Example #1
0
 private static void LoginWithUsernamePassword(AuthenticationHeaderValue credentials, SecurityTokenHandlerCollection handlers, HttpApplication context)
 {
     try
     {
         var           cred             = EncodingFactory.ReadFileText(Convert.FromBase64String(credentials.Parameter));
         var           separator        = cred.IndexOf(':');
         var           name             = cred.Substring(0, separator);
         var           password         = cred.Substring(separator + 1);
         var           manager          = new TokenManager(GetServiceName(context), name, password);
         SecurityToken token            = null;
         var           xmlSecurityToken = manager.GetToken(HttpContext.Current.Request.Url.ToString()) as GenericXmlSecurityToken;
         if (xmlSecurityToken != null)
         {
             token = handlers.ReadToken(new XmlTextReader(new StringReader(xmlSecurityToken.TokenXml.OuterXml)));
         }
         var securityToken = handlers.ValidateToken(token);
         var principal     = new ClaimsPrincipal(securityToken);
         var identity      = principal.Identity as ClaimsIdentity;
         if (identity != null)
         {
             identity.BootstrapContext = new BootstrapContext(xmlSecurityToken.TokenXml.OuterXml);
         }
         Thread.CurrentPrincipal = principal;
         context.Context.User    = principal;
         var sessionToken = new SessionSecurityToken(principal);
         FederatedAuthentication.SessionAuthenticationModule.WriteSessionTokenToCookie(sessionToken);
     }
     catch (Exception)
     {
         context.Response.AppendHeader("X-InvalidCredentials", "basic");
         throw;
     }
 }
        public bool ValidateUser(string userId, string password, out SessionSecurityToken sessionToken)
        {
            // authenticate with WS-Trust endpoint
            var factory = new WSTrustChannelFactory(
                new UserNameWSTrustBinding(SecurityMode.TransportWithMessageCredential),
                new EndpointAddress("https://localhost/ActiveSTS/SecurityTokenService.svc"));

            factory.Credentials.SupportInteractive = false;
            factory.Credentials.UserName.UserName = userId;
            factory.Credentials.UserName.Password = password;

            var rst = new RequestSecurityToken
            {
                RequestType = RequestTypes.Issue,
                AppliesTo = new EndpointAddress("https://localhost/stsclient/"),
                KeyType = KeyTypes.Bearer,
                TokenType = Microsoft.IdentityModel.Tokens.SecurityTokenTypes.Saml11TokenProfile11,
            };

            var channel = factory.CreateChannel();

            var genericToken = channel.Issue(rst) as System.IdentityModel.Tokens.GenericXmlSecurityToken;

            // parse token
            var handlers = FederatedAuthentication.ServiceConfiguration.SecurityTokenHandlers;
            var token = handlers.ReadToken(new XmlTextReader(new StringReader(genericToken.TokenXml.OuterXml)));
            var identity = handlers.ValidateToken(token).First();

            // create session token
            sessionToken = new SessionSecurityToken(ClaimsPrincipal.CreateFromIdentity(identity));
            return true;
        }
        public static void SignInOrOutSessionAuthenticationModule(this CommandResult commandResult)
        {
            if (commandResult == null)
            {
                throw new ArgumentNullException(nameof(commandResult));
            }

            // Ignore this if we're not running inside IIS, e.g. in unit tests.
            if (commandResult.Principal != null && HttpContext.Current != null)
            {
                var sessionToken = new SessionSecurityToken(
                    commandResult.Principal,
                    null,
                    DateTime.UtcNow,
                    commandResult.SessionNotOnOrAfter ??
                    CalculateSessionNotOnOrAfter());

                EnsureSessionAuthenticationModuleAvailable();

                FederatedAuthentication.SessionAuthenticationModule
                .AuthenticateSessionSecurityToken(sessionToken, true);
            }
            if (commandResult.TerminateLocalSession && HttpContext.Current != null)
            {
                EnsureSessionAuthenticationModuleAvailable();

                FederatedAuthentication.SessionAuthenticationModule.DeleteSessionTokenCookie();
            }
        }
        public static SessionSecurityToken GetSessionSecurityToken(
            this WSFederationAuthenticationModule fam,
            HttpContext context,
            out string identityProvider,
            out string userName,
            out string email,
            out string displayName,
            string emailClaimType            = DefaultEmailClaimType,
            string displayNameClaimType      = DefaultDisplayNameClaimType,
            string identityProviderClaimType = DefaultIdentityProviderClaimType)
        {
            var principal            = fam.GetClaimsPrincipal(context);
            var sessionSecurityToken = new SessionSecurityToken(principal);

            userName = principal.Identity.Name;

