public async Task <string> ImpersonateUserAsync(string userName, OAuthAuthorizationServerOptions serverAuthOptions, ClaimsPrincipal principal) { var originalUsername = principal.Claims.Any(c => c.Type == DataLayerConstants.ClaimUserImpersonation && c.Value == true.ToString()) ? principal.Claims.First(c => c.Type == DataLayerConstants.ClaimOriginalUsername).Value : principal.Identity.Name; var impersonatedUser = await _userManager.FindByNameAsync(userName); var impersonatedIdentity = await _userManager.CreateIdentityAsync(impersonatedUser, OAuthDefaults.AuthenticationType); if (impersonatedUser.UserName != originalUsername) { if (impersonatedIdentity.Claims.Any(c => c.Type == DataLayerConstants.ClaimUserImpersonation && c.Value == true.ToString())) { var primarySidClaim = impersonatedIdentity.Claims.FirstOrDefault(c => c.Type == ClaimTypes.PrimarySid); impersonatedIdentity.RemoveClaim(primarySidClaim); impersonatedIdentity.AddClaim(new Claim(ClaimTypes.PrimarySid, string.Empty)); } else { impersonatedIdentity.AddClaim(new Claim(DataLayerConstants.ClaimUserImpersonation, true.ToString())); impersonatedIdentity.AddClaim(new Claim(DataLayerConstants.ClaimOriginalUsername, originalUsername)); impersonatedIdentity.AddClaim(new Claim(ClaimTypes.PrimarySid, string.Empty)); } } var ticket = new AuthenticationTicket(impersonatedIdentity, new AuthenticationProperties()); var currentUtc = new OwinDate.SystemClock().UtcNow; ticket.Properties.IssuedUtc = currentUtc; ticket.Properties.ExpiresUtc = currentUtc.Add(serverAuthOptions.AccessTokenExpireTimeSpan); return(serverAuthOptions.AccessTokenFormat.Protect(ticket)); }
public async Task <IHttpActionResult> SignIn(LoginViewModel model) { if (!ModelState.IsValid) { return(BadRequest()); } var user = await _userManager.FindAsync(model.UserName, model.Password); if (user == null) { return(BadRequest()); } Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie); ClaimsIdentity oAuthIdentity = await _userManager.CreateIdentityAsync(user, OAuthDefaults.AuthenticationType); ClaimsIdentity cookieIdentity = await _userManager.CreateIdentityAsync(user, CookieAuthenticationDefaults.AuthenticationType); AuthenticationProperties properties = await CreateInitialRefreshToken(model.ClientId, user, oAuthIdentity); properties.IsPersistent = model.IsPersistance; Authentication.SignIn(properties, oAuthIdentity, cookieIdentity); await _userManager.AddLoginAsync(user.Id, new UserLoginInfo(AuthenticationConstants.InternalLoginProvider, user.Id)); return(Ok()); }
public override Task <ClaimsIdentity> CreateUserIdentityAsync(ApplicationUser user) { return(_userManager.CreateIdentityAsync(user, OAuthDefaults.AuthenticationType)); }