public ClaimsPrincipalMiddleware(RequestDelegate next, IContainerResolve container, ClaimsPrincipalMiddlewareOption option) { _next = next ?? throw new ArgumentNullException(nameof(next)); if (null == container) { throw new ArgumentNullException(nameof(container)); } if (null == option) { throw new ArgumentNullException(nameof(option)); } var logger = container.Resolve <ILogger <ClaimsPrincipalMiddleware> >(); if (!container.TryResolve <CacheContext>(out _cacheContext)) { logger.Technical().Information("No cache context is available.").Log(); } _option = option; _activitySource = container.Resolve <IActivitySourceFactory>()?.GetArc4u(); }
public async Task Invoke(HttpContext context) { if (context.User.Identity.IsAuthenticated && context.User.Identity.AuthenticationType.Equals(_options.OpenIdSettings.Values[TokenKeys.AuthenticationTypeKey], StringComparison.InvariantCultureIgnoreCase)) { if (context.User is AppPrincipal principal) { context.Request?.Headers?.Add("activityid", principal?.ActivityID.ToString() ?? Guid.NewGuid().ToString()); if (null != principal?.Profile?.CurrentCulture) { context.Request?.Headers?.Add("culture", principal.Profile.CurrentCulture.TwoLetterISOLanguageName); } } IContainerResolve container = (IContainerResolve)context.RequestServices.GetService(typeof(IContainerResolve)); // Not thread safe => can call activity source factory more than one but factory implementation is thread safe => so few calls on the start of the service is a possibility. if (!hasAlreadyTriedToResolve) { hasAlreadyTriedToResolve = true; _activitySource = container.Resolve <IActivitySourceFactory>()?.GetArc4u(); } using (var activity = _activitySource?.StartActivity("Inject bearer token in header", ActivityKind.Producer)) { ITokenProvider provider = container.Resolve <ITokenProvider>(_options.OpenIdSettings.Values[TokenKeys.ProviderIdKey]); var tokenInfo = await provider.GetTokenAsync(_options.OpenIdSettings, context.User.Identity); var authorization = new AuthenticationHeaderValue("Bearer", tokenInfo.AccessToken).ToString(); context.Request.Headers.Remove("Authorization"); context.Request.Headers.Add("Authorization", authorization); } } await _next.Invoke(context); }
private IApplicationContext GetCallContext(out object parameters, out IContainerResolve containerResolve) { containerResolve = GetResolver(); // first priority to the scope one! if (null != _accessor?.HttpContext?.RequestServices) { var ctx = containerResolve.Resolve <IApplicationContext>(); parameters = ctx; // As this is global for an handler, this can be saved at the level of the class. // We do this here only when using an accessor => the IContainerResolve is only available in the context of a call not // when the JwtHttpHandler is built. if (null == _settings && !String.IsNullOrWhiteSpace(_settingsName)) { if (!containerResolve.TryResolve(_settingsName, out _settings)) { _logger.Technical().Debug($"No settings for {_settingsName} is found.").Log(); } } return(ctx); } parameters = _parameters; return(_applicationContext); }
/// <summary> /// /// </summary> /// <param name="containerResolve"></param> /// <param name="settingsName"></param> /// <param name="platformParameter"></param> public OAuth2Interceptor(IContainerResolve containerResolve, string settingsName, object platformParameter) : this(containerResolve) { _container = containerResolve ?? throw new ArgumentNullException(nameof(containerResolve)); _settings = containerResolve.Resolve <IKeyValueSettings>(settingsName); // can be null. _platformParameter = platformParameter; }