            Func <string, string> find = claimType => !string.IsNullOrWhiteSpace(claimType)
                                ? principal.Identities
                                         .SelectMany(identity => identity.Claims)
                                         .Where(claim => string.Equals(claim.ClaimType, claimType, StringComparison.OrdinalIgnoreCase))
                                         .Select(claim => claim.Value)
                                         .FirstOrDefault()
                                : null;

            identityProvider = find(identityProviderClaimType);
            email            = find(emailClaimType);
            displayName      = find(displayNameClaimType);

            return(sessionSecurityToken);
        }
        public void Login(User user)
        {
            var claims = new List <Claim>(new[]
            {
                new Claim(ClaimTypes.NameIdentifier, user.Username),
                new Claim(ClaimTypes.Name, user.Name)
            });

            if (!string.IsNullOrWhiteSpace(user.Email))
            {
                claims.Add(new Claim(ClaimTypes.Email, user.Email));
            }

            claims.AddRange(user.Roles.Select(role => new Claim(ClaimTypes.Role, role.Name)));

            var identity  = new ClaimsIdentity(claims, "Forms");
            var principal = new ClaimsPrincipal(identity);

            var sessionToken         = new SessionSecurityToken(principal);
            var authenticationModule = FederatedAuthentication.SessionAuthenticationModule;

            // Persist the authentication cookie.
            authenticationModule.WriteSessionTokenToCookie(sessionToken);

            // Set the current user for the current request
            Thread.CurrentPrincipal = principal;
        }
        public ActionResult SignIn(string returnUrl)
        {
            // Build claims collection based on valid username
            var claims = new List<Claim>
                    {
                        new Claim(ClaimTypes.Name, "Chuck Norris"),
                        new Claim(ClaimTypes.Email, "*****@*****.**"),
                        new Claim(ClaimTypes.AuthenticationMethod, AuthenticationMethods.Password),
                        AuthenticationInstantClaim.Now
                    };

            // Create and authenticate principal
            var claimsPrincipal = ClaimsPrincipal.CreateFromIdentity(new ClaimsIdentity(claims));
            var principal = FederatedAuthentication.ServiceConfiguration.ClaimsAuthenticationManager.Authenticate(string.Empty, claimsPrincipal);
            var transformedPrincipal = FederatedAuthentication.ServiceConfiguration.ClaimsAuthenticationManager.Authenticate(HttpContext.Request.Url.AbsoluteUri, principal);

            // Create session token
            var sessionToken = new SessionSecurityToken(transformedPrincipal, Configuration.PersistentSessionLength)
            {
                IsPersistent = false
            };
            FederatedAuthentication.SessionAuthenticationModule.WriteSessionTokenToCookie(sessionToken);

            // Redirect
            var result = !String.IsNullOrWhiteSpace(returnUrl) ?
                Redirect(returnUrl) :
                Redirect(Configuration.DefaultApplicationUrl);

            return result;
        }
Example #7
0
        public ActionResult Index(string token)
        {
            try
            {
                var validationParameters = new TokenValidationParameters
                {
                    IssuerSigningToken = new BinarySecretSecurityToken(
                        TextEncodings.Base64Url.Decode(ConfigurationManager.AppSettings["auth0:ClientSecret"])),
                    ValidIssuer   = ConfigurationManager.AppSettings["auth0:Domain"],
                    ValidAudience = ConfigurationManager.AppSettings["auth0:ClientId"]
                };

                var             handler = new JwtSecurityTokenHandler();
                SecurityToken   securityToken;
                ClaimsPrincipal principal = handler.ValidateToken(token, validationParameters, out securityToken);
                ClaimsIdentity  identity  = principal.Identity as ClaimsIdentity;
                identity.AddClaim(new Claim("http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider", "Auth0"));
                identity.AddClaim(new Claim(ClaimTypes.Name, identity.FindFirst(ClaimTypes.Email).Value));

                var sessionToken = new SessionSecurityToken(principal, TimeSpan.FromMinutes(15));
                FederatedAuthentication.SessionAuthenticationModule.WriteSessionTokenToCookie(sessionToken);

                return(RedirectToAction("Change"));
            }
            catch (Exception ex)
            {
                return(RedirectToAction("Unauthorized"));
            }
        }
Example #8
0
        private DbCommand CreateInsertCommand(DbConnection connection, SessionSecurityTokenCacheKey key,
                                              SessionSecurityToken value, DateTime expiryTime)
        {
            DbCommand command = connection.CreateCommand();

