private void HandleException(CookieExceptionContext exception) { var ex = exception; }
protected override async Task HandleSignInAsync(SignInContext signin) { var ticket = await EnsureCookieTicket(); try { var tenantResolver = tenantResolverFactory.GetResolver(); var cookieOptions = BuildCookieOptions(); //var signInContext = new CookieResponseSignInContext( // Context, // Options, // Options.AuthenticationScheme, // signin.Principal, // new AuthenticationProperties(signin.Properties), // cookieOptions); var signInContext = new CookieSigningInContext( Context, Options, tenantResolver.ResolveAuthScheme(Options.AuthenticationScheme), signin.Principal, new AuthenticationProperties(signin.Properties), cookieOptions); DateTimeOffset issuedUtc; if (signInContext.Properties.IssuedUtc.HasValue) { issuedUtc = signInContext.Properties.IssuedUtc.Value; } else { issuedUtc = Options.SystemClock.UtcNow; signInContext.Properties.IssuedUtc = issuedUtc; } if (!signInContext.Properties.ExpiresUtc.HasValue) { signInContext.Properties.ExpiresUtc = issuedUtc.Add(Options.ExpireTimeSpan); } await Options.Events.SigningIn(signInContext); if (signInContext.Properties.IsPersistent) { var expiresUtc = signInContext.Properties.ExpiresUtc ?? issuedUtc.Add(Options.ExpireTimeSpan); signInContext.CookieOptions.Expires = expiresUtc.ToUniversalTime().DateTime; } ticket = new AuthenticationTicket(signInContext.Principal, signInContext.Properties, signInContext.AuthenticationScheme); if (Options.SessionStore != null) { if (_sessionKey != null) { await Options.SessionStore.RemoveAsync(_sessionKey); } _sessionKey = await Options.SessionStore.StoreAsync(ticket); var principal = new ClaimsPrincipal( new ClaimsIdentity( new[] { new Claim(SessionIdClaim, _sessionKey, ClaimValueTypes.String, Options.ClaimsIssuer) }, Options.ClaimsIssuer)); //ticket = new AuthenticationTicket(principal, null, Options.AuthenticationScheme); ticket = new AuthenticationTicket(principal, null, tenantResolver.ResolveAuthScheme(Options.AuthenticationScheme)); } //var cookieValue = Options.TicketDataFormat.Protect(ticket); var ticketDataFormet = GetTicketDataFormat(tenantResolver); var cookieValue = ticketDataFormet.Protect(ticket); //Options.CookieManager.AppendResponseCookie( // Context, // Options.CookieName, // cookieValue, // signInContext.CookieOptions); Options.CookieManager.AppendResponseCookie( Context, tenantResolver.ResolveCookieName(Options.CookieName), cookieValue, signInContext.CookieOptions); //var signedInContext = new CookieResponseSignedInContext( // Context, // Options, // Options.AuthenticationScheme, // signInContext.Principal, // signInContext.Properties); var signedInContext = new CookieSignedInContext( Context, Options, tenantResolver.ResolveAuthScheme(Options.AuthenticationScheme), signInContext.Principal, signInContext.Properties); await Options.Events.SignedIn(signedInContext); var shouldLoginRedirect = Options.LoginPath.HasValue && OriginalPath == Options.LoginPath; await ApplyHeaders(shouldLoginRedirect); } catch (Exception exception) { var exceptionContext = new CookieExceptionContext(Context, Options, CookieExceptionContext.ExceptionLocation.SignIn, exception, ticket); await Options.Events.Exception(exceptionContext); if (exceptionContext.Rethrow) { throw; } } }
public void Exception(CookieExceptionContext context) { }
/// <summary> /// Implements the interface method by invoking the related delegate method /// </summary> /// <param name="context">Contains information about the event</param> public virtual void Exception(CookieExceptionContext context) { OnException.Invoke(context); }
protected override async Task FinishResponseAsync() { // Only renew if requested, and neither sign in or sign out was called if (!_shouldRenew || SignInAccepted || SignOutAccepted) { return; } var ticket = await HandleAuthenticateOnceAsync(); try { if (_renewIssuedUtc.HasValue) { ticket.Properties.IssuedUtc = _renewIssuedUtc; } if (_renewExpiresUtc.HasValue) { ticket.Properties.ExpiresUtc = _renewExpiresUtc; } var tenantResolver = tenantResolverFactory.GetResolver(); if (Options.SessionStore != null && _sessionKey != null) { await Options.SessionStore.RenewAsync(_sessionKey, ticket); //var principal = new ClaimsPrincipal( // new ClaimsIdentity( // new[] { new Claim(SessionIdClaim, _sessionKey, ClaimValueTypes.String, Options.ClaimsIssuer) }, // Options.AuthenticationScheme)); var principal = new ClaimsPrincipal( new ClaimsIdentity( new[] { new Claim(SessionIdClaim, _sessionKey, ClaimValueTypes.String, Options.ClaimsIssuer) }, tenantResolver.ResolveAuthScheme(Options.AuthenticationScheme))); //ticket = new AuthenticationTicket(principal, null, Options.AuthenticationScheme); ticket = new AuthenticationTicket(principal, null, tenantResolver.ResolveAuthScheme(Options.AuthenticationScheme)); } //var cookieValue = Options.TicketDataFormat.Protect(ticket); var ticketDataFormat = GetTicketDataFormat(tenantResolver); var cookieValue = ticketDataFormat.Protect(ticket); var cookieOptions = BuildCookieOptions(); if (ticket.Properties.IsPersistent && _renewExpiresUtc.HasValue) { cookieOptions.Expires = _renewExpiresUtc.Value.ToUniversalTime().DateTime; } //Options.CookieManager.AppendResponseCookie( // Context, // Options.CookieName, // cookieValue, // cookieOptions); Options.CookieManager.AppendResponseCookie( Context, tenantResolver.ResolveCookieName(Options.CookieName), cookieValue, cookieOptions); await ApplyHeaders(shouldRedirectToReturnUrl : false); } catch (Exception exception) { var exceptionContext = new CookieExceptionContext(Context, Options, CookieExceptionContext.ExceptionLocation.FinishResponse, exception, ticket); await Options.Events.Exception(exceptionContext); if (exceptionContext.Rethrow) { throw; } } }
