public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request) { IAuthTokens tokens = Init(authService, ref session, request); IRequest httpRequest = authService.Request; string error = httpRequest.QueryString["error"] ?? httpRequest.QueryString["error_uri"] ?? httpRequest.QueryString["error_description"]; bool hasError = !error.IsNullOrEmpty(); if (hasError) { Log.Error($"Yandex error callback. {httpRequest.QueryString}"); return authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", error))); } string code = httpRequest.QueryString["code"]; bool isPreAuthCallback = !code.IsNullOrEmpty(); if (!isPreAuthCallback) { string preAuthUrl = $"{PreAuthUrl}?response_type=code&client_id={ApplicationId}&redirect_uri={CallbackUrl.UrlEncode()}&display=popup&state={Guid.NewGuid().ToString("N")}"; this.SaveSession(authService, session, SessionExpiry); return authService.Redirect(PreAuthUrlFilter(this, preAuthUrl)); } try { string payload = $"grant_type=authorization_code&code={code}&client_id={ApplicationId}&client_secret={ApplicationPassword}"; string contents = AccessTokenUrl.PostStringToUrl(payload); var authInfo = JsonObject.Parse(contents); //Yandex does not throw exception, but returns error property in JSON response // http://api.yandex.ru/oauth/doc/dg/reference/obtain-access-token.xml string accessTokenError = authInfo.Get("error"); if (!accessTokenError.IsNullOrEmpty()) { Log.Error($"Yandex access_token error callback. {authInfo}"); return authService.Redirect(session.ReferrerUrl.SetParam("f", "AccessTokenFailed")); } tokens.AccessTokenSecret = authInfo.Get("access_token"); session.IsAuthenticated = true; return OnAuthenticated(authService, session, tokens, authInfo.ToDictionary()) ?? authService.Redirect(SuccessRedirectUrlFilter(this, session.ReferrerUrl.SetParam("s", "1"))); } catch (WebException webException) { //just in case Yandex will start throwing exceptions var statusCode = ((HttpWebResponse)webException.Response).StatusCode; if (statusCode == HttpStatusCode.BadRequest) { return authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "AccessTokenFailed"))); } } return authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "Unknown"))); }
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request) { var user = authService.Request.GetUser(); var userName = user.GetUserName(); if (!LoginMatchesSession(session, userName)) { authService.RemoveSession(); session = authService.GetSession(); } if (IsAuthorized(user)) { session.IsAuthenticated = true; if (session.UserAuthName == null) { session.UserAuthName = userName; } var aspReq = (HttpRequestBase)authService.Request.OriginalRequest; var loginUser = aspReq.ServerVariables["LOGON_USER"].ToNullIfEmpty(); var remoteUser = aspReq.ServerVariables["REMOTE_USER"].ToNullIfEmpty(); var identityName = aspReq.LogonUserIdentity != null ? aspReq.LogonUserIdentity.Name : null; session.DisplayName = loginUser ?? remoteUser ?? identityName; var tokens = new AuthTokens { Provider = Name, UserName = userName, DisplayName = session.DisplayName, Items = new Dictionary<string, string> { {"LOGON_USER", loginUser}, {"REMOTE_USER", remoteUser}, {"LogonUserIdentityName", identityName}, } }; if (session.Roles == null) session.Roles = new List<string>(); foreach (var role in AllRoles.Safe()) { if (user.IsInRole(role)) session.Roles.AddIfNotExists(role); } OnAuthenticated(authService, session, tokens, new Dictionary<string, string>()); return new AuthenticateResponse { UserName = userName, SessionId = session.Id, DisplayName = session.DisplayName, ReferrerUrl = request.Continue }; } throw HttpError.Unauthorized("Windows Auth failed"); }
/// <summary> /// Remove the Users Session /// </summary> /// <param name="service"></param> /// <param name="request"></param> /// <returns></returns> public virtual object Logout(IServiceBase service, Authenticate request) { var feature = HostContext.GetPlugin<AuthFeature>(); var session = service.GetSession(); var referrerUrl = (request != null ? request.Continue : null) ?? (feature.HtmlLogoutRedirect != null ? service.Request.ResolveAbsoluteUrl(feature.HtmlLogoutRedirect) : null) ?? session.ReferrerUrl ?? service.Request.GetHeader("Referer") ?? this.CallbackUrl; session.OnLogout(service); AuthEvents.OnLogout(service.Request, session, service); service.RemoveSession(); if (feature != null && feature.DeleteSessionCookiesOnLogout) { service.Request.Response.DeleteSessionCookies(); } if (service.Request.ResponseContentType == MimeTypes.Html && !string.IsNullOrEmpty(referrerUrl)) return service.Redirect(LogoutUrlFilter(this, referrerUrl.SetParam("s", "-1"))); return new AuthenticateResponse(); }
public override string ToString() { a = (Authenticate)base.Tag; Binding myBinding = new Binding("password"); myBinding.Mode = BindingMode.TwoWay; myBinding.Source = a; txtpass.SetBinding(TextBox.TextProperty, myBinding); Binding myBinding2 = new Binding("options"); myBinding2.Mode = BindingMode.TwoWay; myBinding2.Source = a; txtopt.SetBinding(TextBox.TextProperty, myBinding2); Binding myBinding3 = new Binding("maxdigits"); myBinding3.Mode = BindingMode.TwoWay; myBinding3.Source = a; txtmax.SetBinding(TextBox.TextProperty, myBinding3); Binding myBinding4 = new Binding("prompt"); myBinding4.Mode = BindingMode.TwoWay; myBinding4.Source = a; txtprompt.SetBinding(TextBox.TextProperty, myBinding4); Binding descbinding = new Binding("Description"); descbinding.Mode = BindingMode.TwoWay; descbinding.Source = a; txtdesc.SetBinding(TextBox.TextProperty, descbinding); return base.ToString(); }
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request) { IAuthTokens tokens = Init(authService, ref session, request); IRequest httpRequest = authService.Request; string error = httpRequest.QueryString["error"]; bool hasError = !error.IsNullOrEmpty(); if (hasError) { Log.Error($"Odnoklassniki error callback. {httpRequest.QueryString}"); return authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", error))); } string code = httpRequest.QueryString["code"]; bool isPreAuthCallback = !code.IsNullOrEmpty(); if (!isPreAuthCallback) { string preAuthUrl = $"{PreAuthUrl}?client_id={ApplicationId}&redirect_uri={CallbackUrl.UrlEncode()}&response_type=code&layout=m"; this.SaveSession(authService, session, SessionExpiry); return authService.Redirect(PreAuthUrlFilter(this, preAuthUrl)); } try { string payload = $"client_id={ApplicationId}&client_secret={SecretKey}&code={code}&redirect_uri={CallbackUrl.UrlEncode()}&grant_type=authorization_code"; string contents = AccessTokenUrlFilter(this, AccessTokenUrl).PostToUrl(payload, "*/*", RequestFilter); var authInfo = JsonObject.Parse(contents); //ok.ru does not throw exception, but returns error property in JSON response string accessTokenError = authInfo.Get("error"); if (!accessTokenError.IsNullOrEmpty()) { Log.Error($"Odnoklassniki access_token error callback. {authInfo}"); return authService.Redirect(session.ReferrerUrl.SetParam("f", "AccessTokenFailed")); } tokens.AccessTokenSecret = authInfo.Get("access_token"); tokens.UserId = authInfo.Get("user_id"); session.IsAuthenticated = true; return OnAuthenticated(authService, session, tokens, authInfo.ToDictionary()) ?? authService.Redirect(SuccessRedirectUrlFilter(this, session.ReferrerUrl.SetParam("s", "1"))); } catch (WebException webException) { //just in case it starts throwing exceptions HttpStatusCode statusCode = ((HttpWebResponse)webException.Response).StatusCode; if (statusCode == HttpStatusCode.BadRequest) { return authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "AccessTokenFailed"))); } } return authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "Unknown"))); }
