private static ClaimsIdentity CreateIdentity(int accountId, string userName, ApplicationListItem[] apps) { var claims = new List <Claim> { new Claim(ClaimTypes.NameIdentifier, accountId.ToString(), ClaimValueTypes.Integer32), new Claim(ClaimTypes.Name, userName, ClaimValueTypes.String) }; foreach (var app in apps) { claims.Add(new Claim(OneTrueClaims.Application, app.Id.ToString(), ClaimValueTypes.Integer32)); claims.Add(new Claim(OneTrueClaims.ApplicationName, app.Name, ClaimValueTypes.String)); if (app.IsAdmin) { claims.Add(new Claim(OneTrueClaims.ApplicationAdmin, app.Id.ToString(), ClaimValueTypes.Integer32)); } } var roles = accountId == 1 ? new[] { OneTrueClaims.RoleSysAdmin } : new string[0]; var context = new PrincipalFactoryContext(accountId, userName, roles) { AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie, Claims = claims.ToArray() }; return((ClaimsIdentity)PrincipalFactory.CreateAsync(context).Result.Identity); }
#pragma warning disable 1998 public async Task AuthenticateAsync(HttpAuthenticationContext context, CancellationToken cancellationToken) #pragma warning restore 1998 { var p = context.Principal as ClaimsPrincipal; if (p != null && p.Identity.IsAuthenticated) { return; } IEnumerable <string> apiKeys; IEnumerable <string> tokens; if (!context.Request.Headers.TryGetValues("X-Api-Key", out apiKeys) || !context.Request.Headers.TryGetValues("X-Api-Signature", out tokens)) { return; } using (var scope = GlobalConfiguration.Configuration.DependencyResolver.BeginScope()) { var repos = (IApiKeyRepository)scope.GetService(typeof(IApiKeyRepository)); ApiKey key; try { key = await repos.GetByKeyAsync(apiKeys.First()); } catch (EntityNotFoundException) { context.ErrorResult = new AuthenticationFailureResult("Invalid/unknown API key", context.Request); return; } var content = await context.Request.Content.ReadAsByteArrayAsync(); if (!key.ValidateSignature(tokens.First(), content)) { context.ErrorResult = new AuthenticationFailureResult( "Body could not be signed by the shared secret. Verify your client configuration.", context.Request); return; } var claims = key.Claims; var factoryContext = new PrincipalFactoryContext(0, key.GeneratedKey, new[] { CoderrClaims.RoleSystem }) { AuthenticationType = "ApiKey", Claims = claims }; var principal = await PrincipalFactory.CreateAsync(factoryContext); context.Principal = principal; Thread.CurrentPrincipal = principal; } }
private bool AuthenticateUser(ITcpChannel channel, HttpRequest request) { if (channel.Data["Principal"] != null) { Thread.CurrentPrincipal = (IPrincipal)channel.Data["Principal"]; return(true); } try { var user = Authenticator.Authenticate(request); if (user == null) { return(true); } if (PrincipalFactory != null) { var ctx = new PrincipalFactoryContext(request, user); Thread.CurrentPrincipal = PrincipalFactory.Create(ctx); channel.Data["Principal"] = Thread.CurrentPrincipal; return(true); } var roles = user as IUserWithRoles; if (roles == null) { throw new InvalidOperationException( "You must specify a PrincipalFactory if you do not return a IUserWithRoles from your IAccountService."); } Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity(user.Username), roles.RoleNames); channel.Data["Principal"] = Thread.CurrentPrincipal; } catch (HttpException ex) { if (Logger != null) { Logger("Authentication failed.\r\nException:\r\n" + ex.ToString()); } var response = request.CreateResponse(); response.StatusCode = ex.HttpCode; response.ReasonPhrase = FirstLine(ex.Message); channel.Send(response); return(false); } return(true); }
