public override async Task <ExternalAuthUserInfo> GetUserInfo(
string token)
{
WsFederationAuthProviderApi federationAuthProviderApi = this;
if (federationAuthProviderApi == null || federationAuthProviderApi.ProviderInfo == null)
{
return(null);
}
// ISSUE: explicit non-virtual call
string additionalParam1 = (federationAuthProviderApi.ProviderInfo).AdditionalParams["Authority"];
if (string.IsNullOrEmpty(additionalParam1))
{
throw new ApplicationException("Authentication:WsFederation:Issuer configuration is required.");
}
// ISSUE: explicit non-virtual call
string additionalParam2 = (federationAuthProviderApi.ProviderInfo).AdditionalParams["MetaDataAddress"];
if (string.IsNullOrEmpty(additionalParam1))
{
throw new ApplicationException("Authentication:WsFederation:MetaDataAddress configuration is required.");
}
WsFederationConfigurationRetriever configurationRetriever = new WsFederationConfigurationRetriever();
HttpDocumentRetriever documentRetriever = new HttpDocumentRetriever();
ConfigurationManager <WsFederationConfiguration> configurationManager = new ConfigurationManager <WsFederationConfiguration>(additionalParam2, (IConfigurationRetriever <WsFederationConfiguration>)configurationRetriever, (IDocumentRetriever)documentRetriever);
JwtSecurityToken jwtSecurityToken = await federationAuthProviderApi.ValidateToken(token, additionalParam1, (IConfigurationManager <WsFederationConfiguration>) configurationManager, new CancellationToken());
string str1 = jwtSecurityToken.Claims.First <Claim>((Func <Claim, bool>)(c => c.Type == "name")).Value;
string str2 = jwtSecurityToken.Claims.First <Claim>((Func <Claim, bool>)(c => c.Type == "email")).Value;
string[] strArray = str1.Split(' ');
return(new ExternalAuthUserInfo()
{
Provider = "WsFederation", ProviderKey = jwtSecurityToken.Subject, Name = strArray[0], Surname = strArray.Length > 1 ? strArray[1] : strArray[0], EmailAddress = str2
});
}
private async Task <JwtSecurityToken> ValidateToken(
string token,
string issuer,
IConfigurationManager <WsFederationConfiguration> configurationManager,
CancellationToken ct = default(CancellationToken))
{
WsFederationAuthProviderApi federationAuthProviderApi = this;
if (string.IsNullOrEmpty(token))
{
throw new ArgumentNullException(nameof(token));
}
if (string.IsNullOrEmpty(issuer))
{
throw new ArgumentNullException(nameof(issuer));
}
ICollection <SecurityKey> signingKeys = (await configurationManager.GetConfigurationAsync(ct)).SigningKeys;
TokenValidationParameters validationParameters = new TokenValidationParameters();
validationParameters.ValidateIssuer = true;
validationParameters.ValidIssuer = issuer;
validationParameters.ValidateIssuerSigningKey = true;
validationParameters.IssuerSigningKeys = (IEnumerable <SecurityKey>)signingKeys;
validationParameters.ValidateLifetime = true;
validationParameters.ClockSkew = TimeSpan.FromMinutes(5.0);
validationParameters.ValidateAudience = false;
SecurityToken securityToken;
ClaimsPrincipal claimsPrincipal = ((SecurityTokenHandler) new JwtSecurityTokenHandler()).ValidateToken(token, validationParameters, out securityToken);
// ISSUE: explicit non-virtual call
if (federationAuthProviderApi != null && federationAuthProviderApi.ProviderInfo != null && (federationAuthProviderApi.ProviderInfo).ClientId != claimsPrincipal.Claims.First <Claim>((Func <Claim, bool>)(c => c.Type == "aud")).Value)
{
throw new ApplicationException("ClientId couldn't verified.");
}
return((JwtSecurityToken)securityToken);
}