protected IAuthTokens Init(IServiceBase authService, ref IAuthSession session, Authenticate request) { Logger.Debug("SamlAuthProvider::Init:ENTER"); if (this.CallbackUrl.IsNullOrEmpty()) { this.CallbackUrl = authService.Request.AbsoluteUri; Logger.Debug("CallbackUrl was null, setting to: {0}".Fmt(this.CallbackUrl)); } if (session.ReferrerUrl.IsNullOrEmpty() && authService.Request != null && authService.Request.Verb == "POST") { session.ReferrerUrl = this.IdpInitiatedRedirect; } else { session.ReferrerUrl = GetReferrerUrl(authService, session, request); } Logger.Debug("Session ReferrerUrl Set to: {0}".Fmt(session.ReferrerUrl)); var tokens = session.ProviderOAuthAccess.FirstOrDefault(x => x.Provider == this.Provider); if (tokens == null) { Logger.Debug("Tokens were null, initializing"); session.ProviderOAuthAccess.Add(tokens = new AuthTokens { Provider = this.Provider }); } Logger.Debug("Tokens contains"); Logger.Debug(tokens.ToJson()); Logger.Debug("SamlAuthProvider::Init:RETURN"); return tokens; }
/// <summary> /// Parse a message value. /// </summary> /// <param name="name">Name of header being parsed.</param> /// <param name="reader">Reader containing the string that should be parsed.</param> /// <returns>Newly created header.</returns> /// <exception cref="ParseException">Header value is malformed.</exception> /// <example> /// Digest realm="atlanta.com", /// domain="sip:boxesbybob.com", qop="auth", /// nonce="f84f1cec41e6cbe5aea9c8e88d359", /// opaque="", stale=FALSE, algorithm=MD5 /// </example> public IHeader Parse(string name, ITextReader reader) { reader.ConsumeWhiteSpaces(); string digest = reader.ReadWord().ToLower(); if (digest != "digest") throw new ParseException("Authorization header is not digest authentication"); reader.ConsumeWhiteSpaces(); var parameters = new KeyValueCollection(); UriParser.ParseParameters(parameters, reader, ','); var header = new Authenticate(name) { Algortihm = parameters["algorithm"], Domain = UriParser.Parse(parameters["domain"]), Realm = parameters["realm"], Nonce = parameters["nonce"], Qop = parameters["qop"], Opaque = parameters["opaque"] }; try { header.Stale = bool.Parse(parameters["stale"]); } catch (Exception err) { throw new ParseException("Failed to parse 'stale' in WWW-Authenticate header.", err); } return header; }
public void doLogin() { // TODO: add loading while processing // authenticate Authenticate auth = new Authenticate (); auth.login (_username.text, _password.text); // TODO: show error if failed }
public override bool IsAuthorized(IAuthSession session, IAuthTokens tokens, Authenticate request = null) { if (request != null) { if (!LoginMatchesSession(session, request.UserName)) return false; } return tokens != null && !string.IsNullOrEmpty(tokens.AccessTokenSecret); }
public override bool IsAuthorized(IAuthSession session, IAuthTokens tokens, Authenticate request = null) { if (request != null) { if (!LoginMatchesSession(session, request.UserName)) { return false; } } return !session.UserAuthName.IsNullOrEmpty(); }
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request) { var tokens = Init(authService, ref session, request); var httpRequest = authService.Request; var error = httpRequest.QueryString["error_reason"] ?? httpRequest.QueryString["error"] ?? httpRequest.QueryString["error_code"] ?? httpRequest.QueryString["error_description"]; var hasError = !error.IsNullOrEmpty(); if (hasError) { Log.Error("Facebook error callback. {0}".Fmt(httpRequest.QueryString)); return authService.Redirect(session.ReferrerUrl); } var code = httpRequest.QueryString["code"]; var isPreAuthCallback = !code.IsNullOrEmpty(); if (!isPreAuthCallback) { var preAuthUrl = PreAuthUrl + "?client_id={0}&redirect_uri={1}&scope={2}" .Fmt(AppId, this.CallbackUrl.UrlEncode(), string.Join(",", Permissions)); authService.SaveSession(session, SessionExpiry); return authService.Redirect(preAuthUrl); } var accessTokenUrl = this.AccessTokenUrl + "?client_id={0}&redirect_uri={1}&client_secret={2}&code={3}" .Fmt(AppId, this.CallbackUrl.UrlEncode(), AppSecret, code); try { var contents = accessTokenUrl.GetStringFromUrl(); var authInfo = HttpUtility.ParseQueryString(contents); tokens.AccessTokenSecret = authInfo["access_token"]; session.IsAuthenticated = true; authService.SaveSession(session, SessionExpiry); OnAuthenticated(authService, session, tokens, authInfo.ToDictionary()); //Haz access! return authService.Redirect(session.ReferrerUrl.AddHashParam("s", "1")); } catch (WebException we) { var statusCode = ((HttpWebResponse)we.Response).StatusCode; if (statusCode == HttpStatusCode.BadRequest) { return authService.Redirect(session.ReferrerUrl.AddHashParam("f", "AccessTokenFailed")); } } //Shouldn't get here return authService.Redirect(session.ReferrerUrl.AddHashParam("f", "Unknown")); }
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request) { var httpReq = authService.RequestContext.Get<IHttpRequest>(); var basicAuth = httpReq.GetBasicAuthUserAndPassword(); if (basicAuth == null) throw HttpError.Unauthorized("Invalid BasicAuth credentials"); var userName = basicAuth.Value.Key; var password = basicAuth.Value.Value; return Authenticate(authService, session, userName, password, request.Continue); }
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request) { var tokens = Init(authService, ref session, request); var httpRequest = authService.Request; var error = httpRequest.QueryString["error_reason"] ?? httpRequest.QueryString["error"] ?? httpRequest.QueryString["error_code"] ?? httpRequest.QueryString["error_description"]; var hasError = !error.IsNullOrEmpty(); if (hasError) { Log.Error($"Facebook error callback. {httpRequest.QueryString}"); return authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", error))); } var code = httpRequest.QueryString["code"]; var isPreAuthCallback = !code.IsNullOrEmpty(); if (!isPreAuthCallback) { var preAuthUrl = $"{PreAuthUrl}?client_id={AppId}&redirect_uri={this.CallbackUrl.UrlEncode()}&scope={string.Join(",", Permissions)}"; this.SaveSession(authService, session, SessionExpiry); return authService.Redirect(PreAuthUrlFilter(this, preAuthUrl)); } var accessTokenUrl = $"{AccessTokenUrl}?client_id={AppId}&redirect_uri={this.CallbackUrl.UrlEncode()}&client_secret={AppSecret}&code={code}"; try { var contents = AccessTokenUrlFilter(this, accessTokenUrl).GetJsonFromUrl(); var authInfo = JsonObject.Parse(contents); tokens.AccessTokenSecret = authInfo["access_token"]; session.IsAuthenticated = true; return OnAuthenticated(authService, session, tokens, authInfo.ToDictionary()) ?? authService.Redirect(SuccessRedirectUrlFilter(this, session.ReferrerUrl.SetParam("s", "1"))); //Haz access! } catch (WebException we) { var statusCode = ((HttpWebResponse)we.Response).StatusCode; if (statusCode == HttpStatusCode.BadRequest) { return authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "AccessTokenFailed"))); } } //Shouldn't get here return authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "Unknown"))); }
public override bool IsAuthorized(IAuthSession session, IAuthTokens tokens, Authenticate request = null) { if (request != null) { //if (!LoginMatchesSession(session, request.UserName)) //{ // return false; //} throw new NotImplementedException(); } return session != null && session.IsAuthenticated && !session.UserAuthName.IsNullOrEmpty(); }
/// <summary> /// Remove the Users Session /// </summary> /// <param name="service"></param> /// <param name="request"></param> /// <returns></returns> public virtual object Logout(IServiceBase service, Authenticate request) { var session = service.GetSession(); var referrerUrl = (request != null ? request.Continue : null) ?? session.ReferrerUrl ?? service.RequestContext.GetHeader("Referer") ?? this.CallbackUrl; session.OnLogout(service); service.RemoveSession(); if (service.RequestContext.ResponseContentType == MimeTypes.Html && !String.IsNullOrEmpty(referrerUrl)) return service.Redirect(referrerUrl.AddHashParam("s", "-1")); return new AuthenticateResponse(); }
