public Task <IHttpResponse> Instigate(IApplication httpApp, IHttpRequest request, ParameterInfo parameterInfo, Func <object, Task <IHttpResponse> > onSuccess) { return(request.GetClaims( (claimsEnumerable) => { var claims = claimsEnumerable.ToArray(); return claims.GetAccountIdMaybe( request, Auth.ClaimEnableActorAttribute.Type, (accountIdMaybe) => { var sessionIdClaimType = Auth.ClaimEnableSessionAttribute.Type; return claims.GetSessionIdAsync( request, sessionIdClaimType, (sessionId) => { var token = new SessionTokenMaybe { accountIdMaybe = accountIdMaybe, sessionId = sessionId, claims = claims, }; return onSuccess(token); }); }); }, () => { var token = new SessionTokenMaybe { accountIdMaybe = default,
public static async Task <IHttpResponse> GetAsync( [QueryParameter(Name = SessionIdPropertyName, CheckFileName = true)] IRef <Session> sessionRef, EastFive.Api.SessionTokenMaybe security, IAuthApplication application, ContentTypeResponse <Session> onFound, NotFoundResponse onNotFound, UnauthorizedResponse onUnauthorized, ConfigurationFailureResponse onConfigurationFailure) { if (!IsAnonSessionAllowed()) { if (security.sessionId != sessionRef.id) { return(onUnauthorized()); } } return(await await sessionRef.StorageGetAsync( (session) => { return Web.Configuration.Settings.GetUri( EastFive.Security.AppSettings.TokenScope, scope => { return Web.Configuration.Settings.GetDouble(Security.SessionServer.Configuration.AppSettings.TokenExpirationInMinutes, (tokenExpirationInMinutes) => { return GetClaimsAsync(application, session.authorization, (claims, accountIdMaybe, authorized) => { session.account = accountIdMaybe; session.authorized = authorized; return Api.Auth.JwtTools.CreateToken(session.id, scope, TimeSpan.FromMinutes(tokenExpirationInMinutes), claims, (tokenNew) => { session.token = tokenNew; return onFound(session); }, (missingConfig) => onConfigurationFailure("Missing", missingConfig), (configName, issue) => onConfigurationFailure(configName, issue)); }, (why) => onNotFound()); }, (why) => onConfigurationFailure("Missing", why).AsTask()); }, (why) => onConfigurationFailure("Missing", why).AsTask()); }, () => onNotFound().AsTask())); bool IsAnonSessionAllowed() { var appType = application.GetType(); if (!appType.TryGetAttributeInterface <IConfigureAuthorization>(out IConfigureAuthorization authConfig)) { return(false); } return(authConfig.IsAnonymousSessionAllowed); } }