public async Task PostAuthenticateAsync(PostAuthenticationContext context)
{
foreach (var service in this.services)
{
await service.PostAuthenticateAsync(context);
}
}
public override Task PostAuthenticateAsync(PostAuthenticationContext context)
{
// we're logged in to identity server - but it might be that the application
// requires 2FA.
// if we don't require 2FA, return & continue
var twoFactorRequired = context.SignInMessage.AcrValues.Any(v => v == "2fa");
if (!twoFactorRequired)
{
return(Task.FromResult(0));
}
// we require 2FA
using (var twoFactorTokenService = new TwoFactorTokenService())
{
if (twoFactorTokenService.HasVerifiedTwoFactorCode(context.AuthenticateResult.User.GetSubjectId()))
{
return(Task.FromResult(0));
}
else
{
// the user hasn't inputted a (valid) 2FA code. Generate one, and redirect
twoFactorTokenService.GenerateTwoFactorCodeFor(context.AuthenticateResult.User.GetSubjectId());
context.AuthenticateResult =
new AuthenticateResult("~/twofactorauthentication", context.AuthenticateResult.User.GetSubjectId(),
context.AuthenticateResult.User.GetName(), context.AuthenticateResult.User.Claims);
return(Task.FromResult(0));
}
}
}
private async Task <Tuple <IHttpActionResult, AuthenticateResult> > PostAuthenticateAsync(SignInMessage signInMessage, AuthenticateResult result)
{
if (result.IsPartialSignIn == false)
{
Logger.Info("Calling PostAuthenticateAsync on the user service");
var ctx = new PostAuthenticationContext
{
SignInMessage = signInMessage,
AuthenticateResult = result
};
await userService.PostAuthenticateAsync(ctx);
var authResult = ctx.AuthenticateResult;
if (authResult == null)
{
Logger.Error("user service PostAuthenticateAsync returned a null AuthenticateResult");
return(new Tuple <IHttpActionResult, AuthenticateResult>(RenderErrorPage(), null));
}
if (authResult.IsError)
{
Logger.WarnFormat("user service PostAuthenticateAsync returned an error message: {0}", authResult.ErrorMessage);
return(new Tuple <IHttpActionResult, AuthenticateResult>(RenderErrorPage(authResult.ErrorMessage), null));
}
if (result != authResult)
{
result = authResult;
Logger.Info("user service PostAuthenticateAsync returned a different AuthenticateResult");
}
}
return(new Tuple <IHttpActionResult, AuthenticateResult>(null, result));
}
public override async Task PostAuthenticateAsync(PostAuthenticationContext context)
{
var msg = context.SignInMessage;
await base.PostAuthenticateAsync(context);
var msg2 = context.SignInMessage;
}
public async Task PostAuthenticateAsync(PostAuthenticationContext context)
{
var signInData = Mapper.Map <SignInMessage, SignInData>(context.SignInMessage);
var authenticationResult = Mapper.Map <AuthenticateResult, AuthenticationResult>(context.AuthenticateResult);
var result = await domainService.PostAuthenticateAsync(signInData, authenticationResult);
context.AuthenticateResult = Mapper.Map <AuthenticationResult, AuthenticateResult>(result);
}
public async override Task PostAuthenticateAsync(PostAuthenticationContext context)
{
PostAuthenticateWasCalled = true;
if (OnPostAuthenticate != null)
{
await OnPostAuthenticate(context);
}
else
{
await base.PostAuthenticateAsync(context);
}
}
public override async Task PostAuthenticateAsync(PostAuthenticationContext context)
{
var twoFactorRequired = await IsTwoFactorAuthenticationRequiredAsync(context);
if (!twoFactorRequired)
{
return;
}
var authenticatedUser = context.AuthenticateResult.User;
PerformTwoFactorAuthentication(context, authenticatedUser);
}
public Task PostAuthenticateAsync(PostAuthenticationContext context)
{
Logger.Debug("PostAuthenticateAsync:" + JsonConvert.SerializeObject(context, new JsonSerializerSettings()
{
ReferenceLoopHandling = ReferenceLoopHandling.Ignore
}));
if (context.SignInMessage != null && !string.IsNullOrEmpty(context.SignInMessage.ClientId))
{
var us = UserServiceFinder.Get(context.SignInMessage.ClientId);
if (us != null)
{
return(us.PostAuthenticateAsync(context));
}
}
return(Task.FromResult(0));
}
private static void PerformTwoFactorAuthentication(PostAuthenticationContext context,
