static async Task <ApiSession> OpenSessionViaWindowsAuthenticationAsync(OpenSessionAuthenticatorContext context, string spaceName, CancellationToken cancellationToken)
{
if (string.IsNullOrEmpty(spaceName))
{
throw new ArgumentException("Space name is not set", nameof(spaceName));
}
// handler will be disposed automatically
HttpClientHandler aHandler = new HttpClientHandler()
{
ClientCertificateOptions = ClientCertificateOption.Automatic,
// required for automatic NTML/Negotiate challenge
UseDefaultCredentials = true,
#if NETSTANDARD2_0
ServerCertificateCustomValidationCallback = context.MorphServerApiClient.Config.ServerCertificateCustomValidationCallback
#endif
};
// build a new low level client based on specified handler
using (var ntmlRestApiClient = context.BuildApiClient(aHandler))
{
var serverNonce = await internalGetAuthNonceAsync(ntmlRestApiClient, cancellationToken);
var token = await internalAuthExternalWindowAsync(ntmlRestApiClient, spaceName, serverNonce, cancellationToken);
return(new ApiSession(context.MorphServerApiClient)
{
AuthToken = token,
IsAnonymous = false,
IsClosed = false,
SpaceName = spaceName
});
}
}
/// <summary>
/// Open a new authenticated session via password
/// </summary>
/// <param name="spaceName">space name</param>
/// <param name="password">space password</param>
/// <param name="cancellationToken"></param>
/// <returns></returns>
static async Task <ApiSession> OpenSessionViaSpacePasswordAsync(OpenSessionAuthenticatorContext context, string spaceName, string password, CancellationToken cancellationToken)
{
if (string.IsNullOrEmpty(spaceName))
{
throw new ArgumentException("Space name is not set.", nameof(spaceName));
}
if (password == null)
{
throw new ArgumentNullException(nameof(password));
}
var passwordSha256 = CryptographyHelper.CalculateSha256HEX(password);
var serverNonceApiResult = await context.LowLevelApiClient.AuthGenerateNonce(cancellationToken);
serverNonceApiResult.ThrowIfFailed();
var serverNonce = serverNonceApiResult.Data.Nonce;
var clientNonce = ConvertHelper.ByteArrayToHexString(CryptographyHelper.GenerateRandomSequence(16));
var all = passwordSha256 + serverNonce + clientNonce;
var composedHash = CryptographyHelper.CalculateSha256HEX(all);
var requestDto = new LoginRequestDto
{
ClientSeed = clientNonce,
Password = composedHash,
Provider = "Space",
UserName = spaceName,
RequestToken = serverNonce
};
var authApiResult = await context.LowLevelApiClient.AuthLoginPasswordAsync(requestDto, cancellationToken);
authApiResult.ThrowIfFailed();
var token = authApiResult.Data.Token;
return(new ApiSession(context.MorphServerApiClient)
{
AuthToken = token,
IsAnonymous = false,
IsClosed = false,
SpaceName = spaceName
});
}
public static async Task <ApiSession> OpenSessionMultiplexedAsync(
SpaceEnumerationItem desiredSpace,
OpenSessionAuthenticatorContext context,
OpenSessionRequest openSessionRequest,
CancellationToken cancellationToken)
{
// space access restriction is supported since server 3.9.2
// for previous versions api will return SpaceAccessRestriction.NotSupported
// a special fall-back mechanize need to be used to open session in such case
switch (desiredSpace.SpaceAccessRestriction)
{
// anon space
case SpaceAccessRestriction.None:
return(ApiSession.Anonymous(context.MorphServerApiClient, openSessionRequest.SpaceName));
// password protected space
case SpaceAccessRestriction.BasicPassword:
return(await OpenSessionViaSpacePasswordAsync(context, openSessionRequest.SpaceName, openSessionRequest.Password, cancellationToken));
// windows authentication
case SpaceAccessRestriction.WindowsAuthentication:
return(await OpenSessionViaWindowsAuthenticationAsync(context, openSessionRequest.SpaceName, cancellationToken));
// fallback
case SpaceAccessRestriction.NotSupported:
// if space is public or password is not set - open anon session
if (desiredSpace.IsPublic || string.IsNullOrWhiteSpace(openSessionRequest.Password))
{
return(ApiSession.Anonymous(context.MorphServerApiClient, openSessionRequest.SpaceName));
}
// otherwise open session via space password
else
{
return(await OpenSessionViaSpacePasswordAsync(context, openSessionRequest.SpaceName, openSessionRequest.Password, cancellationToken));
}
default:
throw new Exception("Space access restriction method is not supported by this client.");
}
}
