private async Task <Claim[]> GetUserLoginClaims(AuthenticatedUser user, bool wasMultiFactorAuthenticated) { await _contentObjectService.Refresh(); var claims = new List <Claim>(); if (_contentObjectService.LoginDiscontinuationConfiguration.IsLoginDiscontinued(user)) { ClaimsExtensions.AddBooleanClaim(claims, NuGetClaims.DiscontinuedLogin); } if (user.User.HasPasswordCredential()) { ClaimsExtensions.AddBooleanClaim(claims, NuGetClaims.PasswordLogin); } if (user.User.HasExternalCredential()) { ClaimsExtensions.AddBooleanClaim(claims, NuGetClaims.ExternalLogin); } if (user.User.EnableMultiFactorAuthentication) { ClaimsExtensions.AddBooleanClaim(claims, NuGetClaims.EnabledMultiFactorAuthentication); } if (wasMultiFactorAuthenticated) { ClaimsExtensions.AddBooleanClaim(claims, NuGetClaims.WasMultiFactorAuthenticated); } ClaimsExtensions.AddExternalLoginCredentialTypeClaim(claims, user.CredentialUsed.Type); return(claims.ToArray()); }
public override IdentityInformation GetIdentityInformation(ClaimsIdentity claimsIdentity) { return(ClaimsExtensions.GetIdentityInformation( claimsIdentity, DefaultAuthenticationType, ClaimTypes.NameIdentifier, ClaimTypeName, ClaimTypes.Name)); }
private static Mock <ClaimsIdentity> BuildClaimsIdentity(string authType, bool authenticated, bool hasDiscontinuedLoginClaim) { var mockIdentity = new Mock <ClaimsIdentity>(); var claims = new List <Claim>(); if (hasDiscontinuedLoginClaim) { ClaimsExtensions.AddBooleanClaim(claims, NuGetClaims.DiscontinuedLogin); } mockIdentity.SetupGet(i => i.Claims).Returns(claims.ToArray()); mockIdentity.SetupGet(i => i.IsAuthenticated).Returns(authenticated); mockIdentity.SetupGet(i => i.AuthenticationType).Returns(authType); return(mockIdentity); }
public override void OnAuthorization(AuthorizationContext filterContext) { // If the user has a discontinued login claim, redirect them to the homepage var identity = filterContext.HttpContext.User.Identity as ClaimsIdentity; if (!AllowDiscontinuedLogins && ClaimsExtensions.HasDiscontinuedLoginCLaims(identity)) { filterContext.Result = new RedirectToRouteResult( new RouteValueDictionary( new { controller = "Pages", action = "Home" })); } base.OnAuthorization(filterContext); }
public override void OnAuthorization(AuthorizationContext filterContext) { // If the user has a discontinued login claim or should enable 2FA, redirect them to the homepage var identity = filterContext.HttpContext.User.Identity as ClaimsIdentity; var askUserToEnable2FA = filterContext.Controller?.TempData?.ContainsKey(GalleryConstants.AskUserToEnable2FA); if ((!AllowDiscontinuedLogins && ClaimsExtensions.HasDiscontinuedLoginClaims(identity)) || (askUserToEnable2FA.HasValue && askUserToEnable2FA.Value)) { filterContext.Result = new RedirectToRouteResult( new RouteValueDictionary( new { area = "", controller = "Pages", action = "Home" })); } base.OnAuthorization(filterContext); }
private async Task <Claim[]> GetDiscontinuedLoginClaims(AuthenticatedUser user) { await _contentObjectService.Refresh(); var claims = new List <Claim>(); if (_contentObjectService.LoginDiscontinuationConfiguration.IsLoginDiscontinued(user)) { ClaimsExtensions.AddBooleanClaim(claims, NuGetClaims.DiscontinuedLogin); } if (user.User.HasPasswordCredential()) { ClaimsExtensions.AddBooleanClaim(claims, NuGetClaims.PasswordLogin); } if (user.User.HasExternalCredential()) { ClaimsExtensions.AddBooleanClaim(claims, NuGetClaims.ExternalLogin); } return(claims.ToArray()); }