public Task Authenticate(ValidatePrincipalContext context) { if (!_env.IsDevelopment()) { context.AuthenticationFailMessage = "Basic authentication only available in Development environment"; return(Task.CompletedTask); } // use basic authentication to support Swagger if (context.UserName != context.Password) { context.AuthenticationFailMessage = "Authentication failed."; return(Task.CompletedTask); } var claims = new List <Claim> { new Claim(ClaimTypes.Name, context.UserName, context.Options.ClaimsIssuer), // use (case-sensitive) UserName for role new Claim(ClaimTypes.Role, context.UserName) }; context.Principal = new ClaimsPrincipal(new ClaimsIdentity(claims, BasicAuthenticationDefaults.AuthenticationScheme)); return(Task.CompletedTask); }
private Task ValidatePrincipal(ValidatePrincipalContext context) { var userInfos = new[] { new { UserName = "******", Password = "******", Roles = new string[] { "role1" } }, new { UserName = "******", Password = "******", Roles = new string[] { "role2" } }, new { UserName = "******", Password = "******", Roles = new string[] { "role2", "role3" } }, new { UserName = "******", Password = "******", Roles = new string[] { "role3" } } }; foreach (var userInfo in userInfos) { if ((context.UserName == userInfo.UserName) && (context.Password == userInfo.Password)) { var claims = new List <Claim> { new Claim(ClaimTypes.Name, context.UserName, context.Options.ClaimsIssuer) }; foreach (string role in userInfo.Roles) { claims.Add(new Claim(ClaimTypes.Role, role, context.Options.ClaimsIssuer)); } var principal = new ClaimsPrincipal(new ClaimsIdentity(claims, BasicAuthenticationDefaults.AuthenticationScheme)); context.Principal = principal; } } return(Task.CompletedTask); }
public static async Task ValidatePrincipal <UserType>(ValidatePrincipalContext context) where UserType : class, IUserEntity { var logger = context.HttpContext.RequestServices.GetService <ILoggerFactory>()?.CreateLogger(nameof(BasicAuthenticationEventsTools)); var userManager = (UserManager <UserType>)context.HttpContext.RequestServices.GetService(typeof(UserManager <UserEntity>)); var signInManager = (SignInManager <UserType>)context.HttpContext.RequestServices.GetService(typeof(SignInManager <UserEntity>)); var userEntity = await userManager.FindByNameAsync(context.UserName); if (userEntity is null) { var errorMessage = "The user has not been found."; logger?.LogInformation(errorMessage); context.AuthenticationFailMessage = errorMessage; return; } // First check password, then sign in. var signInResult = signInManager.CheckPasswordSignInAsync(userEntity, context.Password, false); if (signInResult.Result.Succeeded) { // Required by sign in service. var claims = new List <Claim> { new Claim(ClaimTypes.Name, context.UserName, ClaimValueTypes.String, context.Options.ClaimsIssuer), new Claim(ClaimTypes.NameIdentifier, userEntity.Id, ClaimValueTypes.String) }; var principal = new ClaimsPrincipal(new ClaimsIdentity(claims, context.Scheme.Name)); /// If <see cref="ValidatePrincipalContext.Principal"/> /// is not null, the user is authenticated successfully. context.Principal = principal; } }
public override async Task ValidatePrincipalAsync(ValidatePrincipalContext context) { var user = await getUserStrategy.GetAsync(context.UserName, context.Password); if (user != null) { context.Principal = CreatePrincipal(user); } }
public override Task ValidatePrincipalAsync(ValidatePrincipalContext context) { var claims = new List <Claim> { new(ClaimTypes.Name, context.UserName, context.Options.ClaimsIssuer) }; context.Principal = new ClaimsPrincipal(new ClaimsIdentity(claims, context.Scheme.Name)); return(Task.CompletedTask); }
public Task Authenticate(ValidatePrincipalContext context) { if (!_env.IsDevelopment()) { context.AuthenticationFailMessage = "Basic authentication only available in Development environment"; return(Task.CompletedTask); } // use basic authentication to support Swagger if (context.UserName != context.Password) { context.AuthenticationFailMessage = "Authentication failed."; return(Task.CompletedTask); } var primaryRoleId = string.Empty; var email = string.Empty; switch (context.UserName) { case Roles.Admin: case Roles.Buyer: primaryRoleId = PrimaryRole.GovernmentDepartment; email = "*****@*****.**"; break; case Roles.Supplier: primaryRoleId = PrimaryRole.ApplicationServiceProvider; email = "*****@*****.**"; break; default: break; } var contact = _contactDatastore.ByEmail(email); var org = _organisationDatastore.ByContact(contact?.Id ?? string.Empty); var claims = new List <Claim> { new Claim(ClaimTypes.Email, email, context.Options.ClaimsIssuer), new Claim(ClaimTypes.Name, context.UserName, context.Options.ClaimsIssuer), // use (case-sensitive) UserName for role new Claim(ClaimTypes.Role, context.UserName), // random organisation for Joe public new Claim(nameof(Organisations), org?.Id ?? Guid.NewGuid().ToString()) }; context.Principal = new ClaimsPrincipal(new ClaimsIdentity(claims, BasicAuthenticationDefaults.AuthenticationScheme)); return(Task.CompletedTask); }