public async Task <IEnumerable <ClaimDto> > GetAsync(IIdentity identity, IEnumerable <IKeyValueSettings> settings, object parameter) { var result = new List <ClaimDto>(); if (null == identity) { _logger.Technical().From <ClaimsBearerTokenExtractor>().Error($"A null identity was received. No Claims will be generated.").Log(); return(result); } if (!(identity is ClaimsIdentity claimsIdentity)) { _logger.Technical().From <ClaimsBearerTokenExtractor>().Error($"The identity received is not of type ClaimsIdentity.").Log(); return(result); } if (null == settings || settings.Count() == 0) { _logger.Technical().From <ClaimsBearerTokenExtractor>().Error($"We need token settings to call the backend.").Log(); return(result); } if (null == claimsIdentity.BootstrapContext && !settings.Any(s => s.Values.ContainsKey(TokenKeys.AuthenticationTypeKey) && s.Values[TokenKeys.AuthenticationTypeKey].Equals(identity.AuthenticationType))) { _logger.Technical().From <ClaimsBearerTokenExtractor>().System($"Skip fetching claims, no setting found for authentication type {identity.AuthenticationType}."); return(result); } try { JwtSecurityToken bearerToken = null; if (null != claimsIdentity.BootstrapContext) { bearerToken = new JwtSecurityToken(claimsIdentity.BootstrapContext.ToString()); } else { // find the Provider for the AuthenticationType! // exist because tested in the constructor! var providerSettings = settings.First(s => s.Values[TokenKeys.AuthenticationTypeKey].Equals(identity.AuthenticationType)); ITokenProvider provider = _container.Resolve <ITokenProvider>(providerSettings.Values[TokenKeys.ProviderIdKey]); Logger.Technical.From <ClaimsBearerTokenExtractor>().System("Requesting an authentication token.").Log(); var tokenInfo = await provider.GetTokenAsync(providerSettings, claimsIdentity); bearerToken = new JwtSecurityToken(tokenInfo.AccessToken); } result.AddRange(bearerToken.Claims.Select(c => new ClaimDto(c.Type, c.Value))); } catch (Exception exception) { _logger.Technical().From <ClaimsBearerTokenExtractor>().Exception(exception).Log(); } return(result); }
/// <summary>Resolves service from container. Throws if unable to resolve.</summary> /// <param name="serviceType">Service type to resolve.</param> /// <param name="key">(optional) Service key to resolve.</param> /// <returns>Resolved service object.</returns> protected override object DoGetInstance(Type serviceType, string key) { if (serviceType == null) { throw new ArgumentNullException(nameof(serviceType)); } var result = String.IsNullOrWhiteSpace(key) ? Container.Resolve(serviceType) : Container.Resolve(serviceType, key); return(result); }
public IObjectSerialization Serializer(string keyName) { var handlerDefinition = _definitions.Get(keyName); if (null == handlerDefinition.Serializer || !_serviceProvider.TryResolve <IObjectSerialization>(handlerDefinition.Serializer, out var serializerFactory)) { return(_serviceProvider.Resolve <IObjectSerialization>()); } return(serializerFactory); }
/// <summary> /// Create a JwtHttpHandler. Use services.AddHttpHandler to add one and <see cref="ConfigurePrimaryHttpMessageHandler"/> if you need to /// customize the HttpHandler. /// </summary> /// <param name="settings">The settings needed for the <see cref="ITokenProvider"/>.</param> /// <param name="handler">The handler, can be a <see cref="DelegatingHandler"/></param> public JwtHttpHandler(IContainerResolve container, IKeyValueSettings settings, IPlatformParameters parameters = null) { _container = container ?? throw new ArgumentNullException(nameof(container)); _logger = container.Resolve <ILogger <JwtHttpHandler> >(); _settings = settings ?? throw new ArgumentNullException(nameof(settings)); _parameters = parameters; _settingsName = null; container.TryResolve <IApplicationContext>(out _applicationContext); }
private IObjectSerialization GetSerializer(PubSubDefinition definition) { if (null == definition) { throw new ArgumentNullException(nameof(definition)); } if (null == definition.Serializer || !_serviceProvider.TryResolve <IObjectSerialization>(definition.Serializer, out var serializerFactory)) { return(_serviceProvider.Resolve <IObjectSerialization>()); } return(serializerFactory); }
