public async Task Invoke(IDictionary <string, object> env)
{
object value;
if (env.TryGetValue("server.User", out value))
{
var windowsPrincipal = value as WindowsPrincipal;
if (windowsPrincipal != null && windowsPrincipal.Identity.IsAuthenticated)
{
await _next(env);
var request = new OwinRequest(env);
var response = new OwinResponse(env);
if (response.StatusCode == 401)
{
// We're going no add the identifier claim
var nameClaim = windowsPrincipal.FindFirst(ClaimTypes.Name);
// This is the domain name
string name = nameClaim.Value;
// If the name is something like DOMAIN\username then
// grab the name part
var parts = name.Split(new[] { '\\' }, 2);
string shortName = parts.Length == 1 ? parts[0] : parts[parts.Length - 1];
// REVIEW: Do we want to preserve the other claims?
// Normalize the claims here
var claims = new List <Claim>();
claims.Add(new Claim(ClaimTypes.NameIdentifier, name));
claims.Add(new Claim(ClaimTypes.Name, shortName));
claims.Add(new Claim(ClaimTypes.AuthenticationMethod, "Windows"));
var identity = new ClaimsIdentity(claims, Constants.JabbRAuthType);
var claimsPrincipal = new ClaimsPrincipal(identity);
response.SignIn(claimsPrincipal);
response.StatusCode = 302;
response.SetHeader("Location", request.PathBase + request.Path);
}
return;
}
}
await _next(env);
}
public static Response SignIn(this NancyModule module, IEnumerable <Claim> claims)
{
var env = Get <IDictionary <string, object> >(module.Context.Items, NancyOwinHost.RequestEnvironmentKey);
var owinResponse = new OwinResponse(env);
var identity = new ClaimsIdentity(claims, Constants.JabbRAuthType);
owinResponse.SignIn(new ClaimsPrincipal(identity));
string returnUrl = module.Request.Query.redirect_uri;
if (String.IsNullOrWhiteSpace(returnUrl))
{
returnUrl = "~/";
}
return(module.Response.AsRedirect(returnUrl));
}