            DbParameter keyParameter = command.CreateParameter();

            keyParameter.DbType        = DbType.StringFixedLength;
            keyParameter.ParameterName = "@pKey";
            keyParameter.Value         = GenerateCompositeCacheKey(key);

            DbParameter valueParameter = command.CreateParameter();

            valueParameter.DbType        = DbType.StringFixedLength;
            valueParameter.ParameterName = "@pValue";
            valueParameter.Value         = Serialize(expiryTime, value);

            DbParameter addedParameter = command.CreateParameter();

            addedParameter.DbType        = DbType.DateTime;
            addedParameter.ParameterName = "@pAdded";
            addedParameter.Value         = DateTime.Now;

            command.CommandText = string.Format(
                "INSERT INTO {0} ([Id], [SecurityTokenSerialized], [TimeStamp]) VALUES (@pKey, @pValue, @pAdded)",
                CookieTableName);

            command.Parameters.AddRange(new[] { keyParameter, valueParameter, addedParameter });
            Log.DebugFormat("Created command: {0}", command.CommandText);
            Log.DebugFormat("Parameters: Id:'{0}' Timestamp:'{1}' SecurityTokenSerialized:'{2}'", keyParameter.Value,
                            valueParameter.Value, addedParameter.Value);

            return(command);
        }
Example #9
0
        public override void AddOrUpdate(SessionSecurityTokenCacheKey key, SessionSecurityToken value, DateTime expiryTime)
        {
            string         tokenId        = null;
            ApiHelperAsync helper         = new ApiHelperAsync(_httpClient);
            var            claimsIdentity = Thread.CurrentPrincipal.Identity as ClaimsIdentity;

            if (claimsIdentity != null && claimsIdentity.BootstrapContext != null)
            {
                var bootstrap = claimsIdentity.BootstrapContext as BootstrapContext;
                if (bootstrap != null && bootstrap.SecurityToken != null)
                {
                    tokenId = bootstrap.SecurityToken.Id;
                }
            }
            if (tokenId == null || value == null)
            {
                return;
            }
            var res = helper.AddOrUpdate(new SessionCacheEntry()
            {
                EndpointId                = key.EndpointId,
                ContextId                 = GetContextIdString(key),
                KeyGeneration             = GetKeyGenerationString(key),
                ExpiryTime                = expiryTime,
                SessionSecurityTokenValue = value,
                UserName = Thread.CurrentPrincipal.Identity.Name,
                SessionSecurityTokenID = tokenId
            });

            if (res)
            {
                _internalCache.AddOrUpdate(key, value, expiryTime);
            }
        }
        public virtual bool Login(string userName, IEnumerable <Claim> claims)
        {
            Assert.ArgumentNotNullOrEmpty(userName, "userName");
            SessionSecurityToken sessionToken;

            if (!FederatedAuthentication.SessionAuthenticationModule.TryReadSessionTokenFromCookie(out sessionToken))
            {
                // if current user is not claims principal create one from user instance

                var filteredClaims = claims.Where(c => (c.Type != ClaimTypes.Name || c.Type != ClaimTypes.NameIdentifier || c.Type != IdentityProvider));
                var claimsList     = filteredClaims.ToList();
                claimsList.AddRange(new[]
                {
                    new Claim(ClaimTypes.Name, Globalize(Context.Domain.Name, userName)),
                    new Claim(ClaimTypes.NameIdentifier, Globalize(Context.Domain.Name, userName))
                });

                claimsList.Add(new Claim(IdentityProvider, claims.FirstOrDefault(c => c.Type == IdentityProvider || c.Type == "idp")?.Value ?? "Unknown"));

                var id = new ClaimsIdentity(claimsList, "Forms");
                var claimsPrincipal = new ClaimsPrincipal(id);

                var token = new SessionSecurityToken(claimsPrincipal);
                var sam   = FederatedAuthentication.SessionAuthenticationModule;
                sam.WriteSessionTokenToCookie(token);
            }

            return(true);
        }
Example #11
0
        public static void SignInOrOutSessionAuthenticationModule(this CommandResult commandResult)
        {
            if (commandResult == null)
            {
                throw new ArgumentNullException(nameof(commandResult));
            }

