protected override Task <IHttpResponse> SendAsync(IApplication httpApplication,
IHttpRequest request, CancellationToken cancellationToken,
Func <IHttpRequest, CancellationToken, Task <IHttpResponse> > continuation)
{
return(request.GetActorIdClaimsFromBearerParamAsync(
(authenticationId, claims) => StoreMonitoringInfoAndFireRequestAsync(
httpApplication, request, cancellationToken, authenticationId, continuation),
() =>
{
return request.GetClaims(
(claimsEnumerable) =>
{
var claims = claimsEnumerable.ToArray();
var accountIdClaimTypeConfigurationSetting = EastFive.Api.AppSettings.ActorIdClaimType;
var accountIdClaimType = System.Configuration.ConfigurationManager.AppSettings[accountIdClaimTypeConfigurationSetting];
var result = claims.GetAccountIdAsync(
request, accountIdClaimType,
(authenticationId) => StoreMonitoringInfoAndFireRequestAsync(httpApplication, request, cancellationToken, authenticationId, continuation));
return result;
},
() => continuation(request, cancellationToken),
(why) => continuation(request, cancellationToken));
},
() => continuation(request, cancellationToken),
() => continuation(request, cancellationToken)));
}
public Task <IHttpResponse> Instigate(IApplication httpApp,
IHttpRequest request, ParameterInfo parameterInfo,
Func <object, Task <IHttpResponse> > onSuccess)
{
return(request.GetClaims(
(claimsEnumerable) =>
{
var claims = claimsEnumerable.ToArray();
return claims.GetAccountIdMaybe(
request, Auth.ClaimEnableActorAttribute.Type,
(accountIdMaybe) =>
{
var sessionIdClaimType = Auth.ClaimEnableSessionAttribute.Type;
return claims.GetSessionIdAsync(
request, sessionIdClaimType,
(sessionId) =>
{
var token = new SessionTokenMaybe
{
accountIdMaybe = accountIdMaybe,
sessionId = sessionId,
claims = claims,
};
return onSuccess(token);
});
});
},
() =>
{
var token = new SessionTokenMaybe
{
accountIdMaybe = default,
public static Task <IHttpResponse> GetClaimsAsync(this IHttpRequest request,
Func <System.Security.Claims.Claim[], Task <IHttpResponse> > success)
{
var result = request.GetClaims(
(claimsEnumerable) =>
{
var claims = claimsEnumerable.ToArray();
return(success(claims));
},
() => request.CreateResponse(System.Net.HttpStatusCode.Unauthorized).AddReason("Authorization header not set").AsTask(),
(why) => request.CreateResponse(System.Net.HttpStatusCode.Unauthorized).AddReason(why).AsTask());
return(result);
}
public static Task <IHttpResponse[]> GetActorIdClaimsAsync(this IHttpRequest request,
string accountIdClaimType,
Func <Guid, System.Security.Claims.Claim[], Task <IHttpResponse[]> > success)
{
var resultGetClaims = request.GetClaims(
(claimsEnumerable) =>
{
var claims = claimsEnumerable.ToArray();
var result = claims.GetAccountIdAsync(
request, accountIdClaimType,
(accountId) => success(accountId, claims));
return(result);
},
() => request.CreateResponse(System.Net.HttpStatusCode.Unauthorized)
.AddReason("Authorization header not set").AsEnumerable().ToArray().AsTask(),
(why) => request.CreateResponse(System.Net.HttpStatusCode.Unauthorized)
.AddReason(why).AsEnumerable().ToArray().AsTask());
return(resultGetClaims);
}
public static IHttpResponse GetActorIdClaims(this IHttpRequest request,
