public AddDummyClaimTransformation(IIdentifyLogWriter identifyLogWriter) { if (identifyLogWriter == null) { throw new ArgumentNullException("identifyLogWriter"); } this.identifyLogWriter = identifyLogWriter; }
private bool VerifyIfUserNameIsCorrect(string username, IIdentifyLogWriter logWriter) { if (username.Equals("unknownusername", StringComparison.InvariantCultureIgnoreCase)) { logWriter.WriteError($"Incorrect passord {username}"); return(false); } return(true); }
public GenericProviderSampleClaimTransformation(IIdentifyLogWriter identifyLogWriter) { if (identifyLogWriter == null) { throw new ArgumentNullException(nameof(identifyLogWriter)); } _identifyLogWriter = identifyLogWriter; }
private bool VerifyPasswordIsCorrect(string password, IIdentifyLogWriter logWriter) { if (password.Equals("incorrectpassword", StringComparison.InvariantCultureIgnoreCase)) { logWriter.WriteError($"Incorrect passord {password}"); return(false); } return(true); }
/// <summary> /// It is an example how to access protocol connection id and entityId in external modules /// </summary> /// <param name="cc"></param> /// <param name="logWriter"></param> private void LookupProtocolConnection(ControllerContext cc, IIdentifyLogWriter logWriter) { const string temporaryContextKey = "ici_TemporaryProtocolContext"; var httpContext = cc.HttpContext; dynamic temporaryContext = httpContext.Items[temporaryContextKey]; dynamic contextIdKey = temporaryContext.ContextIdKey; string contextId = contextIdKey.ContextId; Guid protocolConnectionId = contextIdKey.ProtocolConnectionId; string protocolConnectionEntityId = contextIdKey.ProtocolConnectionEntityId; logWriter.WriteInformation( $"DummyGenericValidatorUsernamePassword. ContextId = '{contextId}'. Protocol connection id = '{protocolConnectionId}', entityId = '{protocolConnectionEntityId}'"); }
/// <summary> /// This sample has two dependencies to IIdentifyLdapStore and IIdentifyLogWriter. Their implementations are provided by Identify. /// </summary> /// <param name="identifyLdapStore">A service whose implementation is built in Identify. It is used to access LDAP stores</param> /// <param name="logWriter">A logger</param> public LdapUserProfileService(IIdentifyLdapStore identifyLdapStore, IIdentifyLogWriter logWriter) { if (identifyLdapStore == null) { throw new ArgumentNullException("identifyLdapStore"); } if (logWriter == null) { throw new ArgumentNullException("logWriter"); } this.identifyLdapStore = identifyLdapStore; this.logWriter = logWriter; }
public BootstrapTokenTestClaimTransformation(IIdentifyLogWriter identifyLogWriter) { this.identifyLogWriter = identifyLogWriter ?? throw new ArgumentNullException("identifyLogWriter"); }
public CredentialsValidationResult Validate(ControllerContext cc, IDictionary <string, string> inputs, IIdentifyLogWriter logWriter) { if (cc == null) { throw new ArgumentNullException("cc"); } if (inputs == null) { throw new ArgumentNullException("inputs"); } if (logWriter == null) { throw new ArgumentNullException("logWriter"); } // Old ATP login code - execute as normal if connvert setting is false ValueProviderResult cprClaimType; if (!GetValue(cc, "CprClaimType", out cprClaimType)) { return(CreateShowLoginViewResult()); } ValueProviderResult cprNumber; if (!GetValue(cc, "CprNumber", out cprNumber)) { return(CreateShowLoginViewResult()); } ClaimsPrincipal principal = this.BuildPrincipal(cprClaimType, cprNumber); AddConnectionEntityIdentifiers(cc, principal); return(new CredentialsValidationResult { ResultCode = CredentialsValidationResultCode.Success, ClaimsPrincipal = principal }); }