            // Ignore this if we're not running inside IIS, e.g. in unit tests.
            if (commandResult.Principal != null && HttpContext.Current != null)
            {
                var sessionToken = new SessionSecurityToken(commandResult.Principal);

                if (FederatedAuthentication.SessionAuthenticationModule == null)
                {
                    throw new InvalidOperationException(
                              "FederatedAuthentication.SessionAuthenticationModule is null, make sure you have loaded the SessionAuthenticationModule in web.config. " +
                              "See https://github.com/KentorIT/authservices/blob/master/doc/Configuration.md#loading-modules");
                }

                FederatedAuthentication.SessionAuthenticationModule
                .AuthenticateSessionSecurityToken(sessionToken, true);
            }
            if (commandResult.TerminateLocalSession && HttpContext.Current != null)
            {
                if (FederatedAuthentication.SessionAuthenticationModule == null)
                {
                    throw new InvalidOperationException(
                              "FederatedAuthentication.SessionAuthenticationModule is null, make sure you have loaded the SessionAuthenticationModule in web.config. " +
                              "See https://github.com/KentorIT/authservices/blob/master/doc/Configuration.md#loading-modules");
                }

                FederatedAuthentication.SessionAuthenticationModule.DeleteSessionTokenCookie();
            }
        }
Example #12
0
        public void OnAuthentication(System.Web.Mvc.Filters.AuthenticationContext filterContext)
        {
            SessionSecurityToken sst = null;

            try
            {
                if (FederatedAuthentication.SessionAuthenticationModule.TryReadSessionTokenFromCookie(out sst))
                {
                    var ticketClaim = sst.ClaimsPrincipal.Claims.FirstOrDefault(c => c.Type == "token");

                    // validate that the cookie wasn't expired
                    if (ticketClaim != null && !IsExpired(ticketClaim.Value))
                    {
                        filterContext.Principal = sst.ClaimsPrincipal;

                        if (BaseController.CurrentUser == null)
                        {
                            var token = (sst.ClaimsPrincipal.Identity as ClaimsIdentity).FindFirst("token")?.Value;
                            BaseController.CurrentUser = AuthProviderHost.PrimaryAuthProvider.GetAccount(token, null);
                        }
                    }
                    else
                    {
                        // clear the cookie so we don't have to do this every time
                        SignOut();
                    }
                }
            }
            catch
            {
                // unfortunately, "TryReadSession" throws.  often.
            }
        }
Example #13
0
        public async Task <ActionResult> Callback()
        {
            var result = await OAuth2Client.Instance.ProcessCallbackAsync();

            if (result.Error != null)
            {
                return(Content(result.Error + "<br>" + result.ErrorDetails));
            }

            var sam = FederatedAuthentication.SessionAuthenticationModule;

            if (sam == null)
            {
                throw new Exception("SessionAuthenticationModule not registered.");
            }

            var cp = new ClaimsPrincipal(new ClaimsIdentity(result.Claims, "OAuth"));

            var id = cp.Identities.First();
            var authInstantClaim = new Claim(ClaimTypes.AuthenticationInstant, DateTime.UtcNow.ToString("s"));

            id.AddClaim(authInstantClaim);
            var idpClaim = new Claim(Constants.ClaimTypes.IdentityProvider, result.ProviderName);

            id.AddClaim(idpClaim);

            var token = new SessionSecurityToken(cp);

            sam.WriteSessionTokenToCookie(token);

            return(RedirectToAction("Index"));
        }
        public async Task <ActionResult> Callback()
        {
            var result = await OAuth2Client.Instance.ProcessCallbackAsync();

            if (result.Error != null)
            {
                return(Content(result.Error + "<br>" + result.ErrorDetails));
            }

            var sam = FederatedAuthentication.SessionAuthenticationModule;

            if (sam != null)
            {
                var cp          = new ClaimsPrincipal(new ClaimsIdentity(result.Claims, "OAuth"));
                var transformer = FederatedAuthentication.FederationConfiguration.IdentityConfiguration.ClaimsAuthenticationManager;
                if (transformer != null)
                {
                    cp = transformer.Authenticate(String.Empty, cp);
                }
                var token = new SessionSecurityToken(cp);
                sam.WriteSessionTokenToCookie(token);
            }

