // Set user claims to be stored in UserClaims table var claimsFactory = new ClaimsFactory(); userClaims = new UserClaims(claimsFactory.Create(AccountTypes.Individual)); return(new ResponseDto <bool>() { Data = true }); }
/// <summary> /// The CreateAdmin method. /// Contains business logic to create an admin user. /// <para> /// @author: Jennifer Nguyen, Angelica Salas /// @updated: 04/26/2018 /// </para> /// </summary> /// <param name="registerUserDto"></param> /// <returns>ResponseDto</returns> public ResponseDto <RegisterUserDto> CreateAdmin(RegisterUserDto registerUserDto) { var createIndividualPreLogicValidationStrategy = new CreateIndividualPreLogicValidationStrategy(registerUserDto); var securityAnswerSalts = new List <SecurityAnswerSalt>(); var saltGenerator = new SaltGenerator(); var payloadHasher = new PayloadHasher(); var claimsFactory = new ClaimsFactory(); // Validate data transfer object var result = createIndividualPreLogicValidationStrategy.ExecuteStrategy(); if (result.Error != null) { return(new ResponseDto <RegisterUserDto> { Data = registerUserDto, Error = result.Error }); } // Map data transfer object to domain models var userAccount = new UserAccount(username: registerUserDto.UserAccountDto.Username, password: registerUserDto.UserAccountDto.Password, isActive: true, isFirstTimeUser: false, roleType: "private"); var securityQuestions = registerUserDto.SecurityQuestionDtos .Select(securityQuestionDto => new SecurityQuestion( securityQuestionDto.Question, securityQuestionDto.Answer)) .ToList(); //Admin User Profile var displayImagePath = ConfigurationManager.AppSettings["DefaultURLProfileImagePath"]; var userProfile = new UserProfile(displayPicture: displayImagePath, displayName: registerUserDto.UserProfileDto.DisplayName); // Set user claims to be stored in UserClaims table as administrator var userClaims = new UserClaims(claimsFactory.Create(AccountTypes.Admin)); // Hash password var passwordSalt = new PasswordSalt(saltGenerator.GenerateSalt(128)); userAccount.Password = payloadHasher.Sha256HashWithSalt(passwordSalt.Salt, userAccount.Password); // Hash security answers for (var i = 0; i < securityQuestions.Count; i++) { securityAnswerSalts.Add(new SecurityAnswerSalt { Salt = saltGenerator.GenerateSalt(128) }); securityQuestions[i].Answer = payloadHasher.Sha256HashWithSalt(securityAnswerSalts[i].Salt, securityQuestions[i].Answer); } var createIndividualPostLogicValdiationStrategy = new CreateIndividualPostLogicValidationStrategy(userAccount, passwordSalt, userClaims, userProfile, securityQuestions, securityAnswerSalts); var validateResult = createIndividualPostLogicValdiationStrategy.ExecuteStrategy(); if (!validateResult.Data) { return(new ResponseDto <RegisterUserDto> { Data = registerUserDto, Error = GeneralErrorMessages.GENERAL_ERROR }); } // Store user in database using (var userGateway = new UserGateway()) { var gatewayResult = userGateway.StoreIndividualUser(userAccount, passwordSalt, userClaims, userProfile, securityQuestions, securityAnswerSalts); if (gatewayResult.Data == false) { return(new ResponseDto <RegisterUserDto>() { Data = registerUserDto, Error = GeneralErrorMessages.GENERAL_ERROR }); } } return(new ResponseDto <RegisterUserDto> { Data = registerUserDto }); }
/// <summary> /// Instantiate domain model equivalent of Dto's /// <para> /// @author: Brian Fann /// @updated: 4/25/18 /// </para> /// </summary> /// <param name="dto">Dto to map</param> /// <param name="param">Parameter Object to map to</param> /// <returns></returns> private ResponseDto <bool> MapRestaurantDtoToModels(RegisterRestaurantDto dto, out UserAccount userAccount, out PasswordSalt passwordSalt, out UserClaims userClaims, out UserProfile userProfile, out IList <SecurityQuestion> securityQuestions, out IList <SecurityAnswerSalt> securityAnswerSalts, out RestaurantProfile restaurantProfile, out IList <BusinessHour> businessHours, out IList <FoodPreference> foodPreferences) { // Try to map user dto var mappingResult = MapUserDtoToModel(dto, out userAccount, out passwordSalt, out userProfile, out securityQuestions, out securityAnswerSalts); if (!mappingResult.Data) { restaurantProfile = null; foodPreferences = null; businessHours = null; userClaims = null; return(mappingResult); } restaurantProfile = new RestaurantProfile( phoneNumber: dto.RestaurantProfileDto.PhoneNumber, address: dto.RestaurantProfileDto.Address, details: dto.RestaurantProfileDto.Details); // Call GeocodeService to get geocoordinates of the restaurant var geocodeService = new GoogleGeocodeService(); var geocodeResponse = geocodeService.Geocode(restaurantProfile.Address); var dateTimeService = new DateTimeService(); businessHours = dto.BusinessHourDtos .Select(businessHourDto => new BusinessHour( timeZone: dto.TimeZone, day: businessHourDto.Day, openTime: dateTimeService.ConvertLocalMeanTimeToUtc(dateTimeService.ConvertTimeToDateTimeUnspecifiedKind(businessHourDto.OpenTime), dto.TimeZone), closeTime: dateTimeService.ConvertLocalMeanTimeToUtc(dateTimeService.ConvertTimeToDateTimeUnspecifiedKind(businessHourDto.CloseTime), dto.TimeZone))) .ToList(); foodPreferences = new List <FoodPreference>(); if (dto.FoodPreferences != null) { foodPreferences = dto.FoodPreferences.Select(foodPreference => new FoodPreference(foodPreference)).ToList(); } // Set user claims to be stored in UserClaims table var claimsFactory = new ClaimsFactory(); userClaims = new UserClaims(claimsFactory.Create(AccountTypes.Restaurant)); if (geocodeResponse.Error != null) { return(new ResponseDto <bool> { Data = false, Error = geocodeResponse.Error }); } restaurantProfile.GeoCoordinates = new GeoCoordinates(latitude: geocodeResponse.Data.Latitude, longitude: geocodeResponse.Data.Longitude); // Successful response return(new ResponseDto <bool>() { Data = true }); }
// Should this be a func? public virtual async Task <ClaimsIdentity> CreateUserIdentityAsync(TUser user, CancellationToken cancellationToken = default(CancellationToken)) { return(await ClaimsFactory.CreateAsync(user)); }
// Should this be a func? public virtual async Task <ClaimsIdentity> CreateUserIdentityAsync(TUser user, CancellationToken cancellationToken = default(CancellationToken)) { // REVIEW: should sign in manager take options instead of using the user manager instance? return(await ClaimsFactory.CreateAsync(user, Options.ClaimsIdentity)); }
/// <summary> /// Creates a <see cref="ClaimsPrincipal"/> for the specified <paramref name="user"/>, as an asynchronous operation. /// </summary> /// <param name="user">The user to create a <see cref="ClaimsPrincipal"/> for.</param> /// <returns>The task object representing the asynchronous operation, containing the ClaimsPrincipal for the specified user.</returns> public virtual async Task <ClaimsPrincipal> CreateUserPrincipalAsync(TUser user) => await ClaimsFactory.CreateAsync(user);
public override async Task <ClaimsPrincipal> CreateUserPrincipalAsync(ApplicationUser user) { return(await ClaimsFactory.CreateAsync(user)); }