public bool TryGetProvider(IdentityProviderId id, out IdentityProviderForChoosing provider)
{
var providers = AllAvailableIdentityProvidersForChoosing().Where(_ => _.Id == id);
provider = providers.FirstOrDefault();
return(providers.Any());
}
public IdentityProviderConfiguration GetCommonProviderConfiguration(IdentityProviderId id)
{
if (_openIdConfigurations.TryFindById(id, out var configuration))
{
return(configuration);
}
else
{
throw new IdentityProviderConfigurationDoesNotExist(id);
}
}
/// <summary>
/// Returns a hash code for this instance.
/// </summary>
/// <returns>A hash code for this instance, suitable for use in hashing algorithms and data structures like a hash table.</returns>
public override int GetHashCode()
{
unchecked
{
var hash = 17;
hash = hash * 92821 + TenantId.GetHashCode();
hash = hash * 92821 + IdentityProviderId.GetHashCode();
hash = hash * 92821 + IdentityProviderUserName.GetHashCode();
return(hash);
}
}
public IActionResult Challenge(HttpContext context, IdentityProviderId providerId, string redirectUri)
{
if (_providers.AllAvailableIdentityProvidersForChoosing().Any(_ => _.Id == providerId))
{
var url = HttpUtility.UrlEncode(redirectUri);
// TODO: Set some state properties here?
return(new ChallengeResult(providerId.ToString(), new AuthenticationProperties {
RedirectUri = $"/signin/tenant?rd={url}",
}));
}
else
{
return(_frontend.SpecifiedProviderDoesNotExist(context, providerId));
}
}
public ClaimsPrincipal Normalize(IdentityProviderId providerId, ClaimsPrincipal original)
{
var configuration = _configurations.GetCommonProviderConfiguration(providerId);
var identity = new ClaimsIdentity("Dolittle.Security"); // TODO: Again - circular dependency
identity.AddClaim("idp", providerId.Value.ToString());
identity.AddClaim("iss", GetSingleRequiredClaimOrThrow(original, "iss"));
identity.AddClaim("sub", GetSingleRequiredClaimOrThrow(original, "sub"));
identity.AddClaim("aud", GetSingleRequiredClaimOrThrow(original, "aud"));
foreach ((var from, var to) in configuration.ClaimMapping)
{
original.Claims.Where(_ => _.Type == from).ForEach(_ => {
identity.AddClaim(to, _.Value);
});
}
foreach ((var type, var value) in configuration.StaticClaims)
{
identity.AddClaim(type, value);
}
return(new ClaimsPrincipal(identity));
}
public IActionResult SignOutExternalProvider(HttpContext context, IdentityProviderId provider)
{
_logger.Information($"Serving the SignOutExternalProvider page");
return(IndexPage());
}
public IActionResult SignedOut(HttpContext context, IdentityProviderId provider, string redirect)
{
_logger.Information($"Serving the SignedOut page - with external provider");
return(new RedirectResult($"/signout/external?idp={provider}&rd={redirect}", false));
}
public IActionResult SpecifiedProviderDoesNotExist(HttpContext context, IdentityProviderId provider)
{
_logger.Information($"Serving the SpecifiedProviderDoesNotExist page");
return(new RedirectResult("/signin/error?id=specified-provider-not-exist", false));
}
public IdentityProviderConfigurationDoesNotExist(IdentityProviderId id) : base($"Configuration for identity provider with id {id} was not found.")
{
}
public IActionResult External(IdentityProviderId idp)
{
return(_frontend.SignOutExternalProvider(HttpContext, idp));
}