/// <inheritdoc/> protected override async Task <AuthenticateResult> HandleAuthenticateAsync() { // RFC 7230 section 3.2.2 var authorizationHeaderValues = this.Request.Headers.GetCommaSeparatedValues(HeaderNames.Authorization); // there is no authorization header so there is nothing to do by this middleware if ((authorizationHeaderValues == null) || (authorizationHeaderValues.Length == 0)) { this.Logger.LogDebug("'Authorization' header is not present in the request."); return(AuthenticateResult.NoResult()); } string basicAuthorizationHeader = authorizationHeaderValues.FirstOrDefault(s => s.StartsWith(Basic + ' ', StringComparison.OrdinalIgnoreCase)); // Authorization header is not 'Basic' so there is nothing to do by this middleware if (string.IsNullOrEmpty(basicAuthorizationHeader)) { this.Logger.LogDebug("'Authorization' header is not in 'Basic' scheme in the request."); return(AuthenticateResult.NoResult()); } string credentials = basicAuthorizationHeader.Replace($"{Basic} ", string.Empty).Trim(); if (string.IsNullOrEmpty(credentials)) { return(AuthenticateResult.Fail("The credentials are not present for 'Basic' scheme.")); } string decodedCredentials; try { decodedCredentials = Encoding.UTF8.GetString(Convert.FromBase64String(credentials)); } catch (Exception) { return(AuthenticateResult.Fail("The credentials can not be decoded in 'Basic' scheme.")); } int delimiterIndex = decodedCredentials.IndexOf(":", StringComparison.OrdinalIgnoreCase); if (delimiterIndex < 0) { return(AuthenticateResult.Fail("The credentials delimiter is not present in 'Basic' scheme.")); } string userName = decodedCredentials.Substring(0, delimiterIndex); string password = decodedCredentials.Substring(delimiterIndex + 1); var context = new ValidatePrincipalContext(this.Context, this.Scheme, this.Options, userName, password); return(await this.Options.Events.ValidatePrincipal(context)); }
public override Task ValidatePrincipalAsync(ValidatePrincipalContext context) { if ((context.UserName == demoUsername) && (context.Password == demoPassword)) { var claims = new List <Claim> { new Claim(ClaimTypes.Name, context.UserName, context.Options.ClaimsIssuer) }; var principal = new ClaimsPrincipal(new ClaimsIdentity(claims, context.Scheme.Name)); context.Principal = principal; } return(Task.CompletedTask); }
public override Task ValidatePrincipalAsync(ValidatePrincipalContext context) { var user = _userService.Authenticate(context.UserName, context.Password); if (user != null) { var claims = new[] { new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()), new Claim(ClaimTypes.Name, user.UserName), }; var principal = new ClaimsPrincipal(new ClaimsIdentity(claims, context.Scheme.Name)); context.Principal = principal; } return(Task.CompletedTask); }
public override Task ValidatePrincipalAsync(ValidatePrincipalContext context) { if ((context.UserName == "test") && (context.Password == "test")) { var claims = new List <Claim> { new Claim(ClaimTypes.Name, context.UserName, context.Options.ClaimsIssuer) }; var principal = new ClaimsPrincipal(new ClaimsIdentity(claims, BasicAuthenticationDefaults.AuthenticationScheme)); context.Principal = principal; } return(Task.CompletedTask); }
/// <inheritdoc/> public override Task ValidatePrincipalAsync(ValidatePrincipalContext context) { // keep the bots away if (string.Equals(context.UserName, _config.Username) && string.Equals(context.Password, _config.Password)) { var claims = new List <Claim> { new Claim(ClaimTypes.Name, context.UserName, context.Options.ClaimsIssuer) }; var principal = new ClaimsPrincipal(new ClaimsIdentity(claims, BasicAuthenticationDefaults.AuthenticationScheme)); context.Principal = principal; } return(Task.CompletedTask); }
