private async Task <LoginUserDetails> AssociateCredential(AuthenticatedUser user)
{
var result = await _authService.ReadExternalLoginCredential(OwinContext);
if (result.ExternalIdentity == null)
{
// User got here without an external login cookie (or an expired one)
// Send them to the logon action
return(null);
}
await _authService.AddCredential(user.User, result.Credential);
await RemovePasswordCredential(user.User);
// Notify the user of the change
var emailMessage = new CredentialAddedMessage(
_messageServiceConfiguration,
user.User,
_authService.DescribeCredential(result.Credential).GetCredentialTypeInfo());
await _messageService.SendMessageAsync(emailMessage);
return(new LoginUserDetails
{
AuthenticatedUser = new AuthenticatedUser(user.User, result.Credential),
UsedMultiFactorAuthentication = result.LoginDetails?.WasMultiFactorAuthenticated ?? false
});
}
private async Task <AuthenticatedUser> AssociateCredential(AuthenticatedUser user)
{
var result = await _authService.ReadExternalLoginCredential(OwinContext);
if (result.ExternalIdentity == null)
{
// User got here without an external login cookie (or an expired one)
// Send them to the logon action
return(null);
}
await _authService.AddCredential(user.User, result.Credential);
var passwordCredential = user.User.GetPasswordCredential();
if (passwordCredential != null)
{
await _authService.RemoveCredential(user.User, passwordCredential);
}
// Notify the user of the change
_messageService.SendCredentialAddedNotice(user.User, _authService.DescribeCredential(result.Credential));
return(new AuthenticatedUser(user.User, result.Credential));
}
private async Task <Credential> GenerateApiKeyInternal(string description, ICollection <Scope> scopes, TimeSpan?expiration)
{
var user = GetCurrentUser();
// Create a new API Key credential, and save to the database
var newCredential = _credentialBuilder.CreateApiKey(expiration);
newCredential.Description = description;
newCredential.Scopes = scopes;
await _authService.AddCredential(user, newCredential);
return(newCredential);
}
private async Task <CredentialViewModel> GenerateApiKeyInternal(string description, ICollection <Scope> scopes, TimeSpan?expiration)
{
var user = GetCurrentUser();
// Create a new API Key credential, and save to the database
var newCredential = _credentialBuilder.CreateApiKey(expiration, out string plaintextApiKey);
newCredential.Description = description;
newCredential.Scopes = scopes;
await AuthenticationService.AddCredential(user, newCredential);
var credentialViewModel = AuthenticationService.DescribeCredential(newCredential);
credentialViewModel.Value = plaintextApiKey;
return(credentialViewModel);
}
public async virtual Task <ActionResult> CreatePackageVerificationKeyAsync(string id, string version)
{
// For backwards compatibility, we must preserve existing behavior where the client always pushes
// symbols and the VerifyPackageKey callback returns the appropriate response. For this reason, we
// always create a temp key scoped to the unverified package ID here and defer package and owner
// validation until the VerifyPackageKey call.
var credential = CredentialBuilder.CreatePackageVerificationApiKey(id);
var user = GetCurrentUser();
await AuthenticationService.AddCredential(user, credential);
TelemetryService.TrackCreatePackageVerificationKeyEvent(id, version, user, User.Identity);
return(Json(new
{
Key = credential.Value,
Expires = credential.Expires.Value.ToString("O")
}));
}