/// <summary> /// The entry point for all AuthProvider providers. Runs inside the AuthService so exceptions are treated normally. /// Overridable so you can provide your own Auth implementation. /// </summary> /// <param name="authService"></param> /// <param name="session"></param> /// <param name="request"></param> /// <returns></returns> public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request) { var tokens = Init(authService, ref session, request); //Default OAuth logic based on Twitter's OAuth workflow if (!tokens.RequestToken.IsNullOrEmpty() && !request.oauth_token.IsNullOrEmpty()) { OAuthUtils.RequestToken = tokens.RequestToken; OAuthUtils.RequestTokenSecret = tokens.RequestTokenSecret; OAuthUtils.AuthorizationToken = request.oauth_token; OAuthUtils.AuthorizationVerifier = request.oauth_verifier; if (OAuthUtils.AcquireAccessToken()) { tokens.AccessToken = OAuthUtils.AccessToken; tokens.AccessTokenSecret = OAuthUtils.AccessTokenSecret; session.IsAuthenticated = true; OnAuthenticated(authService, session, tokens, OAuthUtils.AuthInfo); authService.SaveSession(session, SessionExpiry); //Haz access! return authService.Redirect(session.ReferrerUrl.AddHashParam("s", "1")); } //No Joy :( tokens.RequestToken = null; tokens.RequestTokenSecret = null; authService.SaveSession(session, SessionExpiry); return authService.Redirect(session.ReferrerUrl.AddHashParam("f", "AccessTokenFailed")); } if (OAuthUtils.AcquireRequestToken()) { tokens.RequestToken = OAuthUtils.RequestToken; tokens.RequestTokenSecret = OAuthUtils.RequestTokenSecret; authService.SaveSession(session, SessionExpiry); //Redirect to OAuth provider to approve access return authService.Redirect(this.AuthorizeUrl .AddQueryParam("oauth_token", tokens.RequestToken) .AddQueryParam("oauth_callback", session.ReferrerUrl)); } return authService.Redirect(session.ReferrerUrl.AddHashParam("f", "RequestTokenFailed")); }
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request) { var header = request.oauth_token; // if no auth header, 401 if (string.IsNullOrEmpty(header)) { throw HttpError.Unauthorized(MissingAuthHeader); } var headerData = header.Split(' '); // if header is missing bearer portion, 401 if (string.Compare(headerData[0], "BEARER", StringComparison.OrdinalIgnoreCase) != 0) { throw HttpError.Unauthorized(InvalidAuthHeader); } try { // set current principal to the validated token principal Thread.CurrentPrincipal = JsonWebToken.ValidateToken(headerData[1], Certificate, Audience, Issuer); if (HttpContext.Current != null) { // set the current request's user the the decoded principal HttpContext.Current.User = Thread.CurrentPrincipal; } // set the session's username to the logged in user session.UserName = Thread.CurrentPrincipal.Identity.Name; return OnAuthenticated(authService, session, new AuthTokens(), new Dictionary<string, string>()); } catch (Exception ex) { throw new HttpError(HttpStatusCode.Unauthorized, ex); } }
protected virtual string GetReferrerUrl(IServiceBase authService, IAuthSession session, Authenticate request = null) { if (request == null) { request = authService.Request.Dto as Authenticate; } var referrerUrl = session.ReferrerUrl; if (referrerUrl.IsNullOrEmpty()) { referrerUrl = (request != null ? request.Continue : null) ?? authService.Request.GetHeader("Referer"); } var requestUri = authService.Request.AbsoluteUri; if (referrerUrl.IsNullOrEmpty() || referrerUrl.IndexOf("/auth", StringComparison.OrdinalIgnoreCase) >= 0) { referrerUrl = this.RedirectUrl ?? authService.Request.GetBaseUrl() ?? requestUri.InferBaseUrl(); } return(referrerUrl); }
/// <summary> ///is Valid Login /// <param name="Program_Code"></param> /// <param name="Domain_Name"></param> /// <param name="User_EmailID"></param> /// <param name="User_Password"></param> /// </summary> private Authenticate isValidLogin(string Program_Code, string Domain_Name, string User_EmailID, string User_Password) { MySqlCommand cmd = new MySqlCommand(); DataSet ds = new DataSet(); Authenticate authenticate = new Authenticate(); try { conn.Open(); cmd.Connection = conn; MySqlCommand cmd1 = new MySqlCommand("SP_ValidateStoreUserLogin", conn); cmd1.CommandType = CommandType.StoredProcedure; cmd1.Parameters.AddWithValue("@Program_Code", Program_Code); cmd1.Parameters.AddWithValue("@Domain_Name", Domain_Name); cmd1.Parameters.AddWithValue("@User_EmailID", User_EmailID); cmd1.Parameters.AddWithValue("@User_Password", User_Password); MySqlDataAdapter da = new MySqlDataAdapter(cmd1) { SelectCommand = cmd1 }; da.Fill(ds); if (ds != null && ds.Tables[0] != null) { if (ds.Tables[0].Rows.Count > 0) { bool status = Convert.ToBoolean(ds.Tables[0].Rows[0]["Status"]); if (status) { authenticate.AppID = Convert.ToString(ds.Tables[0].Rows[0]["ApplicationId"]); authenticate.ProgramCode = Program_Code; authenticate.Domain_Name = Domain_Name; authenticate.UserMasterID = Convert.ToInt32(ds.Tables[0].Rows[0]["UserID"]); authenticate.TenantId = Convert.ToInt32(ds.Tables[0].Rows[0]["Tenant_Id"]); authenticate.FirstName = Convert.ToString(ds.Tables[0].Rows[0]["FirstName"]); authenticate.LastName = Convert.ToString(ds.Tables[0].Rows[0]["LastName"]); authenticate.Message = "Valid user"; authenticate.UserEmailID = User_EmailID; } else { authenticate.AppID = ""; authenticate.ProgramCode = ""; authenticate.Domain_Name = ""; authenticate.Message = "In-valid username or passowrd"; authenticate.Token = ""; authenticate.UserMasterID = 0; authenticate.TenantId = 0; } } } } catch (Exception) { throw; } finally { if (conn != null) { conn.Close(); } if (ds != null) { ds.Dispose(); } } return(authenticate); }
/// <param name='provider'> /// </param> /// <param name='state'> /// </param> /// <param name='oauthToken'> /// </param> /// <param name='oauthVerifier'> /// </param> /// <param name='userName'> /// </param> /// <param name='password'> /// </param> /// <param name='rememberMe'> /// </param> /// <param name='continueParameter'> /// </param> /// <param name='nonce'> /// </param> /// <param name='uri'> /// </param> /// <param name='response'> /// </param> /// <param name='qop'> /// </param> /// <param name='nc'> /// </param> /// <param name='cnonce'> /// </param> /// <param name='useTokenCookie'> /// </param> /// <param name='meta'> /// </param> /// <param name='body'> /// </param> /// <param name='customHeaders'> /// Headers that will be added to request. /// </param> /// <param name='cancellationToken'> /// The cancellation token. /// </param> /// <exception cref="AuthenticateResponseException"> /// Thrown when the operation returned an invalid status code /// </exception> /// <return> /// A response object containing the response body and response headers. /// </return> public async Task <HttpOperationResponse <AuthenticateResponse> > PostWithHttpMessagesAsync(string provider = default(string), string state = default(string), string oauthToken = default(string), string oauthVerifier = default(string), string userName = default(string), string password = default(string), bool?rememberMe = default(bool?), string continueParameter = default(string), string nonce = default(string), string uri = default(string), string response = default(string), string qop = default(string), string nc = default(string), string cnonce = default(string), bool?useTokenCookie = default(bool?), string meta = default(string), Authenticate body = default(Authenticate), Dictionary <string, List <string> > customHeaders = null, CancellationToken cancellationToken = default(CancellationToken)) { // Tracing bool _shouldTrace = ServiceClientTracing.IsEnabled; string _invocationId = null; if (_shouldTrace) { _invocationId = ServiceClientTracing.NextInvocationId.ToString(); Dictionary <string, object> tracingParameters = new Dictionary <string, object>(); tracingParameters.Add("provider", provider); tracingParameters.Add("state", state); tracingParameters.Add("oauthToken", oauthToken); tracingParameters.Add("oauthVerifier", oauthVerifier); tracingParameters.Add("userName", userName); tracingParameters.Add("password", password); tracingParameters.Add("rememberMe", rememberMe); tracingParameters.Add("continueParameter", continueParameter); tracingParameters.Add("nonce", nonce); tracingParameters.Add("uri", uri); tracingParameters.Add("response", response); tracingParameters.Add("qop", qop); tracingParameters.Add("nc", nc); tracingParameters.Add("cnonce", cnonce); tracingParameters.Add("useTokenCookie", useTokenCookie); tracingParameters.Add("meta", meta); tracingParameters.Add("body", body); tracingParameters.Add("cancellationToken", cancellationToken); ServiceClientTracing.Enter(_invocationId, this, "Post", tracingParameters); } // Construct