public override Task ValidatePrincipalAsync(ValidatePrincipalContext context) { if (context.UserName == this.authenticationSettings.Login && context.Password == this.authenticationSettings.Password) { var identity = new ClaimsIdentity( new[] { new Claim(ClaimTypes.Name, context.UserName, context.Options.ClaimsIssuer) }, BasicAuthenticationDefaults.AuthenticationScheme); context.Principal = new ClaimsPrincipal(identity); } return(Task.CompletedTask); }
public static Task Authenticate(ValidatePrincipalContext context) { // use basic authentication to support Swagger if (context.UserName != context.Password) { context.AuthenticationFailMessage = "Authentication failed."; return(Task.CompletedTask); } var primaryRoleId = string.Empty; switch (context.UserName) { case Roles.Admin: case Roles.Buyer: primaryRoleId = PrimaryRole.GovernmentDepartment; break; case Roles.Supplier: primaryRoleId = PrimaryRole.ApplicationServiceProvider; break; default: break; } var servProv = context.HttpContext.RequestServices; var orgStore = (IOrganisationDatastore)servProv.GetService(typeof(IOrganisationDatastore)); var org = orgStore.GetAll().FirstOrDefault(x => x.PrimaryRoleId == primaryRoleId); var claims = new List <Claim> { new Claim(ClaimTypes.Name, context.UserName, context.Options.ClaimsIssuer), // use (case-sensitive) UserName for role new Claim(ClaimTypes.Role, context.UserName), // random organisation for Joe public new Claim(nameof(Organisation), org?.Id ?? Guid.NewGuid().ToString()) }; context.Principal = new ClaimsPrincipal(new ClaimsIdentity(claims, BasicAuthenticationDefaults.AuthenticationScheme)); return(Task.CompletedTask); }
public override Task ValidatePrincipalAsync(ValidatePrincipalContext context) { if (QueryIsValidStaffLogon(_db, context.UserName, context.Password)) { var claims = new List <Claim> { new Claim(ClaimTypes.Name, context.UserName, context.Options.ClaimsIssuer) }; var principle = new ClaimsPrincipal(new ClaimsIdentity(claims, BasicAuthenticationDefaults.AuthenticationScheme)); context.Principal = principle; var ticket = new AuthenticationTicket(principle, new AuthenticationProperties(), BasicAuthenticationDefaults.AuthenticationScheme); return(Task.FromResult(AuthenticateResult.Success(ticket))); } return(Task.FromResult(AuthenticateResult.Fail("Authentication failed."))); }
private async Task ValidatePrincipalAsync(ValidatePrincipalContext context) { // Try sign in SignInResult result = await SignInAsync(context.HttpContext, context.UserName, context.Password, true, BasicAuthenticationDefaults.AuthenticationScheme) .ConfigureAwait(false); // Check result if (result.Succeeded) { context.Principal = context.HttpContext.User; } else if (result.IsLockedOut) { context.AuthenticationFailMessage = "Account locked."; } else { context.AuthenticationFailMessage = "Authentication failed."; } }
public Task Authenticate(ValidatePrincipalContext context) { var contact = _contactDatastore.ByEmail(context.UserName); if (contact?.Password != _hash.CreateMD5(context.Password)) { context.AuthenticationFailMessage = "Authentication failed."; return(Task.CompletedTask); } var claims = new List <Claim> { new Claim(ClaimTypes.Email, $"{contact.Email}", context.Options.ClaimsIssuer), new Claim(ClaimTypes.Role, contact.Role, context.Options.ClaimsIssuer) }; var principal = new ClaimsPrincipal(new ClaimsIdentity(claims, BasicAuthenticationDefaults.AuthenticationScheme)); context.Principal = principal; return(Task.CompletedTask); }
public override async Task ValidatePrincipalAsync(ValidatePrincipalContext context) { if (String.IsNullOrEmpty(context.UserName)) { return; } using (var sqliteConnection = new SQLiteConnection("Data Source=notesdb.sqlite")) { await sqliteConnection.OpenAsync(); var members = await sqliteConnection.QueryAsync("SELECT * FROM member WHERE login=@login AND plainpassword=@password", new { login = context.UserName, password = context.Password }); await sqliteConnection.CloseAsync(); if (members.Count() == 1 && members.First().login == context.UserName) { var claims = new List <Claim> { new Claim(ClaimTypes.Name, context.UserName, context.Options.ClaimsIssuer), new Claim(ClaimTypes.Email, members.First().email, context.Options.ClaimsIssuer), new Claim(ClaimTypes.GivenName, members.First().givenname, context.Options.ClaimsIssuer), new Claim(ClaimType_MemberId, members.First().id.ToString(), context.Options.ClaimsIssuer), }; var principal = new ClaimsPrincipal(new ClaimsIdentity(claims, context.Scheme.Name)); context.Principal = principal; } //else //{ // // optional with following default. // // context.AuthenticationFailMessage = "Authentication failed."; //} //return Task.CompletedTask; } }