public virtual IUser Authenticate(HttpContext httpContext, ICASOption option)
        {
            ISession session = httpContext.Session;

            if (session == null)
            {
                return(null);
            }

            string displayName = session.GetString(option.SessionName);

            if (displayName == null)
            {
                return(null);
            }

            ClaimsPrincipal userClaims = new ClaimsPrincipal();
            ClaimsIdentity  identity   = new ClaimsIdentity(nameof(CASAuthenticator));

            identity.AddClaim(new Claim("Name", displayName));
            userClaims.AddIdentity(identity);
            httpContext.User = userClaims;
            IUser user = new User(displayName, userClaims);

            return(user);
        }
Example #2
0
        public void RemoveCASSession()
        {
            HttpContext      context  = httpContextAccessor.HttpContext;
            IServiceProvider services = context.RequestServices;
            ICASOption       option   = services.GetRequiredService <ICASOption>();

            context.Session.Remove(option.SessionName);
        }
        public Task ExecuteResultAsync(ActionContext context)
        {
            HttpContext httpContext = context.HttpContext;
            ICASOption  option      = httpContext.RequestServices.GetRequiredService <ICASOption>();
            HttpRequest request     = httpContext.Request;

            string serviceTarget        = request.GetDisplayUrl().EscapeAll();
            string authenticationTarget = $"{option.RedirectUrl}?service={serviceTarget}";

            httpContext.Response.Redirect(location: authenticationTarget, permanent: false);
            return(Task.CompletedTask);
        }
        public IUser Invoke(HttpContext httpContext, string message, string actionUrl, out string redirectUrl)
        {
            ICASOption option = httpContext.RequestServices.GetRequiredService <ICASOption>();

            string[] res = message.Split('\n');
            if (res[0] == "yes")
            {
                httpContext.Session.SetString(option.SessionName, res[1]);
                redirectUrl = actionUrl;
                return(null);
            }
            else
            {
                httpContext.Session.Remove(option.SessionName);
                redirectUrl = null;
                return(null);
            }
        }
        public Task ExecuteResultAsync(ActionContext context)
        {
            HttpContext httpContext = context.HttpContext;
            ICASOption  option      = httpContext.RequestServices.GetRequiredService <ICASOption>();
            HttpRequest request     = httpContext.Request;

            string serviceTarget = null;

            if (targetOverride == null)
            {
                serviceTarget = request.GetDisplayUrl().EscapeAll();
            }
            else
            {
                serviceTarget = $"{request.Scheme}://{request.Host}{request.PathBase}{targetOverride}".EscapeAll();
            }
            string authenticationTarget = $"{option.LogoutUrl}?service={serviceTarget}";

            httpContext.Response.Redirect(location: authenticationTarget, permanent: false);
            return(Task.CompletedTask);
        }
        // if casResult == null, the url does not contain ticket
        private static void CheckRequestUrl(HttpContext httpContext, out AuthenticationInternalResult casResult)
        {
            HttpRequest      request = httpContext.Request;
            ICASOption       option  = httpContext.RequestServices.GetRequiredService <ICASOption>();
            IQueryCollection query   = request.Query;
            string           rawurl  = request.GetDisplayUrl();

            if (query.TryGetValue("ticket", out StringValues ticketValue))
            {
                string ticket = ticketValue.ToArray()[0];
                string url    = request.GetDisplayUrl();
                // remove ticket
                url = Regex.Replace(url, @"ticket\=[^\&]+\&?", "");
                while (url[url.Length - 1] == '&' || url[url.Length - 1] == '?')
                {
                    url = url.Substring(0, url.Length - 1);
                }
                string querystr = request.QueryString.Value;
                querystr = Regex.Replace(querystr, @"ticket\=[^\&]+\&?", "");
                while (querystr.Length > 0 && (querystr[querystr.Length - 1] == '&' || querystr[querystr.Length - 1] == '?'))
                {
                    querystr = querystr.Substring(0, querystr.Length - 1);
                }
                string url_not_escaped = url;
                url = url.EscapeAll();

                string target = $"{option.ValidateUrl}?service={url}&ticket={ticket}";
                request.QueryString = new QueryString(querystr);
                // validate
                // if true, set session
                try
                {
                    HttpClient         client          = new HttpClient();
                    HttpRequestMessage validateRequest = new HttpRequestMessage()
                    {
                        Method     = HttpMethod.Get,
                        RequestUri = new Uri(target)
                    };
                    validateRequest.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue(option.ResponseAccept));
                    using (HttpResponseMessage response = client.SendAsync(validateRequest).GetAwaiter().GetResult())
                    {
                        if (response.StatusCode == System.Net.HttpStatusCode.OK)
                        {
                            string message              = response.Content.ReadAsStringAsync().GetAwaiter().GetResult();
                            Type   handlerType          = option.ResponseHandler;
                            ICASResponseHandler handler = (ICASResponseHandler)ActivatorUtilities.CreateInstance(httpContext.RequestServices, handlerType);
                            IUser user = handler.Invoke(httpContext, message, url_not_escaped, out string redirect_url);
                            if (redirect_url != null)
                            {
                                casResult = new AuthenticationInternalResult(false, redirect_url, null, null);
                                return;
                            }
                            if (user == null)
                            {
                                casResult = new AuthenticationInternalResult(true, null, null, null);
                                return;
                            }
                            else
                            {
                                lock (CASLocker)
                                {
                                    if (casAuthenticatorData == null)
                                    {
                                        IAuthenticatorMethodCache cache = httpContext.RequestServices.GetRequiredService <IAuthenticatorMethodCache>();
                                        casAuthenticatorData = cache.Get(typeof(CASAuthenticator));
                                    }
                                }
                                casResult = new AuthenticationInternalResult(false, null, user, casAuthenticatorData);
                                return;
                            }
                        }
                    }
                }
                catch
                {
                    casResult = null;
                }
            }
            casResult = null;
        }
Example #7
0
 public AuthenticationService(IHttpContextAccessor httpContextAccessor, ICASOption option, IAuthenticationResultAccessor accessor)
 {
     this.httpContextAccessor = httpContextAccessor;
     this.option   = option;
     this.accessor = accessor;
 }