Exemple #1
0
        /// <inheritdoc />
        public async Task <string> StoreAsync(AuthenticationTicket ticket)
        {
            // it's possible that the user re-triggered OIDC (somehow) prior to
            // the session DB records being cleaned up, so we should preemptively remove
            // conflicting session records for this sub/sid combination
            await _store.DeleteUserSessionsAsync(new UserSessionsFilter
            {
                SubjectId = ticket.GetSubjectId(),
                SessionId = ticket.GetSessionId()
            });

            var key = CryptoRandom.CreateUniqueId(format: CryptoRandom.OutputFormat.Hex);

            _logger.LogDebug("Creating entry in store for AuthenticationTicket, key {key}, with expiration: {expiration}", key, ticket.GetExpiration());

            var session = new UserSession
            {
                Key       = key,
                Created   = ticket.GetIssued(),
                Renewed   = ticket.GetIssued(),
                Expires   = ticket.GetExpiration(),
                SubjectId = ticket.GetSubjectId(),
                SessionId = ticket.GetSessionId(),
                Ticket    = ticket.Serialize(_protector)
            };

            await _store.CreateUserSessionAsync(session);

            return(key);
        }
Exemple #2
0
        /// <inheritdoc />
        public async Task RenewAsync(string key, AuthenticationTicket ticket)
        {
            var session = await _store.GetUserSessionAsync(key);

            if (session == null)
            {
                throw new InvalidOperationException($"No matching item in store for key `{key}`");
            }

            _logger.LogDebug("Renewing AuthenticationTicket for key {key}, with expiration: {expiration}", key, ticket.GetExpiration());

            var sub     = ticket.GetSubjectId();
            var sid     = ticket.GetSessionId();
            var isNew   = session.SubjectId != sub || session.SessionId != sid;
            var created = isNew ? ticket.GetIssued() : session.Created;

            await _store.UpdateUserSessionAsync(key, new UserSessionUpdate {
                SubjectId = ticket.GetSubjectId(),
                SessionId = ticket.GetSessionId(),
                Created   = created,
                Renewed   = ticket.GetIssued(),
                Expires   = ticket.GetExpiration(),
                Ticket    = ticket.Serialize(_protector)
            });
        }
Exemple #3
0
    /// <inheritdoc />
    public async Task RenewAsync(string key, AuthenticationTicket ticket)
    {
        ArgumentNullException.ThrowIfNull(ticket);

        var session = await _store.GetSessionAsync(key);

        if (session == null)
        {
            throw new InvalidOperationException($"No matching item in store for key `{key}`");
        }

        _logger.LogDebug("Renewing AuthenticationTicket for key {key}, with expiration: {expiration}", key, ticket.GetExpiration());

        var sub  = ticket.GetSubjectId();
        var sid  = ticket.GetSessionId();
        var name = String.IsNullOrWhiteSpace(_options.ServerSideSessions.UserDisplayNameClaimType) ? null : ticket.Principal.FindFirst(_options.ServerSideSessions.UserDisplayNameClaimType)?.Value;

        var isNew = session.SubjectId != sub || session.SessionId != sid;

        if (isNew)
        {
            session.Created   = ticket.GetIssued();
            session.SubjectId = sub;
            session.SessionId = sid;
        }

        session.Renewed     = ticket.GetIssued();
        session.Expires     = ticket.GetExpiration();
        session.DisplayName = name;
        session.Ticket      = ticket.Serialize(_protector);

        await _store.UpdateSessionAsync(session);
    }
Exemple #4
0
    /// <inheritdoc />
    public async Task <string> StoreAsync(AuthenticationTicket ticket)
    {
        ArgumentNullException.ThrowIfNull(ticket);

        ticket.SetIssuer(await _issuerNameService.GetCurrentAsync());

        var key = CryptoRandom.CreateUniqueId(format: CryptoRandom.OutputFormat.Hex);

        _logger.LogDebug("Creating entry in store for AuthenticationTicket, key {key}, with expiration: {expiration}", key, ticket.GetExpiration());

        var session = new ServerSideSession
        {
            Key         = key,
            Scheme      = ticket.AuthenticationScheme,
            Created     = ticket.GetIssued(),
            Renewed     = ticket.GetIssued(),
            Expires     = ticket.GetExpiration(),
            SubjectId   = ticket.GetSubjectId(),
            SessionId   = ticket.GetSessionId(),
            DisplayName = ticket.GetDisplayName(_options.ServerSideSessions.UserDisplayNameClaimType),
            Ticket      = ticket.Serialize(_protector)
        };

        await _store.CreateSessionAsync(session);

        return(key);
    }
Exemple #5
0
        /// <inheritdoc />
        public async Task <string> StoreAsync(AuthenticationTicket ticket)
        {
            var key = CryptoRandom.CreateUniqueId(format: CryptoRandom.OutputFormat.Hex);

            var session = new UserSession
            {
                Key       = key,
                Created   = ticket.GetIssued(),
                Renewed   = ticket.GetIssued(),
                Expires   = ticket.GetExpiration(),
                SubjectId = ticket.GetSubjectId(),
                SessionId = ticket.GetSessionId(),
                Scheme    = ticket.AuthenticationScheme,
                Ticket    = ticket.Serialize(),
            };

            await _store.CreateUserSessionAsync(session);

            return(key);
        }