bool IsMaxAgeExceeded( AuthorizationResponse response, UserTData data) { if (response.MaxAge <= 0) { // Don't have to care about the maximum // authentication age. return(false); } // Calculate the number of seconds that have elapsed // since the last login. long age = TimeUtility.CurrentTimeSeconds() - data.GetUserAuthenticatedAt(); if (age <= response.MaxAge) { // The max age is not exceeded yet. return(false); } // The max age has been exceeded. return(true); }
async Task <HttpResponseMessage> HandleInteraction( AuthorizationResponse response) { // Store some variables into TempData so that they can // be referred to in AuthorizationDecisionController. var data = new UserTData(TempData); data.Set("ticket", response.Ticket); data.SetObject("claimNames", response.Claims); data.SetObject("claimLocales", response.ClaimsLocales); // Clear user information in TempData if necessary. ClearUserDataIfNecessary(response, data); // Prepare a model object which is needed to render // the authorization page. var model = new AuthorizationPageModel( response, data.GetUserEntity()); // Render the authorization page manually. string html = await Render(VIEW_NAME, model); // Return "200 OK" with "text/html". return(ResponseUtility.OkHtml(html)); }
void AuthenticateUserIfNecessary(UserTData data) { // If user information is already stored in TempData. if (data.HasUserEntity()) { // Already logged in. No need to authenticate the // user here again. return; } // Values input to the form in the authorization page. string loginId = Request.Form["loginId"]; string password = Request.Form["password"]; // Search the user database for the user. UserEntity entity = UserDao.GetByCredentials(loginId, password); // If the user was found. if (entity != null) { // The user was authenticated successfully. data.SetUserEntity(entity); data.SetUserAuthenticatedAt( TimeUtility.CurrentTimeSeconds()); } }
public async Task <HttpResponseMessage> Post() { // Wrap TempData. var data = new UserTData(TempData); // Authenticate the user if necessary. AuthenticateUserIfNecessary(data); // Flag which indicates whether the user has given // authorization to the client application or not. bool authorized = IsClientAuthorized(); // Parameters contained in the authorization request. string ticket = (string)data.Get("ticket"); string[] claimNames = data.GetObject <string[]>("claimNames"); string[] claimLocales = data.GetObject <string[]>("claimLocales"); // Process the authorization request according to the // decision made by the user. return(await HandleDecision( authorized, ticket, claimNames, claimLocales)); }
void ClearUserDataIfNecessary( AuthorizationResponse response, UserTData data) { // Get the user information from TempData. var entity = data.GetUserEntity(); // If user information does not exist in TempData. if (entity == null) { // Nothing to clear. return; } // If 'login' is required (= if the "prompt" parameter // of the authorization request includes "login"). if (IsLoginRequired(response)) { // Even if a user has already logged in, the user // needs to be re-authenticated. This simple // implementation forces the user to log out here. data.RemoveUserTData(); return; } // If the max authentication age has been exceeded. if (IsMaxAgeExceeded(response, data)) { // Much time has elapsed since the last login, so // re-authentication is needed. This simple // implementation forces the user to log out here. data.RemoveUserTData(); return; } // No need to clear user data. }
public AuthorizationRequestHandlerSpiImpl(Controller controller) { // Wrap TempData. _userTData = new UserTData(controller.TempData); }