URL var _baseUrl = Client.BaseUri.AbsoluteUri; var _url = new System.Uri(new System.Uri(_baseUrl + (_baseUrl.EndsWith("/") ? "" : "/")), "auth").ToString(); // Create HTTP transport objects var _httpRequest = new HttpRequestMessage(); HttpResponseMessage _httpResponse = null; _httpRequest.Method = new HttpMethod("POST"); _httpRequest.RequestUri = new System.Uri(_url); // Set Headers if (Client.Accept != null) { if (_httpRequest.Headers.Contains("Accept")) { _httpRequest.Headers.Remove("Accept"); } _httpRequest.Headers.TryAddWithoutValidation("Accept", Client.Accept); } if (customHeaders != null) { foreach (var _header in customHeaders) { if (_httpRequest.Headers.Contains(_header.Key)) { _httpRequest.Headers.Remove(_header.Key); } _httpRequest.Headers.TryAddWithoutValidation(_header.Key, _header.Value); } } // Serialize Request string _requestContent = null; if (body != null) { _requestContent = Microsoft.Rest.Serialization.SafeJsonConvert.SerializeObject(body, Client.SerializationSettings); _httpRequest.Content = new StringContent(_requestContent, System.Text.Encoding.UTF8); _httpRequest.Content.Headers.ContentType = System.Net.Http.Headers.MediaTypeHeaderValue.Parse("application/json; charset=utf-8"); } // Send Request if (_shouldTrace) { ServiceClientTracing.SendRequest(_invocationId, _httpRequest); } cancellationToken.ThrowIfCancellationRequested(); _httpResponse = await Client.HttpClient.SendAsync(_httpRequest, cancellationToken).ConfigureAwait(false); if (_shouldTrace) { ServiceClientTracing.ReceiveResponse(_invocationId, _httpResponse); } HttpStatusCode _statusCode = _httpResponse.StatusCode; cancellationToken.ThrowIfCancellationRequested(); string _responseContent = null; if (!_httpResponse.IsSuccessStatusCode) { var ex = new AuthenticateResponseException(string.Format("Operation returned an invalid status code '{0}'", _statusCode)); try { _responseContent = await _httpResponse.Content.ReadAsStringAsync().ConfigureAwait(false); AuthenticateResponse _errorBody = Microsoft.Rest.Serialization.SafeJsonConvert.DeserializeObject <AuthenticateResponse>(_responseContent, Client.DeserializationSettings); if (_errorBody != null) { ex.Body = _errorBody; } } catch (JsonException) { // Ignore the exception } ex.Request = new HttpRequestMessageWrapper(_httpRequest, _requestContent); ex.Response = new HttpResponseMessageWrapper(_httpResponse, _responseContent); if (_shouldTrace) { ServiceClientTracing.Error(_invocationId, ex); } _httpRequest.Dispose(); if (_httpResponse != null) { _httpResponse.Dispose(); } throw ex; } // Create Result var _result = new HttpOperationResponse <AuthenticateResponse>(); _result.Request = _httpRequest; _result.Response = _httpResponse; string _defaultResponseContent = await _httpResponse.Content.ReadAsStringAsync().ConfigureAwait(false); try { _result.Body = Microsoft.Rest.Serialization.SafeJsonConvert.DeserializeObject <AuthenticateResponse>(_defaultResponseContent, Client.DeserializationSettings); } catch (JsonException ex) { _httpRequest.Dispose(); if (_httpResponse != null) { _httpResponse.Dispose(); } throw new SerializationException("Unable to deserialize the response.", _defaultResponseContent, ex); } if (_shouldTrace) { ServiceClientTracing.Exit(_invocationId, _result); } return(_result); }
///<summary> ///Get campaign content ///</summary> internal async Task <RootContent> GetCampaignContentAsync(string campaign_id) { string endpoint = Authenticate.EndPoint(TargetTypes.campaigns, SubTargetType.content, SubTargetType.not_applicable, campaign_id); return(await BaseOperation.GetAsync <RootContent>(endpoint)); }
private void ProcessTcpData() { // This thread is aborted in Close() while (true) { try { var messageType = (MessageType)IPAddress.NetworkToHostOrder(_reader.ReadInt16()); //Debug.Log("Processing data of type: " + messageType); switch (messageType) { case MessageType.Version: _mumbleClient.RemoteVersion = Serializer.DeserializeWithLengthPrefix <Version>(_ssl, PrefixStyle.Fixed32BigEndian); //Debug.Log("Server version: " + _mc.RemoteVersion.release); var authenticate = new Authenticate { Username = _username, Password = _password, Opus = true }; SendMessage(MessageType.Authenticate, authenticate); break; case MessageType.CryptSetup: var cryptSetup = Serializer.DeserializeWithLengthPrefix <CryptSetup>(_ssl, PrefixStyle.Fixed32BigEndian); ProcessCryptSetup(cryptSetup); //Debug.Log("Got crypt"); break; case MessageType.CodecVersion: _mumbleClient.CodecVersion = Serializer.DeserializeWithLengthPrefix <CodecVersion>(_ssl, PrefixStyle.Fixed32BigEndian); //Debug.Log("Got codec version"); break; case MessageType.ChannelState: ChannelState ChannelState = Serializer.DeserializeWithLengthPrefix <ChannelState>(_ssl, PrefixStyle.Fixed32BigEndian); /* * Debug.Log("Channel state Name = " + ChannelState.name); * Debug.Log("Channel state ID = " + ChannelState.channel_id); * Debug.Log("Channel state Position = " + ChannelState.position); * Debug.Log("Channel state Temporary = " + ChannelState.temporary); * Debug.Log("Channel state Parent = " + ChannelState.parent); * Debug.Log("Channel state Description = " + ChannelState.description); */ _mumbleClient.AddChannel(ChannelState); break; case MessageType.PermissionQuery: _mumbleClient.PermissionQuery = Serializer.DeserializeWithLengthPrefix <PermissionQuery>(_ssl, PrefixStyle.Fixed32BigEndian); //Debug.Log("Permission Query = " + _mumbleClient.PermissionQuery.permissions); //Debug.Log("Permission Channel = " + _mumbleClient.PermissionQuery.channel_id); break; case MessageType.UserState: //This is called for every user in the room, including us UserState user = Serializer.DeserializeWithLengthPrefix <UserState>(_ssl, PrefixStyle.Fixed32BigEndian); //Debug.Log("Name: " + user.Name); //Debug.Log("Session: " + user.Session); //Debug.Log("actor: " + user.Actor); //Debug.Log("Chan: " + user.ChannelId); //Debug.Log("ID: " + user.UserId); _mumbleClient.AddOrUpdateUser(user); break; case MessageType.ServerSync: //This is where we get our session Id //Debug.Log("Will server sync!"); _mumbleClient.SetServerSync(Serializer.DeserializeWithLengthPrefix <ServerSync>(_ssl, PrefixStyle.Fixed32BigEndian)); //Debug.Log("Server Sync Session= " + _mumbleClient.ServerSync.session); break; case MessageType.ServerConfig: _mumbleClient.ServerConfig = Serializer.DeserializeWithLengthPrefix <ServerConfig>(_ssl, PrefixStyle.Fixed32BigEndian); //Debug.Log("Sever config = " + _mumbleClient.ServerConfig); Debug.Log("Mumble is Connected"); _validConnection = true; // handshake complete break; case MessageType.SuggestConfig: //Contains suggested configuratio options from the server //like whether to send positional data, client version, etc. Serializer.DeserializeWithLengthPrefix <SuggestConfig>(_ssl, PrefixStyle.Fixed32BigEndian); break; case MessageType.TextMessage: TextMessage textMessage = Serializer.DeserializeWithLengthPrefix <TextMessage>(_ssl, PrefixStyle.Fixed32BigEndian); Debug.Log("Text message = " + textMessage.Message); Debug.Log("Text actor = " + textMessage.Actor); //Debug.Log("Text channel = " + textMessage.channel_id[0]); //Debug.Log("Text session Length = " + textMessage.Sessions.Length); //Debug.Log("Text Tree Length = " + textMessage.TreeIds.Length); break; case MessageType.UDPTunnel: var length = IPAddress.NetworkToHostOrder(_reader.ReadInt32()); //Debug.Log("Received UDP tunnel of length: " + length); //At this point the message is already decrypted _udpConnection.UnpackOpusVoicePacket(_reader.ReadBytes(length), false); /* * //var udpTunnel = Serializer.DeserializeWithLengthPrefix<UDPTunnel>(_ssl, * PrefixStyle.Fixed32BigEndian); */ break; case MessageType.Ping: Serializer.DeserializeWithLengthPrefix <MumbleProto.Ping>(_ssl, PrefixStyle.Fixed32BigEndian); break; case MessageType.Reject: // This is called, for example, when the max number of users has been hit var reject = Serializer.DeserializeWithLengthPrefix <Reject>(_ssl, PrefixStyle.Fixed32BigEndian); _validConnection = false; Debug.LogError("Mumble server reject: " + reject.Reason); _mumbleClient.OnConnectionDisconnect(); // The server connection is over, so we return return; case MessageType.UserRemove: var removal = Serializer.DeserializeWithLengthPrefix <UserRemove>(_ssl, PrefixStyle.Fixed32BigEndian); Debug.Log("Removing " + removal.Session); _mumbleClient.RemoveUser(removal.Session); break; case MessageType.ChannelRemove: var removedChan = Serializer.DeserializeWithLengthPrefix <ChannelRemove>(_ssl, PrefixStyle.Fixed32BigEndian); _mumbleClient.RemoveChannel(removedChan.ChannelId); Debug.Log("Removing channel " + removedChan.ChannelId); break; case MessageType.PermissionDenied: var denial = Serializer.DeserializeWithLengthPrefix <PermissionDenied>(_ssl, PrefixStyle.Fixed32BigEndian); Debug.LogError("Permission denied with fields Name: " + denial.Name + ", Type: " + denial.Type + ", Reason: " + denial.Reason); break; default: Debug.LogError("Message type " + messageType + " not implemented"); break; } } catch (Exception ex) { if (ex is EndOfStreamException) { Debug.LogError("EOS Exception: " + ex);//This happens when we connect again with the same username _mumbleClient.OnConnectionDisconnect(); } else if (ex is IOException) { Debug.LogError("IO Exception: " + ex); _mumbleClient.OnConnectionDisconnect(); } //These just means the app stopped, it's ok else if (ex is ObjectDisposedException) { } else if (ex is ThreadAbortException) { } else { Debug.LogError("Unhandled error: " + ex); } return; } } }
public async Task <Int32> Authenticateuser(Authenticate authenticate) { Int32 i = await _httpClient.PostJsonAsync <Int32>("api/Login/AuthenticateUser", authenticate); return(i); }
public override bool IsAuthorized(IAuthSession session, IAuthTokens tokens, Authenticate request = null) { return(session != null && session.IsAuthenticated && LoginMatchesSession(session, HttpContext.Current.GetUser().GetUserName())); }
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request) { var user = authService.Request.GetUser(); var userName = user.GetUserName(); if (!LoginMatchesSession(session, userName)) { authService.RemoveSession(); session = authService.GetSession(); } if (IsAuthorized(user)) { session.IsAuthenticated = true; if (session.UserAuthName == null) { session.UserAuthName = userName; } var aspReq = (HttpRequestBase)authService.Request.OriginalRequest; var loginUser = aspReq.ServerVariables["LOGON_USER"].ToNullIfEmpty(); var remoteUser = aspReq.ServerVariables["REMOTE_USER"].ToNullIfEmpty(); var identityName = aspReq.LogonUserIdentity != null ? aspReq.LogonUserIdentity.Name : null; session.DisplayName = loginUser ?? remoteUser ?? identityName; var tokens = new AuthTokens { Provider = Name, UserName = userName, DisplayName = session.DisplayName, Items = new Dictionary <string, string> { { "LOGON_USER", loginUser }, { "REMOTE_USER", remoteUser }, { "LogonUserIdentityName", identityName }, } }; if (session.Roles == null) { session.Roles = new List <string>(); } foreach (var role in AllRoles.Safe()) { if (user.IsInRole(role)) { session.Roles.AddIfNotExists(role); } } OnAuthenticated(authService, session, tokens, new Dictionary <string, string>()); return(new AuthenticateResponse { UserName = userName, SessionId = session.Id, DisplayName = session.DisplayName, ReferrerUrl = request.Continue }); } throw HttpError.Unauthorized("Windows Auth failed"); }
/// <summary> /// Sets the CallbackUrl and session.ReferrerUrl if not set and initializes the session tokens for this AuthProvider /// </summary> /// <param name="authService"></param> /// <param name="session"></param> /// <param name="request"> </param> /// <returns></returns> protected IAuthTokens Init(IServiceBase authService, ref IAuthSession session, Authenticate request) { AssertValidState(); if (this.CallbackUrl.IsNullOrEmpty()) { this.CallbackUrl = authService.Request.AbsoluteUri; } if (HostContext.Config?.UseSameSiteCookies == true) { var state = authService.Request.QueryString[Keywords.State]; if (!string.IsNullOrEmpty(state)) { (authService.Request.Response as IHttpResponse)?.ClearCookies(); authService.Request.CreateTemporarySessionId(state); session = authService.Request.GetSession(reload: true); } } session.ReferrerUrl = GetReferrerUrl(authService, session, request); var tokens = session.GetAuthTokens(Provider); if (tokens == null) { session.AddAuthToken(tokens = new AuthTokens { Provider = Provider }); } return(tokens); }
/// <summary> /// The entry point for all AuthProvider providers. Runs inside the AuthService so exceptions are treated normally. /// Overridable so you can provide your own Auth implementation. /// </summary> /// <param name="authService"></param> /// <param name="session"></param> /// <param name="request"></param> /// <returns></returns> public abstract override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request);
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request) { try { return(base.Authenticate(authService, session, request)); } catch (Exception ex) { return(ex); } }
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request) { var tokens = Init(authService, ref session, request); var httpReq = authService.RequestContext.Get<IHttpRequest>(); var isOpenIdRequest = !httpReq.GetParam("openid.mode").IsNullOrEmpty(); if (!isOpenIdRequest) { var openIdUrl = httpReq.GetParam("OpenIdUrl") ?? base.AuthRealm; if (openIdUrl.IsNullOrEmpty()) throw new ArgumentException("'OpenIdUrl' is required a required field"); try { using (var openid = CreateOpenIdRelyingParty(OpenIdApplicationStore)) { var openIdRequest = openid.CreateRequest(openIdUrl); AddAttributeExchangeExtensions(openIdRequest); // This is where you would add any OpenID extensions you wanted // to include in the authentication request. openIdRequest.AddExtension(CreateClaimsRequest(httpReq)); // Send your visitor to their Provider for authentication. var openIdResponse = openIdRequest.RedirectingResponse; var contentType = openIdResponse.Headers[HttpHeaders.ContentType]; var httpResult = new HttpResult(openIdResponse.ResponseStream, contentType) { StatusCode = openIdResponse.Status, StatusDescription = "Moved Temporarily", }; foreach (string header in openIdResponse.Headers) { httpResult.Headers[header] = openIdResponse.Headers[header]; } // Save the current session to keep the ReferrerUrl available (similar to Facebook provider) authService.SaveSession(session, SessionExpiry); return httpResult; } } catch (ProtocolException ex) { Log.Error("Failed to login to {0}".Fmt(openIdUrl), ex); return authService.Redirect(session.ReferrerUrl.AddHashParam("f", "Unknown")); } } if (isOpenIdRequest) { using (var openid = CreateOpenIdRelyingParty(OpenIdApplicationStore)) { var response = openid.GetResponse(); if (response != null) { switch (response.Status) { case AuthenticationStatus.Authenticated: var authInfo = CreateAuthInfo(response); // Use FormsAuthentication to tell ASP.NET that the user is now logged in, // with the OpenID Claimed Identifier as their username. session.IsAuthenticated = true; authService.SaveSession(session, SessionExpiry); OnAuthenticated(authService, session, tokens, authInfo); //Haz access! return authService.Redirect(session.ReferrerUrl.AddHashParam("s", "1")); case AuthenticationStatus.Canceled: return authService.Redirect(session.ReferrerUrl.AddHashParam("f", "ProviderCancelled")); case AuthenticationStatus.Failed: return authService.Redirect(session.ReferrerUrl.AddHashParam("f", "Unknown")); } } } } //Shouldn't get here return authService.Redirect(session.ReferrerUrl.AddHashParam("f", "Unknown")); }