string accountIdClaimTypeConfigurationSetting,
Func <Guid, System.Security.Claims.Claim[], IHttpResponse> success)
{
var resultGetClaims = request.GetClaims(
(claimsEnumerable) =>
{
var claims = claimsEnumerable.ToArray();
var accountIdClaimType =
ConfigurationManager.AppSettings[accountIdClaimTypeConfigurationSetting];
var result = claims.GetAccountId(
request, accountIdClaimType,
(accountId) => success(accountId, claims));
return(result);
},
() => request.CreateResponse(System.Net.HttpStatusCode.Unauthorized)
.AddReason("Authorization header not set"),
(why) => request.CreateResponse(System.Net.HttpStatusCode.Unauthorized)
.AddReason(why));
return(resultGetClaims);
}
public static Task <IHttpResponse> GetSessionIdClaimsAsync(this IHttpRequest request,
string sessionIdClaimTypeConfigurationSetting,
Func <Guid, System.Security.Claims.Claim[], Task <IHttpResponse> > success)
{
var resultGetClaims = request.GetClaims(
(claimsEnumerable) =>
{
var claims = claimsEnumerable.ToArray();
//var accountIdClaimType =
// ConfigurationManager.AppSettings[sessionIdClaimTypeConfigurationSetting];
var sessionIdClaimType = Auth.ClaimEnableSessionAttribute.Type;
var result = claims.GetSessionIdAsync(
request, sessionIdClaimType,
(sessionId) => success(sessionId, claims));
return(result);
},
() => request.CreateResponse(System.Net.HttpStatusCode.Unauthorized)
.AddReason("Authorization header not set").AsTask(),
(why) => request.CreateResponse(System.Net.HttpStatusCode.Unauthorized)
.AddReason(why).AsTask());
return(resultGetClaims);
}
public static Task <IHttpResponse> GetActorIdClaimsAsync(this IHttpRequest request,
Func <Guid, System.Security.Claims.Claim[], Task <IHttpResponse> > success)
{
var resultGetClaims = request.GetClaims(
(claimsEnumerable) =>
{
var claims = claimsEnumerable.ToArray();
var accountIdClaimType = EastFive.Api.AppSettings.ActorIdClaimType.ConfigurationString(
configValue => configValue,
onUnspecified: (why) => "http://schemas.xmlsoap.org/ws/2009/09/identity/claims/actor");
var result = claims.GetAccountIdAsync(
request, accountIdClaimType,
(accountId) => success(accountId, claims));
return(result);
},
() => request
.CreateResponse(System.Net.HttpStatusCode.Unauthorized)
.AddReason("Authorization header not set").AsTask(),
(why) => request
.CreateResponse(System.Net.HttpStatusCode.Unauthorized)
.AddReason(why).AsTask());
return(resultGetClaims);
}
public Task <IHttpResponse> Instigate(IApplication httpApp,
IHttpRequest request, ParameterInfo parameterInfo,
Func <object, Task <IHttpResponse> > onSuccess)
{
return(request.GetClaims(
(claimsEnumerable) =>
{
var claims = claimsEnumerable.ToArray();
return claims.GetAccountIdMaybe(
request, Auth.ClaimEnableActorAttribute.Type,
(accountIdMaybe) =>
{
var sessionIdClaimType = Auth.ClaimEnableSessionAttribute.Type;
return claims.GetSessionIdAsync(
request, sessionIdClaimType,
(sessionId) =>
{
var token = new SessionToken
{
accountIdMaybe = accountIdMaybe,
sessionId = sessionId,
claims = claims,
};
return onSuccess(token);
});
});
},
() => request
.CreateResponse(HttpStatusCode.Unauthorized)
.AddReason("Authorization header not set.")