ClaimsPrincipal authenticatedUser)
{
var twoFactorTokenService = new TwoFactorTokenService();
if (twoFactorTokenService.HasVerifiedTwoFactorCode(authenticatedUser.GetSubjectId()))
{
return;
}
twoFactorTokenService.GenerateTwoFactorCodeFor(authenticatedUser.GetSubjectId());
context.AuthenticateResult =
new AuthenticateResult("~/twofactorauthentication", authenticatedUser.GetSubjectId(),
authenticatedUser.GetName(), authenticatedUser.Claims);
}
private async Task <Tuple <IHttpActionResult, AuthenticateResult> > PostAuthenticateAsync(SignInMessage signInMessage, string signInMessageId, AuthenticateResult result)
{
if (result.IsPartialSignIn == false)
{
Logger.Info("Calling PostAuthenticateAsync on the user service");
var ctx = new PostAuthenticationContext
{
SignInMessage = signInMessage,
AuthenticateResult = result
};
await userService.PostAuthenticateAsync(ctx);
var authResult = ctx.AuthenticateResult;
if (authResult == null)
{
Logger.Error("user service PostAuthenticateAsync returned a null AuthenticateResult");
return(new Tuple <IHttpActionResult, AuthenticateResult>(RenderErrorPage(), null));
}
if (authResult.IsError)
{
Logger.WarnFormat("user service PostAuthenticateAsync returned an error message: {0}", authResult.ErrorMessage);
if (ctx.ShowLoginPageOnErrorResult)
{
Logger.Debug("ShowLoginPageOnErrorResult set to true, showing login page with error");
return(new Tuple <IHttpActionResult, AuthenticateResult>(await RenderLoginPage(signInMessage, signInMessageId, authResult.ErrorMessage), null));
}
else
{
Logger.Debug("ShowLoginPageOnErrorResult set to false, showing error page with error");
return(new Tuple <IHttpActionResult, AuthenticateResult>(RenderErrorPage(authResult.ErrorMessage), null));
}
}
if (result != authResult)
{
result = authResult;
Logger.Info("user service PostAuthenticateAsync returned a different AuthenticateResult");
}
}
return(new Tuple <IHttpActionResult, AuthenticateResult>(null, result));
}
public override Task PostAuthenticateAsync(PostAuthenticationContext context)
{
return(base.PostAuthenticateAsync(context));
}
public sealed override Task PostAuthenticateAsync(PostAuthenticationContext context)
{
return(PostAuthenticateAsync(context, CurrentCancellationToken));
}
private Task <bool> IsTwoFactorAuthenticationRequiredAsync(PostAuthenticationContext context)
{
var twoFactorRequired = context.SignInMessage.AcrValues.Any(v => v == "2fa");
return(Task.FromResult(twoFactorRequired));
}
public override async Task PostAuthenticateAsync(PostAuthenticationContext context)
{
base.PostAuthenticateAsync(context);
}
public override Task PostAuthenticateAsync(PostAuthenticationContext context)
{
return(Task.FromResult(0));
}
public async Task PostAuthenticateAsync(PostAuthenticationContext context)
{
await this.inMemoryUserService.PostAuthenticateAsync(context);
}
public async Task PostAuthenticateAsync(PostAuthenticationContext context)
{
}
/// <summary>
/// This method is called prior to the user being issued a login cookie for IdentityServer.
/// </summary>
/// <param name="context">The context.</param>
/// <returns></returns>
public virtual Task PostAuthenticateAsync(PostAuthenticationContext context)
{
return(Task.FromResult(0));
}
public sealed override Task PostAuthenticateAsync(PostAuthenticationContext context)
{
return(PostAuthenticateAsync(context, OwinContext.Request.CallCancelled));
}
/// <summary>
/// This method is called prior to the user being issued a login cookie for IdentityServer.
/// </summary>
/// <param name="context">The context.</param>
/// <returns></returns>
public Task PostAuthenticateAsync(PostAuthenticationContext context)
{
return(inner.PostAuthenticateAsync(context));
}
public Task PostAuthenticateAsync(PostAuthenticationContext context)
{
throw new NotImplementedException();
}
public virtual Task PostAuthenticateAsync(PostAuthenticationContext context, CancellationToken cancellationToken)
{
return(base.PostAuthenticateAsync(context));
}
public Task PostAuthenticateAsync(PostAuthenticationContext context)
{
return(Task.FromResult(true));
}