public override async Task <object> AuthenticateAsync(IServiceBase authService, IAuthSession session, Authenticate request, CancellationToken token = default) { var tokens = this.Init(authService, ref session, request); var authServer = new AuthorizationServerDescription { AuthorizationEndpoint = new Uri(this.AuthorizeUrl), TokenEndpoint = new Uri(this.AccessTokenUrl) }; var authClient = new WebServerClient(authServer, this.ConsumerKey) { ClientCredentialApplicator = ClientCredentialApplicator.PostParameter(this.ConsumerSecret), }; /* * Because we are exceeding the default max depth (2) we need to increase the quota. * http://stackoverflow.com/questions/14691358/how-do-i-set-jsonreaderquotas-property-on-the-dotnetopenauth-oauth2clientchan * */ authClient.JsonReaderQuotas.MaxDepth = 10; var authState = authClient.ProcessUserAuthorization(); if (authState == null) { try { var authReq = authClient.PrepareRequestUserAuthorization(this.Scopes, new Uri(this.CallbackUrl)); var authContentType = authReq.Headers[HttpHeaders.ContentType]; var httpResult = new HttpResult(authReq.ResponseStream, authContentType) { StatusCode = authReq.Status, StatusDescription = "Moved Temporarily" }; foreach (string header in authReq.Headers) { httpResult.Headers[header] = authReq.Headers[header]; } foreach (string name in authReq.Cookies) { var cookie = authReq.Cookies[name]; if (cookie != null) { httpResult.SetSessionCookie(name, cookie.Value, cookie.Path); } } await this.SaveSessionAsync(authService, session, SessionExpiry, token).ConfigAwait(); return(httpResult); } catch (ProtocolException ex) { Log.Error("Failed to login to {0}".Fmt(this.Provider), ex); return(authService.Redirect(session.ReferrerUrl.AddHashParam("f", "Unknown"))); } } var accessToken = authState.AccessToken; if (accessToken != null) { try { tokens.AccessToken = accessToken; tokens.RefreshToken = authState.RefreshToken; tokens.RefreshTokenExpiry = authState.AccessTokenExpirationUtc; session.IsAuthenticated = true; var authInfo = this.CreateAuthInfo(accessToken); await this.OnAuthenticatedAsync(authService, session, tokens, authInfo, token).ConfigAwait(); return(authService.Redirect(session.ReferrerUrl.AddHashParam("s", "1"))); } catch (WebException we) { var statusCode = ((HttpWebResponse)we.Response).StatusCode; if (statusCode == HttpStatusCode.BadRequest) { return(authService.Redirect(session.ReferrerUrl.AddHashParam("f", "AccessTokenFailed"))); } } } return(authService.Redirect(session.ReferrerUrl.AddHashParam("f", "RequestTokenFailed"))); }
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request) { throw new NotImplementedException("JWT Authenticate() should not be called directly"); }
public void Options(Authenticate request) { }
/// <summary> /// Authenticate against Yammer OAuth endpoint. /// </summary> /// <param name="authService"> /// The auth service. /// </param> /// <param name="session"> /// The session. /// </param> /// <param name="request"> /// The request. /// </param> /// <returns> /// The <see cref="object"/>. /// </returns> public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request) { var tokens = this.Init(authService, ref session, request); // Check if this is a callback from Yammer OAuth, // if not, get the code. var code = authService.Request.QueryString["code"]; var isPreAuthCallback = !code.IsNullOrEmpty(); if (!isPreAuthCallback) { var preAuthUrl = $"{this.PreAuthUrl}?client_id={this.ClientId}&redirect_uri={this.RedirectUrl.UrlEncode()}"; this.SaveSession(authService, session, SessionExpiry); return(authService.Redirect(PreAuthUrlFilter(this, preAuthUrl))); } // If access code exists, get access token to be able to call APIs. var accessTokenUrl = $"{this.AccessTokenUrl}?client_id={this.ClientId}&client_secret={this.ClientSecret}&code={code}"; try { // Get access response object var contents = AccessTokenUrlFilter(this, accessTokenUrl).GetStringFromUrl(); var authInfo = PclExportClient.Instance.ParseQueryString(contents); var authObj = JsonObject.Parse(contents); var accessToken = authObj.Object("access_token"); var userInfo = authObj.Object("user"); // Save info into user session tokens.AccessToken = accessToken.Get("token"); tokens.UserId = accessToken.Get("user_id"); tokens.UserName = userInfo.Get("name"); tokens.DisplayName = userInfo.Get("full_name"); tokens.FullName = userInfo.Get("full_name"); tokens.FirstName = userInfo.Get("first_name"); tokens.LastName = userInfo.Get("last_name"); var emails = userInfo.Object("contact").ArrayObjects("email_addresses").ConvertAll(x => new EmailAddresses { Type = x.Get("type"), Address = x.Get("address") }); var email = emails.FirstOrDefault(q => q.Type == "primary"); if (email != null) { tokens.Email = email.Address; } // Save session info incl. login state session.UserName = tokens.UserName; session.Email = tokens.Email; session.FirstName = tokens.FirstName; session.LastName = tokens.LastName; session.IsAuthenticated = true; // Pass along var response = this.OnAuthenticated(authService, session, tokens, authInfo.ToDictionary()); if (response != null) { return(response); } // Has access! return(authService.Redirect(SuccessRedirectUrlFilter(this, this.CallbackUrl.SetParam("s", "1")))); } catch (WebException webEx) { var statusCode = ((HttpWebResponse)webEx.Response).StatusCode; if (statusCode == HttpStatusCode.BadRequest) { return(authService.Redirect(FailedRedirectUrlFilter(this, this.CallbackUrl.SetParam("f", "AccessTokenFailed")))); } } // Unknown error, shouldn't get here. return(authService.Redirect(FailedRedirectUrlFilter(this, this.CallbackUrl.SetParam("f", "Unknown")))); }
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request) { //new CredentialsAuthValidator().ValidateAndThrow(request); return Authenticate(authService, session, request.UserName, request.Password); }
public object Post(Authenticate request) { AssertAuthProviders(); if (ValidateFn != null) { var validationResponse = ValidateFn(this, Request.Verb, request); if (validationResponse != null) { return(validationResponse); } } if (request.RememberMe.HasValue) { var opt = request.RememberMe.GetValueOrDefault(false) ? SessionOptions.Permanent : SessionOptions.Temporary; base.Request.AddSessionOptions(opt); } var provider = request.provider ?? AuthProviders[0].Provider; if (provider == CredentialsAliasProvider) { provider = CredentialsProvider; } var oAuthConfig = GetAuthProvider(provider); if (oAuthConfig == null) { throw HttpError.NotFound(ErrorMessages.UnknownAuthProviderFmt.Fmt(provider)); } if (LogoutAction.EqualsIgnoreCase(request.provider)) { return(oAuthConfig.Logout(this, request)); } var session = this.GetSession(); var isHtml = base.Request.ResponseContentType.MatchesContentType(MimeTypes.Html); try { var response = Authenticate(request, provider, session, oAuthConfig); // The above Authenticate call may end an existing session and create a new one so we need // to refresh the current session reference. session = this.GetSession(); if (request.provider == null && !session.IsAuthenticated) { throw HttpError.Unauthorized(ErrorMessages.NotAuthenticated); } var referrerUrl = request.Continue ?? session.ReferrerUrl ?? this.Request.GetHeader("Referer") ?? oAuthConfig.CallbackUrl; var alreadyAuthenticated = response == null; response = response ?? new AuthenticateResponse { UserId = session.UserAuthId, UserName = session.UserAuthName, DisplayName = session.DisplayName ?? session.UserName ?? "{0} {1}".Fmt(session.FirstName, session.LastName).Trim(), SessionId = session.Id, ReferrerUrl = referrerUrl, }; if (isHtml && request.provider != null) { if (alreadyAuthenticated) { return(this.Redirect(referrerUrl.AddHashParam("s", "0"))); } if (!(response is IHttpResult) && !string.IsNullOrEmpty(referrerUrl)) { return(new HttpResult(response) { Location = referrerUrl }); } } return(response); } catch (HttpError ex) { var errorReferrerUrl = this.Request.GetHeader("Referer"); if (isHtml && errorReferrerUrl != null) { errorReferrerUrl = errorReferrerUrl.AddHashParam("f", ex.Message.Localize(Request)); return(HttpResult.Redirect(errorReferrerUrl)); } throw; } }
public abstract object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request);
public CommentController(Authenticate auth, ICommentRepository repo) { _repo = repo; _auth = auth; }