public QueueProcessorListener(CancellationToken stoppingToken, QueueParameters queueParameters, IQueueStreamManager queueStreamManager, IMessageHandlerTypes messageHandlers, IContainerResolve provider) { _stoppingToken = stoppingToken; _queueParameters = queueParameters; _queueStreamManager = queueStreamManager; _logger = provider.Resolve <ILogger <QueueProcessorListener> >(); _messageHandlers = messageHandlers; _provider = provider; _hasThreadFinishToProcess = new AutoResetEvent(false); }
// On a frontend usage of the handler the application (user) context is always global => we don't have 2 users logged on the same application! // So the Handler is using the IContainerResolve which is not scoped and the IApplicationContext is also not scoped because everything is in fact registered as a Singleton. // So there is no issue to create even everything in the constructor. /// <summary> /// Create a JwtHttpHandler with settings <see cref="IKeyValueSettings"/> resolved based on the name "OAuth" and the <see cref="HttpMessageHandler"/> of type <see cref="HttpClientHandler"/>. /// </summary> public JwtHttpHandler(IContainerResolve container, IPlatformParameters parameters = null, bool skipValidateAuthenticationType = false) { _container = container ?? throw new ArgumentNullException(nameof(container)); _logger = container.Resolve <ILogger <JwtHttpHandler> >(); if (!container.TryResolve("OAuth", out _settings)) { _logger.Technical().System("No settings for OAuth is found.").Log(); } _parameters = parameters; _settingsName = null; container.TryResolve <IApplicationContext>(out _applicationContext); }
/// <summary> /// Create a JwtHttpHandler. Use services.AddHttpHandler to add one and <see cref="ConfigurePrimaryHttpMessageHandler"/> if you need to /// customize the HttpHandler. /// </summary> /// <param name="resolvingName">The name used to resolve the instance of the <see cref="IKeyValueSettings"/> implementation.</param> public JwtHttpHandler(IContainerResolve container, string resolvingName, IPlatformParameters parameters = null) { _container = container ?? throw new ArgumentNullException(nameof(container)); _logger = container.Resolve <ILogger <JwtHttpHandler> >(); if (!container.TryResolve(resolvingName, out _settings)) { _logger.Technical().System($"No settings for {resolvingName} is found.").Log(); } _parameters = parameters; _settingsName = null; container.TryResolve <IApplicationContext>(out _applicationContext); }
/// <summary> /// Method that will be used by NServiceBus to process a message. /// The real work is implemented in the Handle(T message) abstract method. /// </summary> /// <param name="message"></param> /// <param name="context"></param> /// <returns></returns> public async Task Handle(T message, IMessageHandlerContext context) { var messages = _container.Resolve <MessagesToPublish>(); try { // business work to implement. await Handle(message); // Publish events. foreach (Object _event in messages.Events) { try { await context.Publish(_event); } catch (System.Exception ex) { Logger.Technical.From(typeof(HandleMessageBase <T>)).Exception(ex).Log(); } } // Send commands. foreach (Object command in messages.Commands) { try { await context.Send(command); } catch (System.Exception ex) { Logger.Technical.From(typeof(HandleMessageBase <T>)).Exception(ex).Log(); } } } catch (System.Exception ex) { Logger.Technical.From(typeof(HandleMessageBase <T>)).Exception(ex).Log(); } finally { // Clear messages to avoid any sending of undesirable messages by // another message received on the bus. messages.Clear(); } }
public static IApplicationBuilder UseClientSecretAuthentication(this IApplicationBuilder app, IContainerResolve container, IKeyValueSettings settings, string settingsSectionName) { if (null == app) { throw new ArgumentNullException(nameof(app)); } if (null == container) { throw new ArgumentNullException(nameof(container)); } if (null == settings) { throw new ArgumentNullException(nameof(settings)); } var option = new ClientSecretAuthenticationOption(settings); container.Resolve <IConfiguration>().Bind(settingsSectionName, option); return(app.UseMiddleware <ClientSecretAuthenticationMiddleware>(container, option)); }