public CredentialsValidationResult Validate(ControllerContext cc, IDictionary <string, string> input, IIdentifyLogWriter logWriter) { var validationResult = ValidateInput(input); LookupProtocolConnection(cc, logWriter); if (validationResult.ResultCode != CredentialsValidationResultCode.Success) { logWriter.WriteWarning("Validate the input failed. Error code: " + validationResult.ResultCode + ". ExternalErrorMessages: " + string.Join("\n-", validationResult.ExternalErrorMessages)); validationResult.ShowErrorViewWhenResultCodeIsNotSuccess = true; return(validationResult); } var connectionString = input[ConnectionString]; try { var userRepository = new DummyUserRepository(connectionString); var username = input[UserName].Trim(); var user = userRepository.GetUserByName(username); if (user == null) { logWriter.WriteInformation("User not found. Search username: "******"User information: [UserName: {0}], [Password: {1}], [IsDisabled: {2}], [IsLocked: {3}]", user.Username, user.Password, user.IsDisabled, user.IsLocked)); var password = input[Password].Trim(); if (user.Password.Trim() != password) { validationResult.ExternalErrorMessages.Add("Password is invalid. Expected: " + user.Password); validationResult.ResultCode = CredentialsValidationResultCode.IncorrectPassword; } else if (user.IsDisabled) { validationResult.ResultCode = CredentialsValidationResultCode.UserDisabled; } else if (user.IsLocked) { validationResult.ResultCode = CredentialsValidationResultCode.UserLocked; } else { validationResult.UserIdentity = user.Username; validationResult.ResultCode = CredentialsValidationResultCode.Success; } } } catch (Exception ex) { logWriter.WriteError("An unexpected exception happends. Error message: " + ex.Message + ". StackTrace: " + ex.StackTrace); validationResult.ResultCode = CredentialsValidationResultCode.UnknownError; validationResult.ExternalErrorMessages.Add(ex.Message); } logWriter.WriteInformation("Validation with result code: " + validationResult.ResultCode + ". ExternalErrorMessages: " + string.Join("\n-", validationResult.ExternalErrorMessages)); validationResult.ShowErrorViewWhenResultCodeIsNotSuccess = true; return(validationResult); }
/// <summary> /// Validate credentials by generic provider /// </summary> /// <param name="cc">Notice that on STs the controller context is irrelevant</param> /// <param name="inputs"></param> /// <param name="logWriter"></param> /// <returns></returns> public CredentialsValidationResult Validate(ControllerContext cc, IDictionary <string, string> inputs, IIdentifyLogWriter logWriter) { var validationResult = ValidateInput(inputs); if (validationResult.ResultCode != CredentialsValidationResultCode.Success) { logWriter.WriteError("Validate the input failed. Error code: " + validationResult.ResultCode + ". ExternalErrorMessages: " + string.Join("\n-", validationResult.ExternalErrorMessages)); validationResult.ShowErrorViewWhenResultCodeIsNotSuccess = false; return(validationResult); } var username = inputs[UserName]; var password = inputs[Password]; var serviceIdentifier = inputs[ServiceIdentifier]; if (!VerifyIfUserNameIsCorrect(username, logWriter)) { return(new CredentialsValidationResult { ResultCode = CredentialsValidationResultCode.UnknownUserName }); } if (!VerifyPasswordIsCorrect(password, logWriter)) { return(new CredentialsValidationResult { ResultCode = CredentialsValidationResultCode.IncorrectPassword }); } var logResult = new StringBuilder(); logResult.AppendLine( $"Successfully validate generic credentials for username = '******' with service identifier ='{serviceIdentifier}'"); logResult.AppendLine(""); // For this example, we are returning only claims whose types start with "additionalClaims". In reality, here is where you put on your business logic code to return claims. var identity = new ClaimsIdentity(AuthenticationTypes.Password); foreach (var input in inputs) { if (input.Key.StartsWith(AdditionalClaims, StringComparison.InvariantCultureIgnoreCase)) { identity.AddClaim(new Claim(input.Key, input.Value)); logResult.AppendLine($"Additional claims received: type = '{input.Key}' - value ='{input.Value}'"); if (input.Value.Equals("exception")) { throw new GenericProviderSampleException("Generic provider exception is thrown on UsernamePasswordGenericCredentialsValidator as requested"); } } } logWriter.WriteInformation(logResult); return(new CredentialsValidationResult { ResultCode = CredentialsValidationResultCode.Success, ClaimsPrincipal = new ClaimsPrincipal(identity) }); }