protected async Task <IActionResult> Authenticate(string returnUrl, string currentAmr, OAuthUser user, bool rememberLogin = false) { var unprotectedUrl = Unprotect(returnUrl); var query = unprotectedUrl.GetQueries().ToJObj(); var acrValues = query.GetAcrValuesFromAuthorizationRequest(); var clientId = query.GetClientIdFromAuthorizationRequest(); var client = (OpenIdClient)await _oauthClientRepository.FindOAuthClientById(clientId); var acr = await _amrHelper.FetchDefaultAcr(acrValues, client); string amr; if (acr == null || string.IsNullOrWhiteSpace(amr = _amrHelper.FetchNextAmr(acr, currentAmr))) { var claims = user.ToClaims(); claims.Add(new Claim(ClaimTypes.AuthenticationInstant, DateTime.UtcNow.ToString())); var claimsIdentity = new ClaimsIdentity(claims, currentAmr); var claimsPrincipal = new ClaimsPrincipal(claimsIdentity); await HttpContext.SignInAsync(claimsPrincipal, new AuthenticationProperties { IsPersistent = rememberLogin }); return(Redirect(unprotectedUrl)); } return(RedirectToAction("Index", "Authenticate", new { area = amr, ReturnUrl = returnUrl })); }
protected async Task <IActionResult> Authenticate(string returnUrl, string currentAmr, OAuthUser user, CancellationToken token, bool rememberLogin = false) { var unprotectedUrl = Unprotect(returnUrl); var query = unprotectedUrl.GetQueries().ToJObj(); var acrValues = query.GetAcrValuesFromAuthorizationRequest(); var clientId = query.GetClientIdFromAuthorizationRequest(); var requestedClaims = query.GetClaimsFromAuthorizationRequest(); var client = (OpenIdClient)await _oauthClientRepository.FindOAuthClientById(clientId, token); var acr = await _amrHelper.FetchDefaultAcr(acrValues, requestedClaims, client, token); string amr; if (acr == null || string.IsNullOrWhiteSpace(amr = _amrHelper.FetchNextAmr(acr, currentAmr))) { var currentDateTime = DateTime.UtcNow; var expirationDateTime = currentDateTime.AddSeconds(_options.CookieAuthExpirationTimeInSeconds); var offset = DateTimeOffset.UtcNow.AddSeconds(_options.CookieAuthExpirationTimeInSeconds); var claims = user.ToClaims(); var claimsIdentity = new ClaimsIdentity(claims, currentAmr); var claimsPrincipal = new ClaimsPrincipal(claimsIdentity); user.AddSession(expirationDateTime); await _oauthUserCommandRepository.Update(user, token); await _oauthUserCommandRepository.SaveChanges(token); Response.Cookies.Append(_options.SessionCookieName, user.GetActiveSession().SessionId, new CookieOptions { Secure = true, HttpOnly = false, SameSite = SameSiteMode.None }); if (rememberLogin) { await HttpContext.SignInAsync(claimsPrincipal, new AuthenticationProperties { IsPersistent = true }); } else { await HttpContext.SignInAsync(claimsPrincipal, new AuthenticationProperties { IsPersistent = true, ExpiresUtc = offset }); } return(Redirect(unprotectedUrl)); } return(RedirectToAction("Index", "Authenticate", new { area = amr, ReturnUrl = returnUrl })); }
protected async Task <IActionResult> Authenticate(string returnUrl, string currentAmr, OAuthUser user, CancellationToken token, bool rememberLogin = false) { var unprotectedUrl = Unprotect(returnUrl); var query = unprotectedUrl.GetQueries().ToJObj(); var acrValues = query.GetAcrValuesFromAuthorizationRequest(); var clientId = query.GetClientIdFromAuthorizationRequest(); var requestedClaims = query.GetClaimsFromAuthorizationRequest(); var client = (OpenIdClient)await _oauthClientRepository.FindOAuthClientById(clientId, token); var acr = await _amrHelper.FetchDefaultAcr(acrValues, requestedClaims, client, token); string amr; if (acr == null || string.IsNullOrWhiteSpace(amr = _amrHelper.FetchNextAmr(acr, currentAmr))) { return(await Sign(unprotectedUrl, currentAmr, user, token, rememberLogin)); } return(RedirectToAction("Index", "Authenticate", new { area = amr, ReturnUrl = returnUrl })); }