/// <summary> /// Indexer to retrieve the <see cref="ICache"/> implementation based on the caching config section. The key is the cache name. /// </summary> /// <param name="cacheName"></param> /// <returns>An <see cref="ICache"/> implementation defined in the cache config section.</returns> /// <exception cref="ConfigurationErrorsException">Throw the exception when the cache name does not exist in the caching config section.</exception> public ICache this[string cacheName] { get { // look inside the collection if the cache is initialized. if (_caches.ContainsKey(cacheName)) { return(_caches[cacheName]); } // look if the cache is not yet started and start it. lock (_lock) { if (_uninitializedCaches.ContainsKey(cacheName)) { try { var cache = _dependency.Resolve <ICache>(_uninitializedCaches[cacheName]); cache.Initialize(cacheName); _caches.Add(cacheName, cache); _uninitializedCaches.Remove(cacheName); return(cache); } catch (Exception ex) { _logger.Technical().From <CacheContext>().Exception(ex).Log(); } } } throw new InvalidOperationException($"There is no cache configured with the name {cacheName}."); } }
public async Task Invoke(HttpContext context) { // Get the scoped instance of the container! IContainerResolve container = (IContainerResolve)context.RequestServices.GetService(typeof(IContainerResolve)); var logger = container.Resolve <ILogger <ClaimsPrincipalMiddleware> >(); try { // if we have some part of the site not in MVC (like swagger) and we need to force // authentication. We can add the start of the path to check and in this case we force a login! if (null != context.User && !context.User.Identity.IsAuthenticated) { if (_option.OpenIdOptions.ForceAuthenticationForPaths.Any(r => { return(r.Last().Equals('*') ? context.Request.Path.Value.StartsWith(r.Remove(r.Length - 1), StringComparison.InvariantCultureIgnoreCase) : context.Request.Path.Value.Equals(r, StringComparison.InvariantCultureIgnoreCase)); })) { logger.Technical().System("Force an OpenId connection.").Log(); var cleanUri = new Uri(new Uri(context.Request.GetEncodedUrl()).GetLeftPart(UriPartial.Path)); if (Uri.TryCreate(_option.RedirectAuthority, UriKind.Absolute, out var authority)) { cleanUri = new Uri(authority, cleanUri.AbsolutePath); } var properties = new AuthenticationProperties() { RedirectUri = cleanUri.ToString() }; await context.ChallengeAsync(OpenIdConnectDefaults.AuthenticationScheme, properties); return; } } if (null != context.User && context.User.Identity.IsAuthenticated) { logger.Technical().System("Create the principal.").Log(); // Add Telemetry. using (var activity = _activitySource?.StartActivity("Create Arc4u Principal", ActivityKind.Producer)) { // As the extension point can use some ITokenProvider based on the user. // A dummy Principal is created based on the context identity! // Must be registered as Scoped! if (container.TryResolve <IApplicationContext>(out var applicationContext)) { applicationContext.SetPrincipal(new AppPrincipal(new Authorization(), context.User.Identity, "S-1-0-0")); } // Load Claims from an external source if necessary! if (_option.ClaimsFillerOptions.LoadClaimsFromClaimsFillerProvider) { await LoadExtraClaimsAsync(context, container, logger); } // Build an AppPrincipal. AppPrincipal principal = null; var profileFiller = container.Resolve <IClaimProfileFiller>(); var authorizationFiller = container.Resolve <IClaimAuthorizationFiller>(); var authorization = authorizationFiller.GetAuthorization(context.User.Identity); var profile = profileFiller.GetProfile(context.User.Identity); principal = new AppPrincipal(authorization, context.User.Identity, profile.Sid) { Profile = profile }; // Check if we have an ActivityID. var activityIdHeader = context.Request?.Headers?.FirstOrDefault(h => h.Key.Equals("activityid", StringComparison.InvariantCultureIgnoreCase)); if (null == activityIdHeader || !activityIdHeader.HasValue || String.IsNullOrWhiteSpace(activityIdHeader.Value.Key) || StringValues.Empty == activityIdHeader.Value || activityIdHeader.Value.Value.Count == 0) { principal.ActivityID = Guid.NewGuid(); } else { Guid activityId = Guid.Empty; if (Guid.TryParse(activityIdHeader.Value.Value[0], out activityId) && activityId != Guid.Empty) { logger.Technical().Information($"Set the activity to the principal based on the caller information: {activityId}.").Log(); } else { logger.Technical().Information($"The activity id given by the caller is not a valid Guid. A new one has been assigned.").Log(); activityId = Guid.NewGuid(); } principal.ActivityID = activityId; } activity?.AddTag(LoggingConstants.ActivityId, principal.ActivityID); // Check for a culture. var cultureHeader = context.Request?.Headers?.FirstOrDefault(h => h.Key.Equals("culture", StringComparison.InvariantCultureIgnoreCase)); if (null != cultureHeader && cultureHeader.HasValue && StringValues.Empty != activityIdHeader.Value && cultureHeader.Value.Value.Count > 0) { try { principal.Profile.CurrentCulture = new CultureInfo(cultureHeader.Value.Value[0]); } catch (Exception ex) { logger.Technical().Exception(ex).Log(); } } logger.Technical().System("Set AppPrincipal to the HttpContext.User.").Log(); context.User = principal; if (null != applicationContext) { logger.Technical().System("Set AppPrincipal to the ApplicationContext.").Log(); applicationContext.SetPrincipal(principal); } } } } catch (Exception ex) { logger.Technical().Exception(ex).Log(); } await _next(context); }
public static CacheContext GetCacheContext(this IContainerResolve container) { return(container.Resolve <CacheContext>()); }
public ClientSecretAuthenticationMiddleware(RequestDelegate next, IContainerResolve container, ClientSecretAuthenticationOption option) { _next = next ?? throw new ArgumentNullException(nameof(next)); if (null == container) { throw new ArgumentNullException(nameof(container)); } if (null == option) { throw new ArgumentNullException(nameof(option)); } _logger = container.Resolve <ILogger <ClientSecretAuthenticationMiddleware> >(); _option = option; if (null == option.Settings) { _logger.Technical().Warning("No settings have been provided.").Log(); return; } if (option.Settings.Values.ContainsKey(TokenKeys.ProviderIdKey)) { _hasProvider = container.TryResolve(option.Settings.Values[TokenKeys.ProviderIdKey], out _provider); } if (!_hasProvider) { _logger.Technical().Warning("No ClientSecret provider found. Skip ClientSecret capability.").Log(); return; } _hasCertificate = null != option.Certificate && !String.IsNullOrWhiteSpace(option.Certificate.SecretKey) && !String.IsNullOrWhiteSpace(option.Certificate.Name); // check the certificate exists. if (_hasCertificate) { try { var certificateInfo = new CertificateInfo { Name = option.Certificate.Name }; if (Enum.TryParse(option.Certificate.FindType, out X509FindType x509FindType)) { certificateInfo.FindType = x509FindType; } if (Enum.TryParse(option.Certificate.Location, out StoreLocation storeLocation_)) { certificateInfo.Location = storeLocation_; } if (Enum.TryParse(option.Certificate.StoreName, out StoreName storeName_)) { certificateInfo.StoreName = storeName_; } _certificate = Certificate.FindCertificate( certificateInfo.Name, certificateInfo.FindType, certificateInfo.Location, certificateInfo.StoreName); _logger.Technical().System($"Authentication with certificate secret activated.").Log(); } catch (KeyNotFoundException) { _hasCertificate = false; _logger.Technical().Error($"No certificate found with {option.Certificate.FindType} = {option.Certificate.Name} in location = {option.Certificate.Location}.").Log(); } catch (Exception ex) { _logger.Technical().Exception(ex).Log(); } } else { _logger.Technical().System($"No authentication with certificate secret.").Log(); } _activitySource = container.Resolve <IActivitySourceFactory>()?.GetArc4u(); }