/// <summary> /// Public API entry point to authenticate via code /// </summary> /// <param name="request"></param> /// <returns>null; if already autenticated otherwise a populated instance of AuthResponse</returns> public AuthenticateResponse Authenticate(Authenticate request) { //Remove HTML Content-Type to avoid auth providers issuing browser re-directs this.Request.ResponseContentType = MimeTypes.PlainText; var provider = request.provider ?? AuthProviders[0].Provider; var oAuthConfig = GetAuthProvider(provider); if (oAuthConfig == null) throw HttpError.NotFound("No configuration was added for OAuth provider '{0}'".Fmt(provider)); if (request.provider == LogoutAction) return oAuthConfig.Logout(this, request) as AuthenticateResponse; var result = Authenticate(request, provider, this.GetSession(), oAuthConfig); var httpError = result as HttpError; if (httpError != null) throw httpError; return result as AuthenticateResponse; }
public object Get(Authenticate request) { return(Post(request)); }
public object Delete(Authenticate request) { if (ValidateFn != null) { var response = ValidateFn(this, HttpMethods.Delete, request); if (response != null) return response; } this.RemoveSession(); return new AuthenticateResponse(); }
/// <summary> /// Return click details for a specific link /// <param name="campaignId">Campaign Id</param> /// <param name="linkId">The id for the link</param> /// </summary> internal async Task <ClickReports> GetAlllSubscribersInfoAsync(string campaignId, string linkId) { string endpoint = Authenticate.EndPoint(TargetTypes.reports, SubTargetType.click_details, SubTargetType.members, campaignId, linkId); return(await BaseOperation.GetAsync <ClickReports>(endpoint)); }
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request) { var tokens = Init(authService, ref session, request); var httpRequest = authService.Request; //https://developer.github.com/v3/oauth/#common-errors-for-the-authorization-request var error = httpRequest.QueryString["error"] ?? httpRequest.QueryString["error_uri"] ?? httpRequest.QueryString["error_description"]; var hasError = !error.IsNullOrEmpty(); if (hasError) { Log.Error("GitHub error callback. {0}".Fmt(httpRequest.QueryString)); return authService.Redirect(session.ReferrerUrl); } var code = httpRequest.QueryString["code"]; var isPreAuthCallback = !code.IsNullOrEmpty(); if (!isPreAuthCallback) { string url = PreAuthUrl + "?client_id={0}&redirect_uri={1}&scope={2}&state={3}" .Fmt(ClientId, CallbackUrl.UrlEncode(), Scopes.Join(","), Guid.NewGuid().ToString("N")); authService.SaveSession(session, SessionExpiry); return authService.Redirect(url); } string accessTokenUrl = AccessTokenUrl + "?client_id={0}&redirect_uri={1}&client_secret={2}&code={3}" .Fmt(ClientId, CallbackUrl.UrlEncode(), ClientSecret, code); try { var contents = accessTokenUrl.GetStringFromUrl(); var authInfo = HttpUtility.ParseQueryString(contents); //GitHub does not throw exception, but just return error with descriptions //https://developer.github.com/v3/oauth/#common-errors-for-the-access-token-request var accessTokenError = authInfo["error"] ?? authInfo["error_uri"] ?? authInfo["error_description"]; if (!accessTokenError.IsNullOrEmpty()) { Log.Error("GitHub access_token error callback. {0}".Fmt(authInfo.ToString())); return authService.Redirect(session.ReferrerUrl.AddHashParam("f", "AccessTokenFailed")); } tokens.AccessTokenSecret = authInfo["access_token"]; session.IsAuthenticated = true; return OnAuthenticated(authService, session, tokens, authInfo.ToDictionary()) ?? authService.Redirect(session.ReferrerUrl.AddHashParam("s", "1")); //Haz Access! } catch (WebException webException) { //just in case GitHub will start throwing exceptions var statusCode = ((HttpWebResponse)webException.Response).StatusCode; if (statusCode == HttpStatusCode.BadRequest) { return authService.Redirect(session.ReferrerUrl.AddHashParam("f", "AccessTokenFailed")); } } return authService.Redirect(session.ReferrerUrl.AddHashParam("f", "Unknown")); }
/// <summary> /// Return click details for a specific link /// <param name="campaignId">Campaign Id</param> /// <param name="linkId">The id for the link.</param> /// </summary> internal async Task <ClickReports> GetLinkSpecificClickDetailsAsync(string campaignId, string linkId) { string endpoint = Authenticate.EndPoint(TargetTypes.reports, SubTargetType.click_details, SubTargetType.not_applicable, campaignId, linkId); return(await BaseOperation.GetAsync <ClickReports>(endpoint)); }
public abstract bool IsAuthorized(IAuthSession session, IAuthTokens tokens, Authenticate request = null);
public override bool IsAuthorized(IAuthSession session, IAuthTokens tokens, Authenticate request = null) { if (request != null) { if (!LoginMatchesSession(session, request.UserName)) return false; } // For OpenId, AccessTokenSecret is null/empty, but UserId is populated w/ authenticated url from openId providers return tokens != null && !string.IsNullOrEmpty(tokens.UserId); }
/// <summary> /// Used by the client to send the authentication credentials to the server. /// </summary> /// <param name="authenticate"></param> public void SendAuthenticate(Authenticate authenticate) { Connection.SendControl(PacketType.Authenticate, authenticate); }
public object Get(Authenticate request) { return Post(request); }
public override bool IsAuthorized(IAuthSession session, IAuthTokens tokens, Authenticate request = null) { return(session.FromToken && session.IsAuthenticated); }
public object Post(Authenticate request) { AssertAuthProviders(); if (ValidateFn != null) { var validationResponse = ValidateFn(this, Request.Verb, request); if (validationResponse != null) { return(validationResponse); } } var authFeature = GetPlugin <AuthFeature>(); if (request.RememberMe.HasValue) { var opt = request.RememberMe.GetValueOrDefault(false) ? SessionOptions.Permanent : SessionOptions.Temporary; base.Request.AddSessionOptions(opt); } var provider = request.provider ?? AuthProviders[0].Provider; if (provider == CredentialsAliasProvider) { provider = CredentialsProvider; } var authProvider = GetAuthProvider(provider); if (authProvider == null) { throw HttpError.NotFound(ErrorMessages.UnknownAuthProviderFmt.Fmt(provider.SafeInput())); } if (LogoutAction.EqualsIgnoreCase(request.provider)) { return(authProvider.Logout(this, request)); } if (authProvider is IAuthWithRequest && !base.Request.IsInProcessRequest()) { //IAuthWithRequest normally doesn't call Authenticate directly, but they can to return Auth Info //But as AuthenticateService doesn't have [Authenticate] we need to call it manually new AuthenticateAttribute().ExecuteAsync(base.Request, base.Response, request).Wait(); if (base.Response.IsClosed) { return(null); } } var session = this.GetSession(); var isHtml = base.Request.ResponseContentType.MatchesContentType(MimeTypes.Html); try { var response = Authenticate(request, provider, session, authProvider); // The above Authenticate call may end an existing session and create a new one so we need // to refresh the current session reference. session = this.GetSession(); if (request.provider == null && !session.IsAuthenticated) { throw HttpError.Unauthorized(ErrorMessages.NotAuthenticated.Localize(Request)); } var returnUrl = Request.GetReturnUrl(); var referrerUrl = returnUrl ?? session.ReferrerUrl ?? base.Request.GetQueryStringOrForm(Keywords.ReturnUrl) ?? this.Request.GetHeader(HttpHeaders.Referer) ?? authProvider.CallbackUrl; if (authFeature != null) { if (!string.IsNullOrEmpty(returnUrl)) { authFeature.ValidateRedirectLinks(Request, referrerUrl); } } var manageRoles = AuthRepository as IManageRoles; var alreadyAuthenticated = response == null; response ??= new AuthenticateResponse { UserId = session.UserAuthId, UserName = session.UserAuthName, DisplayName = session.DisplayName ?? session.UserName ?? $"{session.FirstName} {session.LastName}".Trim(), SessionId = session.Id, ReferrerUrl = referrerUrl, }; if (response is AuthenticateResponse authResponse) { authResponse.ProfileUrl ??= session.GetProfileUrl(); if (authFeature?.IncludeRolesInAuthenticateResponse == true && session.UserAuthId != null) { authResponse.Roles ??