protected override void Initialize(HttpControllerContext context)
{
this.Tenant = TenantConvention.GetTenant();
string clientToken = context.Request.GetBearerToken();
var provider = new Provider();
var token = provider.GetToken(clientToken);
if(token != null)
{
AppUsers.SetCurrentLoginAsync(this.Tenant, token.LoginId).Wait();
var loginView = AppUsers.GetCurrentAsync(this.Tenant, token.LoginId).Result;
this.AppUser = new AppUser
{
Tenant = this.Tenant,
ClientToken = token.ClientToken,
LoginId = token.LoginId,
UserId = loginView.UserId,
Name = loginView.Name,
OfficeId = loginView.OfficeId,
OfficeName = loginView.OfficeName,
Email = loginView.Email,
RoleId = loginView.RoleId,
RoleName = loginView.RoleName,
IsAdministrator = loginView.IsAdministrator
};
var identity = new ClaimsIdentity(token.GetClaims());
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, token.LoginId.ToString(CultureInfo.InvariantCulture)));
if(this.AppUser.RoleName != null)
{
identity.AddClaim(new Claim(ClaimTypes.Role, this.AppUser.RoleName));
}
if(this.AppUser.Email != null)
{
identity.AddClaim(new Claim(ClaimTypes.Email, this.AppUser.Email));
}
context.RequestContext.Principal = new ClaimsPrincipal(identity);
}
base.Initialize(context);
}
protected override void Initialize(RequestContext context)
{
string clientToken = context.HttpContext.Request.GetClientToken();
var provider = new Provider(DbConvention.GetCatalog());
var token = provider.GetToken(clientToken);
string catalog = DbConvention.GetCatalog();
if (token != null)
{
bool isValid = AccessTokens.IsValid(token.ClientToken, context.HttpContext.GetClientIpAddress(),
context.HttpContext.GetUserAgent());
if (isValid)
{
AppUsers.SetCurrentLogin(catalog, token.LoginId);
var loginView = AppUsers.GetCurrent(catalog, token.LoginId);
this.MetaUser = new MetaUser
{
Catalog = catalog,
ClientToken = token.ClientToken,
LoginId = token.LoginId,
UserId = token.UserId,
OfficeId = token.OfficeId
};
var identity = new ClaimsIdentity(token.Claims, DefaultAuthenticationTypes.ApplicationCookie,
ClaimTypes.NameIdentifier, ClaimTypes.Role);
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier,
token.LoginId.ToString(CultureInfo.InvariantCulture)));
if (loginView.RoleName != null)
{
identity.AddClaim(new Claim(ClaimTypes.Role, loginView.RoleName));
}
if (loginView.Email != null)
{
identity.AddClaim(new Claim(ClaimTypes.Email, loginView.Email));
}
context.HttpContext.User = new ClaimsPrincipal(identity);
}
}
base.Initialize(context);
}
private static async Task<Token> GetTokenAsync(string tenant, HubCallerContext context)
{
string clientToken = context.Request.GetClientToken();
var provider = new Provider();
var token = provider.GetToken(clientToken);
if (token != null)
{
bool isValid = await AccessTokens.IsValidAsync(tenant, token.ClientToken, context.Request.GetClientIpAddress(), context.Headers["User-Agent"]).ConfigureAwait(false);
if (isValid)
{
return token;
}
}
return null;
}
protected async Task<ActionResult> OnAuthenticatedAsync(LoginResult result, SignInInfo model = null)
{
if (!result.Status)
{
await Task.Delay(new Random().Next(1, 5)*1000).ConfigureAwait(false);
return new HttpStatusCodeResult(HttpStatusCode.Forbidden, JsonConvert.SerializeObject(result));
}
Guid? applicationId = null;
if (model != null)
{
applicationId = model.ApplicationId;
}
var loginView = await AppUsers.GetCurrentAsync(this.Tenant, result.LoginId).ConfigureAwait(false);
var manager = new Provider(this.Tenant, applicationId, result.LoginId, loginView.UserId, loginView.OfficeId);
var token = manager.GetToken();
string domain = TenantConvention.GetDomain();
await
AccessTokens.SaveAsync(this.Tenant, token, this.RemoteUser.IpAddress, this.RemoteUser.UserAgent)
.ConfigureAwait(true);
var cookie = new HttpCookie("access_token")
{
Value = token.ClientToken,
HttpOnly = true,
Expires = token.ExpiresOn.DateTime
};
//localhost cookie is not supported by most browsers.
