private Principal GetOrCreatePrincipal(AuthenticationSuccessMessage authenticationSuccessMessage, TimeSpan?cacheTimeSpan = null) { var principalManagmentService = _principalManagmentService;//AppDependencyLocator.Current.GetInstance<PrincipalManagmentService>(); var identity = authenticationSuccessMessage.Identity; var idp = identity.GetIdp(); var sub = identity.GetSub(); var unqiueIdentifier = identity.GetSessionUniqueIdentifier(); var principal = principalManagmentService.Get(idp, sub, unqiueIdentifier, cacheTimeSpan); // I am throttling this, whilst it possibly doesn't stop mutli env // it limits the exposure // there shouldn't be that many new user creates! // arguble not to throttle, going to er on side of caution if (principal == null) { try { _mutex.Wait(); principal = principalManagmentService.CreateIfNotExists(idp, sub, authenticationSuccessMessage.UserId ?? identity.Name ?? "Service", unqiueIdentifier, cacheTimeSpan); } finally { _mutex.Release(); } _diagnosticsTracingService.Trace(TraceLevel.Info, $"new user created idp : {idp}, sub : {sub}"); } return(principal); }
// Invoked by OIDC flows, when successfully authenticated. public void OnAuthenticationSuccess(AuthenticationSuccessMessage authenticationSuccessMessage) { var identity = authenticationSuccessMessage.Identity; AddSessionUniqueIdentifier(identity); var principal = GetOrCreatePrincipal(authenticationSuccessMessage, identity.GetDurationToLive()); AddClaims(identity, principal); }
public void SecurityTokenValidated(AuthenticationSuccessMessage authenticationSuccessMessage) { OnAuthenticationSuccess(authenticationSuccessMessage); //var identity = authenticationSuccessMessage.Identity; //AddSessionUniqueIdentifier(identity); //var principal = GetOrCreatePrincipal(authenticationSuccessMessage); //AddClaims(identity, principal); //// Now add a Session!!! //var session = _sessionService.CreateAndSave(principal, identity.GetSessionUniqueIdentifier()); //identity.AddClaim(new Claim(ClaimTitles.SessionIdentifier, session.Id.ToString())); }
/// <summary> /// This event happens when the user has authenticated /// so if you want to add a claim, now is the time. /// </summary> /// <param name="notification"></param> /// <returns></returns> private static Task OnSecurityTokenValidated( SecurityTokenValidatedNotification <OpenIdConnectMessage, OpenIdConnectAuthenticationOptions> notification) { var protocolMessage = notification.ProtocolMessage; var authenticationSuccessMessage = new AuthenticationSuccessMessage() { UserId = protocolMessage.UserId, Identity = notification.AuthenticationTicket.Identity }; _oidcNotificationHandlerService.SecurityTokenValidated(authenticationSuccessMessage); return(Task.FromResult(0)); }