protected async Task <TokenInfo> CreateBasicTokenInfoAsync(IKeyValueSettings settings, CredentialsResult credential) { var basicTokenProvider = Container.Resolve <ICredentialTokenProvider>(CredentialTokenProvider.ProviderName); return(await basicTokenProvider.GetTokenAsync(settings, credential)); }
public static void InitializeTimeZoneContext(this IContainerResolve app) { app.Resolve <TimeZoneContext>(); }
// Add logging. private OAuth2Interceptor(IContainerResolve containerResolve) { _logger = containerResolve.Resolve <ILogger <OAuth2Interceptor> >(); }
private void AddBearerTokenCallerMetadata <TRequest, TResponse>(ref ClientInterceptorContext <TRequest, TResponse> context) where TRequest : class where TResponse : class { var headers = context.Options.Headers; // Call doesn't have a headers collection to add to. // Need to create a new context with headers for the call. if (headers == null) { headers = new Metadata(); var options = context.Options.WithHeaders(headers); context = new ClientInterceptorContext <TRequest, TResponse>(context.Method, context.Host, options); } // if we have already an "Authorization" defined, we can skip the code here. if (null != headers.GetValue("authorization")) { _logger.Technical().System($"Authorization header found. Skip adding a bearer token for AuthenticationType: {_settings.Values[TokenKeys.AuthenticationTypeKey]}.").Log(); return; } if (null != _accessor) { _container = _accessor.HttpContext.RequestServices.GetService <IContainerResolve>(); } // As this is global for an handler, this can be saved at the level of the class. // We do this here only when using an accessor => the IContainerResolve is only available in the context of a call not // when the JwtHttpHandler is built. if (null == _settings && !String.IsNullOrWhiteSpace(_settingsName)) { if (!_container.TryResolve(_settingsName, out _settings)) { _logger.Technical().Debug($"No settings for {_settingsName} is found.").Log(); } } if (_container.TryResolve <IApplicationContext>(out var applicationContext)) { _platformParameter = _platformParameter ?? applicationContext?.Principal?.Identity as ClaimsIdentity; } if (!_settings.Values.TryGetValue(TokenKeys.AuthenticationTypeKey, out var authenticationType)) { _logger.Technical().System($"No antuentication type for {this.GetType().Name}, Check next Interceptor").Log(); return; } var inject = authenticationType.Equals("inject", StringComparison.InvariantCultureIgnoreCase); // Skip (BE scenario) if the parameter is an identity and the settings doesn't correspond to the identity's type. if (_platformParameter is ClaimsIdentity claimsIdentity && !inject && !claimsIdentity.AuthenticationType.Equals(_settings.Values[TokenKeys.AuthenticationTypeKey], StringComparison.InvariantCultureIgnoreCase)) { return; } // But in case we inject we need something in the platformParameter! if (null == _platformParameter && !inject) { return; } try { ITokenProvider provider = _container.Resolve <ITokenProvider>(_settings.Values[TokenKeys.ProviderIdKey]); var tokenInfo = provider.GetTokenAsync(_settings, _platformParameter).Result; if (tokenInfo.ExpiresOnUtc < DateTime.UtcNow) { _logger.Technical().System($"Token is expired! Next Interceptor will be called.").Log(); return; } headers.Add("authorization", $"Bearer {tokenInfo.AccessToken}"); } catch (Exception ex) { _logger.Technical().Exception(ex).Log(); } // Add culture and activityID if exists! if (null != applicationContext?.Principal) { if (null != applicationContext.Principal?.ActivityID && null == headers.GetValue("activityid")) { _logger.Technical().System($"Add the activity id to the request for tracing purpose: {applicationContext.Principal.ActivityID}.").Log(); headers.Add("activityid", applicationContext.Principal.ActivityID.ToString()); } var culture = applicationContext.Principal.Profile?.CurrentCulture?.TwoLetterISOLanguageName; if (null != culture && null == headers.GetValue("culture")) { _logger.Technical().System($"Add the current culture to the request: {applicationContext.Principal.Profile?.CurrentCulture?.TwoLetterISOLanguageName}").Log(); headers.Add("culture", culture); } } }