if (domain.ToLower() != "localhost")
{
cookie.Domain = domain;
}
this.Response.Cookies.Add(cookie);
return this.Ok(token.ClientToken);
}
protected override void Initialize(HttpControllerContext context)
{
string clientToken = context.Request.GetBearerToken();
var provider = new Provider(DbConvention.GetCatalog());
var token = provider.GetToken(clientToken);
string catalog = DbConvention.GetCatalog();
if (token != null)
{
AppUsers.SetCurrentLogin(catalog, token.LoginId);
var loginView = AppUsers.GetCurrent(catalog, token.LoginId);
this.MetaUser = new MetaUser
{
Catalog = DbConvention.GetCatalog(),
ClientToken = token.ClientToken,
LoginId = token.LoginId,
UserId = loginView.UserId.To<int>(),
OfficeId = loginView.OfficeId.To<int>()
};
var identity = new ClaimsIdentity(token.Claims);
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, token.LoginId.ToString(CultureInfo.InvariantCulture)));
if (loginView.RoleName != null)
{
identity.AddClaim(new Claim(ClaimTypes.Role, loginView.RoleName));
}
if (loginView.Email != null)
{
identity.AddClaim(new Claim(ClaimTypes.Email, loginView.Email));
}
context.RequestContext.Principal = new ClaimsPrincipal(identity);
}
base.Initialize(context);
}
protected ActionResult OnAuthenticated(LoginResult result, SignInInfo model = null)
{
if (!result.Status)
{
Thread.Sleep(new Random().Next(1, 5)*1000);
return new HttpStatusCodeResult(HttpStatusCode.Forbidden, JsonConvert.SerializeObject(result));
}
Guid? applicationId = null;
if (model != null)
{
applicationId = model.ApplicationId;
}
var manager = new Provider(AppUsers.GetCatalog(), applicationId, result.LoginId);
var token = manager.GetToken();
string domain = DbConvention.GetDomain();
AccessTokens.Save(token, this.RemoteUser.IpAddress, this.RemoteUser.UserAgent);
var cookie = new HttpCookie("access_token")
{
Value = token.ClientToken,
HttpOnly = true,
Secure = true,
Expires = token.ExpiresOn
};
//localhost cookie is not supported by most browsers.
if (domain.ToLower() != "localhost")
{
cookie.Domain = domain;
}
this.Response.Cookies.Add(cookie);
return Json(token.ClientToken);
}
public override bool AuthorizeHubConnection(HubDescriptor descriptor, IRequest request)
{
string tenant = TenantConvention.GetTenant();
string clientToken = request.GetClientToken();
var provider = new Provider();
var token = provider.GetToken(clientToken);
if(token != null)
{
bool isValid = AccessTokens.IsValidAsync(tenant, token.ClientToken, request.GetClientIpAddress(), request.Headers["user-agent"]).Result;
if(isValid)
{
AppUsers.SetCurrentLoginAsync(tenant, token.LoginId).Wait();
var loginView = AppUsers.GetCurrentAsync(tenant, token.LoginId).Result;
var identity = new ClaimsIdentity(token.GetClaims(), DefaultAuthenticationTypes.ApplicationCookie, ClaimTypes.NameIdentifier, ClaimTypes.Role);
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, token.LoginId.ToString(CultureInfo.InvariantCulture)));
if(loginView.RoleName != null)
{
identity.AddClaim(new Claim(ClaimTypes.Role, loginView.RoleName));
}
if(loginView.Email != null)
{
identity.AddClaim(new Claim(ClaimTypes.Email, loginView.Email));
}
request.Environment["server.User"] = new ClaimsPrincipal(identity);
return true;
}
}
return false;
}
protected override void Initialize(RequestContext context)
{
string tenant = TenantConvention.GetTenant();
string clientToken = context.HttpContext.Request.GetClientToken();
var provider = new Provider();
var token = provider.GetToken(clientToken);
if (token != null)
{
bool isValid = AccessTokens.IsValidAsync(tenant, token.ClientToken, context.HttpContext.GetClientIpAddress(),
context.HttpContext.GetUserAgent()).Result;
if (isValid)
{
AppUsers.SetCurrentLoginAsync(tenant, token.LoginId).Wait();
var loginView = AppUsers.GetCurrentAsync(tenant, token.LoginId).Result;
this.AppUser = new AppUser
{
Tenant = tenant,
ClientToken = token.ClientToken,
LoginId = loginView.LoginId,
UserId = loginView.UserId,
Name = loginView.Name,
OfficeId = loginView.OfficeId,
OfficeName = loginView.OfficeName,
Email = loginView.Email,
RoleId = loginView.RoleId,
RoleName = loginView.RoleName,
IsAdministrator = loginView.IsAdministrator
};
var identity = new ClaimsIdentity(token.GetClaims(), DefaultAuthenticationTypes.ApplicationCookie,
ClaimTypes.NameIdentifier, ClaimTypes.Role);
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier,
token.LoginId.ToString(CultureInfo.InvariantCulture)));
if (loginView.RoleName != null)
{
identity.AddClaim(new Claim(ClaimTypes.Role, loginView.RoleName));
}
if (loginView.Email != null)
{
identity.AddClaim(new Claim(ClaimTypes.Email, loginView.Email));
}
context.HttpContext.User = new ClaimsPrincipal(identity);
}
}
if (this.AppUser == null)
{
this.AppUser = new AppUser
{
Tenant = tenant
};
}
base.Initialize(context);
}