Exemple #1
0
        /// <summary>
        /// Called when the security stamp has been verified.
        /// </summary>
        /// <param name="user">The user who has been verified.</param>
        /// <param name="context">The <see cref="CookieValidatePrincipalContext"/>.</param>
        /// <returns>A task.</returns>
        protected virtual async Task SecurityStampVerified(TUser user, CookieValidatePrincipalContext context)
        {
            var newPrincipal = await SignInManager.CreateUserPrincipalAsync(user);

            if (Options.OnRefreshingPrincipal != null)
            {
                var replaceContext = new SecurityStampRefreshingPrincipalContext
                {
                    CurrentPrincipal = context.Principal,
                    NewPrincipal     = newPrincipal
                };

                // Note: a null principal is allowed and results in a failed authentication.
                await Options.OnRefreshingPrincipal(replaceContext);

                newPrincipal = replaceContext.NewPrincipal;
            }

            // REVIEW: note we lost login authentication method
            context.ReplacePrincipal(newPrincipal);
            context.ShouldRenew = true;

            if (!context.Options.SlidingExpiration)
            {
                // On renewal calculate the new ticket length relative to now to avoid
                // extending the expiration.
                context.Properties.IssuedUtc = Clock.UtcNow;
            }
        }
        /// <summary>
        /// Validates a security stamp of an identity as an asynchronous operation, and rebuilds the identity if the validation succeeds, otherwise rejects
        /// the identity.
        /// </summary>
        /// <param name="context">The context containing the <see cref="System.Security.Claims.ClaimsPrincipal"/>
        /// and <see cref="Http.Authentication.AuthenticationProperties"/> to validate.</param>
        /// <returns>The <see cref="Task"/> that represents the asynchronous validation operation.</returns>
        public virtual async Task ValidateAsync(CookieValidatePrincipalContext context)
        {
            var currentUtc = DateTimeOffset.UtcNow;

            if (context.Options != null && _clock != null)
            {
                currentUtc = _clock.UtcNow;
            }
            var issuedUtc = context.Properties.IssuedUtc;

            // Only validate if enough time has elapsed
            var validate = (issuedUtc == null);

            if (issuedUtc != null)
            {
                var timeElapsed = currentUtc.Subtract(issuedUtc.Value);
                validate = timeElapsed > _options.ValidationInterval;
            }
            if (validate)
            {
                var user = await _signInManager.ValidateSecurityStampAsync(context.Principal);

                if (user != null)
                {
                    var newPrincipal = await _signInManager.CreateUserPrincipalAsync(user);

                    if (_options.OnRefreshingPrincipal != null)
                    {
                        var replaceContext = new SecurityStampRefreshingPrincipalContext
                        {
                            CurrentPrincipal = context.Principal,
                            NewPrincipal     = newPrincipal
                        };

                        // Note: a null principal is allowed and results in a failed authentication.
                        await _options.OnRefreshingPrincipal(replaceContext);

                        newPrincipal = replaceContext.NewPrincipal;
                    }

                    // REVIEW: note we lost login authentication method
                    context.ReplacePrincipal(newPrincipal);
                    context.ShouldRenew = true;
                }
                else
                {
                    context.RejectPrincipal();
                    await _signInManager.SignOutAsync();
                }
            }
        }
        /// <summary>
        /// Called when the security stamp has been verified.
        /// </summary>
        /// <param name="user">The user who has been verified.</param>
        /// <param name="context">The <see cref="CookieValidatePrincipalContext"/>.</param>
        /// <returns>A task.</returns>
        protected virtual async Task SecurityStampVerified(TUser user, CookieValidatePrincipalContext context)
        {
            var newPrincipal = await SignInManager.CreateUserPrincipalAsync(user);

            if (Options.OnRefreshingPrincipal != null)
            {
                var replaceContext = new SecurityStampRefreshingPrincipalContext
                {
                    CurrentPrincipal = context.Principal,
                    NewPrincipal     = newPrincipal
                };

                // Note: a null principal is allowed and results in a failed authentication.
                await Options.OnRefreshingPrincipal(replaceContext);

                newPrincipal = replaceContext.NewPrincipal;
            }

            // REVIEW: note we lost login authentication method
            context.ReplacePrincipal(newPrincipal);
            context.ShouldRenew = true;
        }