Example #1
0
        public async Task <AuthenticationTicket> ValidateTicket(HttpContext context, AuthenticationProperties properties, AuthenticationScheme scheme, CasOptions options, string ticket, string service)
        {
            var validateEndpoint = string.IsNullOrEmpty(options.CasValidationUrl) ? $"{options.CasServerUrlBase}/serviceValidate" : options.CasValidationUrl;
            var validateUrl      = $"{validateEndpoint}?service={service}&ticket={Uri.EscapeDataString(ticket)}";

            var response = await options.Backchannel.GetAsync(validateUrl, context.RequestAborted);

            response.EnsureSuccessStatusCode();

            var responseBody = await response.Content.ReadAsStringAsync();

            var doc = XDocument.Parse(responseBody);

            XNamespace ns = string.IsNullOrEmpty(options.TicketNamespace) ? _ns : options.TicketNamespace;

            var serviceResponse   = doc.Element(ns + "serviceResponse");
            var successNode       = serviceResponse?.Element(ns + "authenticationSuccess");
            var userNode          = successNode?.Element(ns + "user");
            var userDisplayName   = successNode?.Element(ns + "displayName");
            var validatedUserName = userNode?.Value;

            if (string.IsNullOrEmpty(validatedUserName))
            {
                return(null);
            }

            var identity      = BuildIdentity(options, scheme, validatedUserName, successNode, ns);
            var ticketContext = new CasCreatingTicketContext(context, scheme, options, new ClaimsPrincipal(identity), properties, validatedUserName);

            await options.Events.CreatingTicket(ticketContext);

            return(new AuthenticationTicket(ticketContext.Principal, ticketContext.Properties, scheme.Name));
        }
Example #2
0
        public async Task <AuthenticateResult> ValidateTicket(HttpContext context, HttpClient httpClient, AuthenticationProperties properties, string ticket, string service)
        {
            var validateUrl = _options.CasServerUrlBase + "/validate" +
                              "?service=" + service +
                              "&ticket=" + Uri.EscapeDataString(ticket);

            var response = await httpClient.GetAsync(validateUrl, context.RequestAborted);

            response.EnsureSuccessStatusCode();

            var responseBody = await response.Content.ReadAsStringAsync();

            string validatedUserName = null;
            var    responseParts     = responseBody.Split('\n');

            if (responseParts.Length >= 2 && responseParts[0] == "yes")
            {
                validatedUserName = responseParts[1];
            }

            if (string.IsNullOrEmpty(validatedUserName))
            {
                return(AuthenticateResult.Fail("Could find username in CAS response."));
            }

            var claims = new[]
            {
                new Claim(ClaimTypes.NameIdentifier, validatedUserName, ClaimValueTypes.String, _options.ClaimsIssuer),
                new Claim(ClaimTypes.Name, validatedUserName, ClaimValueTypes.String, _options.ClaimsIssuer)
            };

            var identity = new ClaimsIdentity(claims, _options.ClaimsIssuer);

            var ticketContext = new CasCreatingTicketContext(context, _options, identity.Name)
            {
                Principal  = new ClaimsPrincipal(identity),
                Properties = properties
            };

            await _options.Events.CreatingTicket(ticketContext);

            return(AuthenticateResult.Success(new AuthenticationTicket(ticketContext.Principal, ticketContext.Properties, _options.AuthenticationScheme)));
        }
        public async Task <AuthenticationTicket> ValidateTicket(HttpContext context, AuthenticationProperties properties, AuthenticationScheme scheme, CasOptions options, string ticket, string service)
        {
            var validateEndpoint = string.IsNullOrEmpty(options.CasValidationUrl) ? $"{options.CasServerUrlBase}/validate" : options.CasValidationUrl;
            var validateUrl      = $"{validateEndpoint}?service={service}&ticket={Uri.EscapeDataString(ticket)}";

            var response = await options.Backchannel.GetAsync(validateUrl, context.RequestAborted);

            response.EnsureSuccessStatusCode();

            var responseBody = await response.Content.ReadAsStringAsync();

            string validatedUserName = null;
            var    responseParts     = responseBody.Split('\n');

            if (responseParts.Length >= 2 && responseParts[0] == "yes")
            {
                validatedUserName = responseParts[1];
            }

            if (string.IsNullOrEmpty(validatedUserName))
            {
                return(null);
            }
            var issuer = options.ClaimsIssuer ?? scheme.Name;

            var claims = new[]
            {
                new Claim(ClaimTypes.NameIdentifier, validatedUserName, ClaimValueTypes.String, issuer),
                new Claim(ClaimTypes.Name, validatedUserName, ClaimValueTypes.String, issuer)
            };

            var identity      = new ClaimsIdentity(claims, options.ClaimsIssuer);
            var ticketContext = new CasCreatingTicketContext(context, scheme, options, new ClaimsPrincipal(identity), properties, validatedUserName);

            await options.Events.CreatingTicket(ticketContext);

            return(new AuthenticationTicket(ticketContext.Principal, ticketContext.Properties, scheme.Name));
        }
        public async Task <AuthenticateResult> ValidateTicket(HttpContext context, HttpClient httpClient, AuthenticationProperties properties, string ticket, string service)
        {
            var validateUrl = _options.CasServerUrlBase + "/serviceValidate" +
                              "?service=" + service +
                              "&ticket=" + Uri.EscapeDataString(ticket);

            var response = await httpClient.GetAsync(validateUrl, context.RequestAborted);

            response.EnsureSuccessStatusCode();

            var responseBody = await response.Content.ReadAsStringAsync();

            var doc = XDocument.Parse(responseBody);

            var serviceResponse   = doc.Element(_ns + "serviceResponse");
            var successNode       = serviceResponse?.Element(_ns + "authenticationSuccess");
            var userNode          = successNode?.Element(_ns + "user");
            var validatedUserName = userNode?.Value;

            if (string.IsNullOrEmpty(validatedUserName))
            {
                return(AuthenticateResult.Fail("Could find username in CAS response."));
            }

            var identity = BuildIdentity(_options, validatedUserName, successNode);

            var ticketContext = new CasCreatingTicketContext(context, _options, identity.Name)
            {
                Principal  = new ClaimsPrincipal(identity),
                Properties = properties
            };

            await _options.Events.CreatingTicket(ticketContext);

            return(ticketContext.Principal?.Identity == null
                ? AuthenticateResult.Fail("There was a problem creating ticket.")
                : AuthenticateResult.Success(new AuthenticationTicket(ticketContext.Principal, ticketContext.Properties, _options.AuthenticationScheme)));
        }
Example #5
0
 /// <summary>
 /// Invoked whenever Cas successfully authenticates a user
 /// </summary>
 /// <param name="context">Contains information about the login session as well as the user <see cref="System.Security.Claims.ClaimsIdentity"/>.</param>
 /// <returns>A <see cref="Task"/> representing the completed operation.</returns>
 public virtual Task CreatingTicket(CasCreatingTicketContext context) => OnCreatingTicket(context);