.AsTask(),
(why) => request
.CreateResponse(HttpStatusCode.Unauthorized)
.AddReason(why)
.AsTask()));
}
public async Task <IHttpResponse> HandleRouteAsync(Type controllerType, IInvokeResource resourceInvoker,
IApplication httpApp, IHttpRequest routeData,
RouteHandlingDelegate continueExecution)
{
var stopwatch = Stopwatch.StartNew();
var requestId = Guid.NewGuid().ToString("N");
var telemetry = new RequestTelemetry()
{
Id = requestId,
Source = controllerType.Assembly.FullName,
Timestamp = DateTimeOffset.UtcNow,
Url = routeData.GetAbsoluteUri(), // request.RequestUri,
};
#region User / Session
var claims = routeData.GetClaims(
claimsEnumerable => claimsEnumerable.ToArray(),
() => new Claim[] { },
(why) => new Claim[] { });
var sessionIdClaimType = Api.Auth.ClaimEnableSessionAttribute.Type;
var sessionIdMaybe = SessionToken.GetClaimIdMaybe(claims, sessionIdClaimType);
if (sessionIdMaybe.HasValue)
{
telemetry.Context.Session.Id = sessionIdMaybe.Value.ToString().ToUpper();
}
var accountIdClaimType = EastFive.Api.AppSettings.ActorIdClaimType.ConfigurationString(
(accIdCT) => accIdCT,
(why) => default);
if (accountIdClaimType.HasBlackSpace())
{
var accountIdMaybe = SessionToken.GetClaimIdMaybe(claims, accountIdClaimType);
if (accountIdMaybe.HasValue)
{
var accountIdStr = accountIdMaybe.Value.ToString().ToUpper();
telemetry.Context.User.AccountId = accountIdStr;
telemetry.Context.User.AuthenticatedUserId = accountIdStr;
}
}
foreach (var claim in claims.Distinct(claim => claim.Type))
{
telemetry.Properties.Add($"claim[{claim.Type}]", claim.Value);
}
#endregion
routeData.Properties.Add(HttpRequestMessagePropertyRequestTelemetryKey, telemetry);
var response = await continueExecution(controllerType, httpApp, routeData);
telemetry.ResponseCode = response.StatusCode.ToString();
if (response.ReasonPhrase.HasBlackSpace())
{
telemetry.Properties.AddOrReplace("reason_phrase", response.ReasonPhrase);
}
telemetry.Success = response.StatusCode.IsSuccess();
#region Method result identfiers
if (response.Headers.TryGetValue(Middleware.HeaderStatusType, out string[] statusNames))
public Task <IHttpResponse> Instigate(IApplication httpApp,
IHttpRequest request, ParameterInfo parameterInfo,
Func <object, Task <IHttpResponse> > onSuccess)
{
return(request.GetClaims(
(claimsEnumerable) =>
{
return ResponseFromClaimsAsync(claimsEnumerable);
},
() => CreateSessionAsync(),
(why) => CreateSessionAsync()));
Task <IHttpResponse> ResponseFromClaimsAsync(IEnumerable <System.Security.Claims.Claim> claimsEnumerable)
{
var claims = claimsEnumerable.ToArray();
var sessionIdClaimType = EastFive.Api.Auth.ClaimEnableSessionAttribute.Type;
return(claims
.Where(claim => String.Compare(claim.Type, sessionIdClaimType) == 0)
.First(
async(sessionClaim, next) =>
{
if (!Ref <Session> .TryParse(sessionClaim.Value, out IRef <Session> sessionRef))
{
return request.CreateResponse(HttpStatusCode.Unauthorized);
}
return await await sessionRef.StorageGetAsync(
session =>
{
var security = new ImplicitStoredSession
{
claims = claims,
session = sessionRef,
performingAsActorId = claims
.Where(claim => claim.Type == EastFive.Api.Auth.ClaimEnableActorAttribute.Type)
.First(
(claim, next) =>
{
if (Guid.TryParse(claim.Value, out Guid sId))
{
return sId;
}
return default(Guid?);
},
() => default(Guid?)),
};
return onSuccess(security);
},
() => CreateAsync());
},
() => request.CreateResponse(HttpStatusCode.Unauthorized).AsTask()));
}
Task <IHttpResponse> CreateSessionAsync()
{
return(request.ReadCookie("e5-session",
sessionTokenStr =>
{
return sessionTokenStr.GetClaimsFromJwtToken(
claims =>
{
return ResponseFromClaimsAsync(claims);
},
() => CreateAsync(),
(why) => CreateAsync());
},
() =>
{
return CreateAsync();
}));
}
Task <IHttpResponse> CreateAsync()
{
var sessionRef = Ref <Session> .SecureRef();
return(Security.AppSettings.TokenScope.ConfigurationUri(
scope =>
{
var claims = new Dictionary <string, string>
{
{
Api.Auth.ClaimEnableSessionAttribute.Type,
sessionRef.id.ToString("N")
}
};
return Api.Auth.JwtTools.CreateToken(sessionRef.id,
scope, TimeSpan.FromDays(365), claims,
async(tokenNew) =>
{
var session = new Session
{
sessionId = sessionRef,
account = default,