/// <summary> /// Execute the request and generate a reply. /// </summary> /// <param name="request">Request to execute</param> /// <returns> /// Task which will contain the reply once completed. /// </returns> public async Task <ActivateAccountReply> ExecuteAsync(ActivateAccount request) { var account = await _repository.FindByActivationKeyAsync(request.ActivationKey); if (account == null) { throw new ArgumentOutOfRangeException("ActivationKey", request.ActivationKey, "Key was not found."); } account.Activate(); await _repository.UpdateAsync(account); var query = new GetApplicationList { AccountId = account.Id }; var apps = await _queryBus.QueryAsync(query); var claims = apps.Select(x => new Claim(OneTrueClaims.Application, x.Id.ToString(), ClaimValueTypes.Integer32)) .ToArray(); if (ClaimsPrincipal.Current.IsAccount(account.Id)) { var context = new PrincipalFactoryContext(account.Id, account.UserName, new string[0]) { Claims = claims }; var identity = await PrincipalFactory.CreateAsync(context); identity.AddUpdateCredentialClaim(); Thread.CurrentPrincipal = identity; } var evt = new AccountActivated(account.Id, account.UserName) { EmailAddress = account.Email }; await _eventBus.PublishAsync(evt); return(new ActivateAccountReply(account.Id, account.UserName)); }
/// <summary> /// Create a new prinicpal /// </summary> /// <param name="context">Context used to identify the user.</param> /// <returns> /// Principal to use /// </returns> public IPrincipal Create(PrincipalFactoryContext context) { return new GenericPrincipal(new GenericIdentity(context.User.Username), new string[0]); }
public async Task <AcceptInvitationReply> ExecuteAsync(AcceptInvitation request) { var invitation = await _repository.GetByInvitationKeyAsync(request.InvitationKey); if (invitation == null) { _logger.Error("Failed to find invitation key" + request.InvitationKey); return(null); } await _repository.DeleteAsync(request.InvitationKey); Account account; if (request.AccountId == 0) { account = new Account(request.UserName, request.Password); account.SetVerifiedEmail(request.AcceptedEmail); account.Activate(); account.Login(request.Password); await _accountRepository.CreateAsync(account); } else { account = await _accountRepository.GetByIdAsync(request.AccountId); account.SetVerifiedEmail(request.AcceptedEmail); } var inviter = await _accountRepository.FindByUserNameAsync(invitation.InvitedBy); if (ClaimsPrincipal.Current.IsAccount(account.Id)) { var claims = invitation.Invitations .Select( x => new Claim(OneTrueClaims.Application, x.ApplicationId.ToString(), ClaimValueTypes.Integer32)) .ToList(); var context = new PrincipalFactoryContext(account.Id, account.UserName, new string[0]) { Claims = claims.ToArray(), AuthenticationType = "Invite" }; var principal = await PrincipalFactory.CreateAsync(context); principal.AddUpdateCredentialClaim(); Thread.CurrentPrincipal = principal; } // Account have not been created before the invitation was accepted. if (request.AccountId == 0) { await _eventBus.PublishAsync(new AccountRegistered(account.Id, account.UserName)); await _eventBus.PublishAsync(new AccountActivated(account.Id, account.UserName) { EmailAddress = account.Email }); } var e = new InvitationAccepted(account.Id, invitation.InvitedBy, account.UserName) { InvitedEmailAddress = invitation.EmailToInvitedUser, AcceptedEmailAddress = request.AcceptedEmail, ApplicationIds = invitation.Invitations.Select(x => x.ApplicationId).ToArray() }; await _eventBus.PublishAsync(e); return(new AcceptInvitationReply(account.Id, account.UserName)); }
/// <summary> /// Create a new prinicpal /// </summary> /// <param name="context">Context used to identify the user.</param> /// <returns> /// Principal to use /// </returns> public IPrincipal Create(PrincipalFactoryContext context) { return(new GenericPrincipal(new GenericIdentity(context.User.Username), new string[0])); }