= (manageRoles != null ? manageRoles.GetRoles(session.UserAuthId)?.ToList() : session.Roles); authResponse.Permissions ??= (manageRoles != null ? manageRoles.GetPermissions(session.UserAuthId)?.ToList() : session.Permissions); } var authCtx = new AuthFilterContext { AuthService = this, AuthProvider = authProvider, AuthRequest = request, AuthResponse = authResponse, ReferrerUrl = referrerUrl, Session = session, AlreadyAuthenticated = alreadyAuthenticated, DidAuthenticate = Request.Items.ContainsKey(Keywords.DidAuthenticate), }; foreach (var responseFilter in AuthResponseFilters) { responseFilter.Execute(authCtx); } if (AuthResponseDecorator != null) { var authDecoratorResponse = AuthResponseDecorator(authCtx); if (authDecoratorResponse != response) { return(authDecoratorResponse); } } } if (isHtml && request.provider != null) { if (alreadyAuthenticated) { return(this.Redirect(referrerUrl.SetParam("s", "0"))); } if (!(response is IHttpResult) && !string.IsNullOrEmpty(referrerUrl)) { return(new HttpResult(response) { Location = referrerUrl }); } } return(response); } catch (Exception ex) { if (isHtml && Request.GetErrorView() != null) { return(ex); } if (ex is HttpError) { var errorReferrerUrl = this.Request.GetHeader(HttpHeaders.Referer); if (isHtml && errorReferrerUrl != null) { errorReferrerUrl = errorReferrerUrl.SetParam("f", ex.Message.Localize(Request)); return(HttpResult.Redirect(errorReferrerUrl)); } } throw; } }
/// <summary> /// Get conversation messages /// <param name="conversation_id">Unique id for the campaign</param> /// <param name="message_id">The unique id for the conversation message</param> /// </summary> internal async Task <ConversationMessage> GetMessageByIdAsync(string conversation_id, string message_id) { string endpoint = Authenticate.EndPoint(TargetTypes.conversations, SubTargetType.messages, SubTargetType.not_applicable, conversation_id, message_id); return(await BaseOperation.GetAsync <ConversationMessage>(endpoint)); }
public override bool IsAuthorized(IAuthSession session, IAuthTokens tokens, Authenticate request = null) { return(base.IsAuthorized(session, tokens, request)); }
protected virtual string GetReferrerUrl(IServiceBase authService, IAuthSession session, Authenticate request = null) { if (request == null) request = authService.Request.Dto as Authenticate; var referrerUrl = session.ReferrerUrl; if (referrerUrl.IsNullOrEmpty()) referrerUrl = (request != null ? request.Continue : null) ?? authService.Request.GetHeader("Referer"); var requestUri = authService.Request.AbsoluteUri; if (referrerUrl.IsNullOrEmpty() || referrerUrl.IndexOf("/auth", StringComparison.OrdinalIgnoreCase) >= 0) referrerUrl = this.RedirectUrl ?? authService.Request.GetBaseUrl() ?? requestUri.InferBaseUrl(); return referrerUrl; }
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request) { var httpRequest = authService.Request; var code = httpRequest.QueryString[Keywords.Code]; if (code == null) { return(base.Authenticate(authService, session, request)); } var tokens = Init(authService, ref session, request); try { var accessTokenUrl = $"{AccessTokenUrl}?code={code}&client_id={ConsumerKey}&client_secret={ConsumerSecret}&redirect_uri={this.CallbackUrl.UrlEncode()}&grant_type=authorization_code"; var contents = AccessTokenUrlFilter(this, accessTokenUrl).PostToUrl(""); var authInfo = JsonObject.Parse(contents); var accessToken = authInfo["access_token"]; return(AuthenticateWithAccessToken(authService, session, tokens, accessToken) ?? authService.Redirect(SuccessRedirectUrlFilter(this, session.ReferrerUrl.SetParam("s", "1")))); //Haz Access! } catch (WebException we) { string errorBody = we.GetResponseBody(); var statusCode = ((HttpWebResponse)we.Response).StatusCode; if (statusCode == HttpStatusCode.BadRequest) { return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "AccessTokenFailed")))); } } //Shouldn't get here return(authService.Redirect(FailedRedirectUrlFilter(this, session.ReferrerUrl.SetParam("f", "Unknown")))); }
/// <summary> /// The specified <paramref name="session"/> may change as a side-effect of this method. If /// subsequent code relies on current <see cref="IAuthSession"/> data be sure to reload /// the session istance via <see cref="ServiceExtensions.GetSession(IServiceBase,bool)"/>. /// </summary> private object Authenticate(Authenticate request, string provider, IAuthSession session, IAuthProvider oAuthConfig) { object response = null; if (!oAuthConfig.IsAuthorized(session, session.GetOAuthTokens(provider), request)) { response = oAuthConfig.Authenticate(this, session, request); } return response; }
public override bool IsAuthorized(IAuthSession session, IAuthTokens tokens, Authenticate request = null) { return(session != null && session.IsAuthenticated && !session.UserAuthName.IsNullOrEmpty()); }
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request) { var authRepo = HostContext.AppHost.GetAuthRepository(authService.Request); using (authRepo as IDisposable) { var apiKey = GetApiKey(authService.Request, request.Password); ValidateApiKey(apiKey); var userAuth = authRepo.GetUserAuth(apiKey.UserAuthId); if (userAuth == null) { throw HttpError.Unauthorized("User for ApiKey does not exist"); } if (IsAccountLocked(authRepo, userAuth)) { throw new AuthenticationException(ErrorMessages.UserAccountLocked.Localize(authService.Request)); } PopulateSession(authRepo as IUserAuthRepository, userAuth, session); if (session.UserAuthName == null) { session.UserAuthName = userAuth.UserName ?? userAuth.Email; } var response = OnAuthenticated(authService, session, null, null); if (response != null) { return(response); } authService.Request.Items[Keywords.ApiKey] = apiKey; return(new AuthenticateResponse { UserId = session.UserAuthId, UserName = session.UserName, SessionId = session.Id, DisplayName = session.DisplayName ?? session.UserName ?? $"{session.FirstName} {session.LastName}".Trim(), ReferrerUrl = request.Continue, }); } }
public object Post(Authenticate request) { AssertAuthProviders(); if (ValidateFn != null) { var validationResponse = ValidateFn(this, HttpMethods.Get, request); if (validationResponse != null) return validationResponse; } if (request.RememberMe.HasValue) { var opt = request.RememberMe.GetValueOrDefault(false) ? SessionOptions.Permanent : SessionOptions.Temporary; base.Request.AddSessionOptions(opt); } var provider = request.provider ?? AuthProviders[0].Provider; var oAuthConfig = GetAuthProvider(provider); if (oAuthConfig == null) throw HttpError.NotFound("No configuration was added for OAuth provider '{0}'".Fmt(provider)); if (request.provider == LogoutAction) return oAuthConfig.Logout(this, request); var session = this.GetSession(); var isHtml = base.Request.ResponseContentType.MatchesContentType(MimeTypes.Html); try { var response = Authenticate(request, provider, session, oAuthConfig); // The above Authenticate call may end an existing session and create a new one so we need // to refresh the current session reference. session = this.GetSession(); var referrerUrl = request.Continue ?? session.ReferrerUrl ?? this.Request.GetHeader("Referer") ?? oAuthConfig.CallbackUrl; var alreadyAuthenticated = response == null; response = response ?? new AuthenticateResponse { UserId = session.UserAuthId, UserName = session.UserAuthName, SessionId = session.Id, ReferrerUrl = referrerUrl, }; if (isHtml) { if (alreadyAuthenticated) return this.Redirect(referrerUrl.AddHashParam("s", "0")); if (!(response is IHttpResult) && !String.IsNullOrEmpty(referrerUrl)) { return new HttpResult(response) { Location = referrerUrl }; } } return response; } catch (HttpError ex) { var errorReferrerUrl = this.Request.GetHeader("Referer"); if (isHtml && errorReferrerUrl != null) { errorReferrerUrl = errorReferrerUrl.SetQueryParam("error", ex.Message); return HttpResult.Redirect(errorReferrerUrl); } throw; } }
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request) { new CredentialsAuthValidator().ValidateAndThrow(request); return(Authenticate(authService, session, request.UserName, request.Password, request.Continue)); }