public async Task Invoke(HttpContext context) { if (context.User.Identity.IsAuthenticated && context.User.Identity.AuthenticationType.Equals(_options.AuthenticationType, StringComparison.InvariantCultureIgnoreCase)) { // Check we have a valid token Adal token in cache? // if not, force authentication. ILogger <OpenIdCookieValidityCheckMiddleware> logger = null; try { IContainerResolve container = (IContainerResolve)context.RequestServices.GetService(typeof(IContainerResolve)); // Not thread safe => can call activity source factory more than one but factory implementation is thread safe => so few calls on the start of the service is a possibility. if (!hasAlreadyTriedToResolve) { hasAlreadyTriedToResolve = true; _activitySource = container.Resolve <IActivitySourceFactory>()?.GetArc4u(); } TokenInfo tokenInfo = null; using (var activity = _activitySource?.StartActivity("Validate bearer token expiration", ActivityKind.Producer)) { activity?.AddTag("AuthenticationType", _options.AuthenticationType); if (container.TryResolve <IApplicationContext>(out var applicationContext)) { applicationContext.SetPrincipal(new AppPrincipal(new Authorization(), context.User.Identity, "S-1-0-0")); } logger = container.Resolve <ILogger <OpenIdCookieValidityCheckMiddleware> >(); ITokenProvider provider = container.Resolve <ITokenProvider>(_options.OpenIdSettings.Values[TokenKeys.ProviderIdKey]); tokenInfo = await provider.GetTokenAsync(_options.OpenIdSettings, context.User.Identity); } if (null == tokenInfo) { throw new ApplicationException("Refresh Token is expired or invalid"); } await _next.Invoke(context); } catch (Exception) { _options.CookieManager.DeleteCookie(context, _options.CookieName, new CookieOptions()); logger?.Technical().System("Force an OpenId connection.").Log(); var cleanUri = new Uri(new Uri(context.Request.GetEncodedUrl()).GetLeftPart(UriPartial.Path)); if (Uri.TryCreate(_options.RedirectAuthority, UriKind.Absolute, out var authority)) { cleanUri = new Uri(authority, cleanUri.AbsolutePath); } var properties = new AuthenticationProperties() { RedirectUri = cleanUri.ToString() }; await context.ChallengeAsync(OpenIdConnectDefaults.AuthenticationScheme, properties); return; } } else { await _next.Invoke(context); } }
public BasicAuthenticationMiddleware(RequestDelegate next, IContainerResolve container, BasicAuthenticationContextOption option) { _next = next ?? throw new ArgumentNullException(nameof(next)); if (null == container) { throw new ArgumentNullException(nameof(container)); } if (null == option) { throw new ArgumentNullException(nameof(option)); } if (null == option.Settings) { throw new ArgumentNullException("Settings defined in option cannot be null."); } _logger = container.Resolve <ILogger <BasicAuthenticationMiddleware> >(); if (!string.IsNullOrEmpty(option.DefaultUpn)) { if (!Regex.IsMatch(option.DefaultUpn, @"^@([a-zA-Z0-9]+\.[a-zA-Z0-9]+)")) { _logger.Technical().Warning($"Bad upn format, we expect a @ and one point.").Log(); option.DefaultUpn = string.Empty; } else { _logger.Technical().Information($"Default upn: {option.DefaultUpn}.").Log(); } } if (option.Settings.Values.ContainsKey(TokenKeys.ProviderIdKey)) { _hasProvider = container.TryResolve(option.Settings.Values[TokenKeys.ProviderIdKey], out _provider); if (!_hasProvider) { _logger.Technical().Error($"No token provider was found with resolution name equal to: {option.Settings.Values[TokenKeys.ProviderIdKey]}.").Log(); } } else { _logger.Technical().Error($"No token provider resolution name is defined in your settings!").Log(); } if (!_hasProvider) { _logger.Technical().Error($"Basic Authentication capability is deactivated!").Log(); } if (!container.TryResolve(out _tokenCache)) { _logger.Technical().Error($"No token ache are defined for Basic Authentication.").Log(); } _option = option; _container = container; _activitySource = container.Resolve <IActivitySourceFactory>()?.GetArc4u(); }