public static GssapiSecurityCredential Acquire(string username, SecureString password)
{
var gssName = IntPtr.Zero;
try
{
using (var nameBuffer = new GssInputBuffer(username))
{
uint minorStatus, majorStatus;
majorStatus = NativeMethods.gss_import_name(out minorStatus, nameBuffer, in Oid.GSS_C_NT_USER_NAME, out gssName);
Gss.ThrowIfError(majorStatus, minorStatus);
GssapiSecurityCredential securityCredential;
if (password != null)
{
using (var passwordBuffer = new GssInputBuffer(SecureStringHelper.ToInsecureString(password)))
{
majorStatus = NativeMethods.gss_acquire_cred_with_password(out minorStatus, gssName, passwordBuffer, uint.MaxValue, IntPtr.Zero, GssCredentialUsage.GSS_C_INITIATE, out securityCredential, IntPtr.Zero, out uint _);
}
}
else
{
majorStatus = NativeMethods.gss_acquire_cred(out minorStatus, gssName, uint.MaxValue, IntPtr.Zero, GssCredentialUsage.GSS_C_INITIATE, out securityCredential, IntPtr.Zero, out uint _);
}
Gss.ThrowIfError(majorStatus, minorStatus);
return(securityCredential);
}
}
finally
{
if (gssName != IntPtr.Zero)
{
_ = NativeMethods.gss_release_name(out _, gssName);
}
}
}
// methods
/// <summary>
/// Gets the password (converts the password from a SecureString to a regular string).
/// </summary>
/// <returns>The password.</returns>
public string GetInsecurePassword()
{
return(SecureStringHelper.ToInsecureString(_password));
}
public async Task <bool> Login()
{
bool loggedIn = false;
try
{
if (IsLoggedIn)
{
return(loggedIn);
}
Cookies = new CookieContainer();
var jsonSer = new JavaScriptSerializer();
var jsonParams = new Dictionary <string, object>();
jsonParams.Add("username", UserName);
jsonParams.Add("password", SecureStringHelper.ToInsecureString(Password));
var currentCommand = jsonSer.Serialize(jsonParams);
jsonParams.Clear();
// Create the request and setup for the post.
var strRequest = string.Format("{0}api/login", Server);
var httpWebRequest = (HttpWebRequest)WebRequest.Create(strRequest);
httpWebRequest.ContentType = "application/json;charset=UTF-8";
httpWebRequest.Accept = "application/json";
httpWebRequest.Method = WebRequestMethods.Http.Post;
httpWebRequest.ServicePoint.Expect100Continue = false;
httpWebRequest.CookieContainer = Cookies;
// Set the callback to handle the post of data.
var postStream = await httpWebRequest.GetRequestStreamAsync();
var byteArray = Encoding.UTF8.GetBytes(currentCommand);
// Write to the request stream.
await postStream.WriteAsync(byteArray, 0, byteArray.Length);
await postStream.FlushAsync();
postStream.Close();
// Now read the reponse and process the data.
var httpResponse = (HttpWebResponse)await httpWebRequest.GetResponseAsync();
using (var streamReader = new StreamReader(httpResponse.GetResponseStream()))
{
string responseText = await streamReader.ReadToEndAsync();
jsonParams = jsonSer.Deserialize <Dictionary <string, object> >(responseText);
if (!jsonParams.ContainsKey("data"))
{
loggedIn = false;
}
else
{
IsLoggedIn = true;
loggedIn = true;
}
}
}
catch (Exception ex)
{
if (System.Diagnostics.Debugger.IsAttached)
{
System.Diagnostics.Trace.WriteLine(ex);
}
throw;
}
return(loggedIn);
}
// internal methods
internal IAuthenticator ToAuthenticator()
{
var passwordEvidence = _evidence as PasswordEvidence;
if (passwordEvidence != null)
{
var insecurePassword = SecureStringHelper.ToInsecureString(passwordEvidence.SecurePassword);
var credential = new UsernamePasswordCredential(
_identity.Source,
_identity.Username,
insecurePassword);
if (_mechanism == null)
{
return(new DefaultAuthenticator(credential));
}
#pragma warning disable 618
if (_mechanism == MongoDBCRAuthenticator.MechanismName)
{
return(new MongoDBCRAuthenticator(credential));
#pragma warning restore 618
}
if (_mechanism == ScramSha1Authenticator.MechanismName)
{
return(new ScramSha1Authenticator(credential));
}
if (_mechanism == ScramSha256Authenticator.MechanismName)
{
return(new ScramSha256Authenticator(credential));
}
if (_mechanism == PlainAuthenticator.MechanismName)
{
return(new PlainAuthenticator(credential));
}
if (_mechanism == GssapiAuthenticator.MechanismName)
{
return(new GssapiAuthenticator(
credential,
_mechanismProperties.Select(x => new KeyValuePair <string, string>(x.Key, x.Value.ToString()))));
}
if (_mechanism == MongoAWSAuthenticator.MechanismName)
{
return(new MongoAWSAuthenticator(
credential,
_mechanismProperties.Select(x => new KeyValuePair <string, string>(x.Key, x.Value.ToString()))));
}
}
else if (_identity.Source == "$external" && _evidence is ExternalEvidence)
{
if (_mechanism == MongoDBX509Authenticator.MechanismName)
{
return(new MongoDBX509Authenticator(_identity.Username));
}
if (_mechanism == GssapiAuthenticator.MechanismName)
{
return(new GssapiAuthenticator(
_identity.Username,
_mechanismProperties.Select(x => new KeyValuePair <string, string>(x.Key, x.Value.ToString()))));
}
if (_mechanism == MongoAWSAuthenticator.MechanismName)
{
return(new MongoAWSAuthenticator(
_identity.Username,
_mechanismProperties.Select(x => new KeyValuePair <string, string>(x.Key, x.Value.ToString()))));
}
}
throw new NotSupportedException("Unable to create an authenticator.");
}