            return(Redirect(result.ReturnUrl));
        }
Example #15
0
 internal static string Serialize(this SessionSecurityToken sessionSecurityToken, Newtonsoft.Json.JsonSerializerSettings settings)
 {
     if (sessionSecurityToken == null)
     {
         return(null);
     }
     return(JsonConvert.SerializeObject(sessionSecurityToken, settings).ToString());
 }
Example #16
0
 public override void UpdateTokenInStore(SessionSecurityTokenCacheKey key, SessionSecurityToken value, DateTime expiryTime)
 {
     if (m_Lookup.ContainsKey(key))
     {
         m_Lookup.Remove(key);
     }
     m_Lookup.Add(key, new Tuple <DateTime, SessionSecurityToken>(expiryTime, value));
 }
 byte[] TokenToBytes(SessionSecurityToken token)
 {
     if (token == null) return null;
     
     var bytes = serializer.Serialize(token);
     var str = MachineKey.Encode(bytes, MachineKeyProtection.All);
     return System.Text.Encoding.UTF8.GetBytes(str);
 }
        /// <summary>
        /// Save user state to cookie
        /// </summary>
        /// <param name="user">User to save to cookie</param>
        /// <returns></returns>
        private static ClaimsPrincipal SaveToCookie(ClaimsIdentity user)
        {
            var claimsPrincipal      = new ClaimsPrincipal(user);
            var sessionSecurityToken = new SessionSecurityToken(claimsPrincipal, TimeSpan.FromDays(365));

            FederatedAuthentication.SessionAuthenticationModule.WriteSessionTokenToCookie(sessionSecurityToken);
            return(claimsPrincipal);
        }
            void WriteSessionToken(XmlWriter writer, SessionSecurityToken sessionToken)
            {
                SessionSecurityTokenHandler ssth = GetOrCreateSessionSecurityTokenHandler();

                XmlDictionaryWriter dictionaryWriter = XmlDictionaryWriter.CreateDictionaryWriter(writer);

                ssth.WriteToken(dictionaryWriter, sessionToken);
            }
Example #20
0
 private void CreateSession(ClaimsPrincipal transformedPrincipal)
 {
     if (transformedPrincipal != null)
     {
         var sessionSecurityToken = new SessionSecurityToken(transformedPrincipal, TimeSpan.FromHours(24));
         FederatedAuthentication.SessionAuthenticationModule.WriteSessionTokenToCookie(sessionSecurityToken);
     }
 }
Example #21
0
 private void EstablishSession(ClaimsPrincipal principal)
 {
     if (FederatedAuthentication.SessionAuthenticationModule != null)
     {
         var sessionToken = new SessionSecurityToken(principal);
         FederatedAuthentication.SessionAuthenticationModule.WriteSessionTokenToCookie(sessionToken);
     }
 }
Example #22
0
 //public override bool TryAddEntry(object key, SecurityToken value)
 public override void AddOrUpdate(SessionSecurityTokenCacheKey key, SessionSecurityToken value, DateTime expiryTime)
 {
     Log.DebugFormat("Key: {0} Value: {1} Expiry: {2}", key, value.Id, expiryTime);
     Log.DebugFormat("Adding or updating in memory cache");
     m_MemoryCache.AddOrUpdate(key, value, expiryTime);
     Log.DebugFormat("Adding or updating in persistent store");
     m_SessionSecurityTokenStore.UpdateTokenInStore(key, value, expiryTime);
 }
Example #23
0
        private void EstablishSession(ClaimsPrincipal principal)
        {
            var sessionToken = new SessionSecurityToken(principal, TimeSpan.FromHours(8));

            // cache on server
            //sessionToken.IsReferenceMode = true;

            FederatedAuthentication.SessionAuthenticationModule.WriteSessionTokenToCookie(sessionToken);
        }
Example #24
0
        public void OnAuthentication(System.Web.Mvc.Filters.AuthenticationContext filterContext)
        {
            SessionSecurityToken sst = null;

            if (FederatedAuthentication.SessionAuthenticationModule.TryReadSessionTokenFromCookie(out sst))
            {
                filterContext.Principal = sst.ClaimsPrincipal;
            }
        }
Example #25
0
        private bool HandleResponseMessage()
        {
            try
            {
                var responseMessage = FederationAuthenticationModule.GetSignInResponseMessage(new HttpRequestWrapper(this.Context.Request));
                if (responseMessage != null)
                {
                    string xmlTokenFromMessage = this.FederationAuthenticationModule.GetXmlTokenFromMessage(responseMessage, null);

                    FederationConfiguration serviceConfiguration = this.FederationAuthenticationModule.FederationConfiguration;
                    //ServiceConfiguration serviceConfiguration       = CUFSSecurityTokenServiceConfiguration.Current;
                    FederationPassiveTokenReceiver tokenReceiver = new FederationPassiveTokenReceiver(serviceConfiguration);
                    SecurityToken securityToken = tokenReceiver.ReadToken(xmlTokenFromMessage);

                    SecurityTokenReceivedEventArgs securityTokenReceivedEventArgs = new SecurityTokenReceivedEventArgs(securityToken);
                    this.OnSecurityTokenReceived(securityTokenReceivedEventArgs);

                    if (!securityTokenReceivedEventArgs.Cancel)
                    {
                        ClaimsPrincipal claimsPrincipal = tokenReceiver.AuthenticateToken(securityTokenReceivedEventArgs.SecurityToken, true, HttpContext.Current.Request.RawUrl);
                        if (claimsPrincipal != null)
                        {
                            SecurityTokenValidatedEventArgs securityTokenValidatedEventArgs = new SecurityTokenValidatedEventArgs(claimsPrincipal);
                            this.OnSecurityTokenValidated(securityTokenValidatedEventArgs);
                            if (!securityTokenValidatedEventArgs.Cancel)
                            {
                                SessionAuthenticationModule current = FederatedAuthentication.SessionAuthenticationModule;

                                DateTime validFrom;
                                DateTime validTo;

                                tokenReceiver.ComputeSessionTokenLifeTime(securityTokenReceivedEventArgs.SecurityToken, out validFrom, out validTo);
                                SessionSecurityToken sessionToken = current.CreateSessionSecurityToken(securityTokenValidatedEventArgs.ClaimsPrincipal, this.GetSessionTokenContext(), validFrom, validTo, false);

                                SessionSecurityTokenCreatedEventArgs sessionSecurityTokenCreatedEventArgs = new SessionSecurityTokenCreatedEventArgs(sessionToken);
                                sessionSecurityTokenCreatedEventArgs.WriteSessionCookie = true;

                                this.OnSessionSecurityTokenCreated(sessionSecurityTokenCreatedEventArgs);

                                this.FederationAuthenticationModule.SetPrincipalAndWriteSessionToken(sessionSecurityTokenCreatedEventArgs.SessionToken, sessionSecurityTokenCreatedEventArgs.WriteSessionCookie);

                                this.OnSignedIn(EventArgs.Empty);

                                return(true);
                            }
                        }
                    }
                }

                return(false);
            }
            catch (Exception ex)
            {
                this.ErrorText = ex.Message;
                return(false);
            }
        }
        private void CreateSession(ClaimsPrincipal transformedPrincipal)
        {
            SessionSecurityToken sessionSecurityToken = new SessionSecurityToken(transformedPrincipal, TimeSpan.FromHours(8));

            sessionSecurityToken.IsPersistent    = false;
            sessionSecurityToken.IsReferenceMode = true;
            FederatedAuthentication.SessionAuthenticationModule.WriteSessionTokenToCookie(sessionSecurityToken);
            FederatedAuthentication.SessionAuthenticationModule.SessionSecurityTokenReceived += SessionAuthenticationModule_SessionSecurityTokenReceived;
        }
Example #27
0
        private static void SessionTokenDemo()
        {
            var sessionToken = new SessionSecurityToken(_windowsPrincipal, TimeSpan.FromHours(8));

            // This would occur in ASP.NET ...
            //FederatedAuthentication.SessionAuthenticationModule.WriteSessionTokenToCookie(sessionToken);

            System.Console.WriteLine("Session Token ID: " + sessionToken.Id);
        }
Example #28
0
        private static void SerializeClaimsToCookie(ClaimsPrincipal transformedClaimsPrincipal)
        {
            var sessionSecurityToken = new SessionSecurityToken(
                transformedClaimsPrincipal,
                TimeSpan.FromMinutes(30));

            var sessionAuthenticationModule = GetSessionAuthenticationModule();

            sessionAuthenticationModule.WriteSessionTokenToCookie(sessionSecurityToken);
        }
Example #29
0
        private static void ApplyPrincipal(CommandResult commandResult)
        {
            if (commandResult.Principal != null)
            {
                var sessionToken = new SessionSecurityToken(commandResult.Principal);

                FederatedAuthentication.SessionAuthenticationModule
                .AuthenticateSessionSecurityToken(sessionToken, true);
            }
        }
Example #30
0
        public void SetSessionToken(string userName, string authenticationMethod, bool isPersistent, int ttl, IEnumerable <Claim> additionalClaims = null)
        {
            var principal = CreatePrincipal(userName, authenticationMethod, additionalClaims);

            var sessionToken = new SessionSecurityToken(principal, TimeSpan.FromHours(ttl))
            {
                IsPersistent = isPersistent
            };

            FederatedAuthentication.SessionAuthenticationModule.WriteSessionTokenToCookie(sessionToken);
        }
Example #31
0
        public void ApplyPrincipal()
        {
            // Ignore this if we're not running inside IIS, e.g. in unit tests.
            if (Principal != null && HttpContext.Current != null)
            {
                var sessionToken = new SessionSecurityToken(Principal);

                FederatedAuthentication.SessionAuthenticationModule
                .AuthenticateSessionSecurityToken(sessionToken, true);
            }
        }
Example #32
0
        //create Session Security token and Write it to session cookie
        private static void CreateSessionSecurityToken(ClaimsPrincipal appPrincipalToStoreInSession)
        {
            var tokenTiomout = ConfigurationManager.AppSettings["TokenTimeout"] ??
                               HttpContext.Current.Session.Timeout.ToString();
            var sessionSecurityToken = new SessionSecurityToken(appPrincipalToStoreInSession, TimeSpan.FromMinutes(Convert.ToInt16(tokenTiomout)))
            {
                IsReferenceMode = true
            };

            FederatedAuthentication.SessionAuthenticationModule.WriteSessionTokenToCookie(sessionSecurityToken);
        }
Example #33
0
        public void SetSessionToken(string userName, string authenticationMethod, bool isPersistent, int ttl, string resourceName)
        {
            var principal            = CreatePrincipal(userName, authenticationMethod);
            var transformedPrincipal = FederatedAuthentication.ServiceConfiguration.ClaimsAuthenticationManager.Authenticate(resourceName, principal);
            var sessionToken         = new SessionSecurityToken(transformedPrincipal, TimeSpan.FromHours(ttl))
            {
                IsPersistent = isPersistent
            };

            FederatedAuthentication.SessionAuthenticationModule.WriteSessionTokenToCookie(sessionToken);
        }
 public void SetSessionPrincipal(SessionSecurityToken token)
 {
     SessionAuthenticationModule authModule = new SessionAuthenticationModule();
     authModule.SetPrincipalAndWriteSessionToken(token, true);
 }
        public void ProcessResponse()
        {
            if (string.IsNullOrEmpty(this.federationContext.IssuerName))
            {
                throw new InvalidOperationException("The context cookie was not found. Try to re-login");
            }

            var issuer = this.configuration.RetrieveIssuer(new Uri(this.federationContext.IssuerName));

            var handler = this.protocolDiscovery.RetrieveProtocolHandler(issuer);

            if (handler == null)
                throw new InvalidOperationException();

            IClaimsIdentity identity = handler.ProcessSignInResponse(
                                                                this.federationContext.Realm,
                                                                this.federationContext.OriginalUrl,
                                                                this.HttpContext);

            IClaimsIdentity outputIdentity = UpdateIssuer(identity, this.multiProtocolServiceProperties.Identifier.ToString(), issuer.Identifier.ToString());
            outputIdentity.Claims.Add(new Claim(ClaimTypes.AuthenticationMethod, issuer.Identifier.ToString(), ClaimValueTypes.String, this.multiProtocolServiceProperties.Identifier.ToString()));
            outputIdentity.Claims.Add(new Claim(ClaimTypes.AuthenticationInstant, DateTime.Now.ToString("o"), ClaimValueTypes.Datetime, this.multiProtocolServiceProperties.Identifier.ToString()));

            var sessionToken = new SessionSecurityToken(new ClaimsPrincipal(new IClaimsIdentity[] { outputIdentity }));
            FederatedAuthentication.WSFederationAuthenticationModule.SetPrincipalAndWriteSessionToken(sessionToken, true);

            Response.Redirect(this.federationContext.OriginalUrl, false);
            HttpContext.ApplicationInstance.CompleteRequest();
        }