public void Exception(CookieExceptionContext context) { context.OwinContext.TraceOutput.WriteLine($"Exception {context.Exception.Message}"); }
/// <summary> /// Implements the interface method by invoking the related delegate method. /// </summary> /// <param name="context">Contains information about the event</param> public virtual Task Exception(CookieExceptionContext context) => OnException(context);
public void Exception(CookieExceptionContext context) { //throw new NotImplementedException(); }
/// <summary> /// Core authentication logic /// </summary> /// <returns></returns> protected override async Task <AuthenticationTicket> AuthenticateCoreAsync() { AuthenticationTicket ticket = null; try { string cookie = Options.CookieManager.GetRequestCookie(Context, Options.CookieName); if (string.IsNullOrWhiteSpace(cookie)) { return(null); } ticket = Options.TicketDataFormat.Unprotect(cookie); if (ticket == null) { _logger.WriteWarning(@"Unprotect ticket failed"); return(null); } if (Options.SessionStore != null) { Claim claim = ticket.Identity.Claims.FirstOrDefault(c => c.Type.Equals(SessionIdClaim)); if (claim == null) { _logger.WriteWarning(@"SessoinId missing"); return(null); } _sessionKey = claim.Value; ticket = await Options.SessionStore.RetrieveAsync(_sessionKey); if (ticket == null) { _logger.WriteWarning(@"Identity missing in session store"); return(null); } } DateTimeOffset currentUtc = Options.SystemClock.UtcNow; DateTimeOffset?issuedUtc = ticket.Properties.IssuedUtc; DateTimeOffset?expiresUtc = ticket.Properties.ExpiresUtc; if (expiresUtc != null && expiresUtc.Value < currentUtc) { if (Options.SessionStore != null) { await Options.SessionStore.RemoveAsync(_sessionKey); } return(null); } bool?allowRefresh = ticket.Properties.AllowRefresh; if (issuedUtc != null && expiresUtc != null && Options.SlidingExpiration && (!allowRefresh.HasValue || allowRefresh.Value)) { TimeSpan timeElapsed = currentUtc.Subtract(issuedUtc.Value); TimeSpan timeRemaining = expiresUtc.Value.Subtract(currentUtc); if (timeRemaining < timeElapsed) { _shouldRenew = true; _renewIssuedUtc = currentUtc; TimeSpan timeSpan = expiresUtc.Value.Subtract(issuedUtc.Value); _renewExpiresUtc = currentUtc.Add(timeSpan); } } var context = new CookieValidateIdentityContext(Context, ticket, Options); await Options.Provider.ValidateIdentity(context); return(new AuthenticationTicket(context.Identity, context.Properties)); } catch (Exception exception) { CookieExceptionContext exceptionContext = new CookieExceptionContext(Context, Options, CookieExceptionContext.ExceptionLocation.AuthenticateAsync, exception, ticket); Options.Provider.Exception(exceptionContext); if (exceptionContext.Rethrow) { throw; } return(exceptionContext.Ticket); } }
/// <summary> /// Applies grants to the response /// </summary> /// <returns></returns> protected override async Task ApplyResponseGrantAsync() { AuthenticationResponseGrant signin = Helper.LookupSignIn(Options.AuthenticationType); bool shouldSignin = signin != null; AuthenticationResponseRevoke signout = Helper.LookupSignOut(Options.AuthenticationType, Options.AuthenticationMode); bool shouldSignout = signout != null; if (!(shouldSignin || shouldSignout || _shouldRenew)) { return; } AuthenticationTicket model = await AuthenticateAsync(); try { var cookieOptions = new CookieOptions { Domain = Options.CookieDomain, HttpOnly = Options.CookieHttpOnly, Path = Options.CookiePath ?? "/", }; if (Options.CookieSecure == CookieSecureOption.SameAsRequest) { cookieOptions.Secure = Request.IsSecure; } else { cookieOptions.Secure = Options.CookieSecure == CookieSecureOption.Always; } if (shouldSignin) { var signInContext = new CookieResponseSignInContext( Context, Options, Options.AuthenticationType, signin.Identity, signin.Properties, cookieOptions); DateTimeOffset issuedUtc; if (signInContext.Properties.IssuedUtc.HasValue) { issuedUtc = signInContext.Properties.IssuedUtc.Value; } else { issuedUtc = Options.SystemClock.UtcNow; signInContext.Properties.IssuedUtc = issuedUtc; } if (!signInContext.Properties.ExpiresUtc.HasValue) { signInContext.Properties.ExpiresUtc = issuedUtc.Add(Options.ExpireTimeSpan); } Options.Provider.ResponseSignIn(signInContext); if (signInContext.Properties.IsPersistent) { DateTimeOffset expiresUtc = signInContext.Properties.ExpiresUtc ?? issuedUtc.Add(Options.ExpireTimeSpan); signInContext.CookieOptions.Expires = expiresUtc.ToUniversalTime().DateTime; } model = new AuthenticationTicket(signInContext.Identity, signInContext.Properties); if (Options.SessionStore != null) { if (_sessionKey != null) { await Options.SessionStore.RemoveAsync(_sessionKey); } _sessionKey = await Options.SessionStore.StoreAsync(model); ClaimsIdentity identity = new ClaimsIdentity( new[] { new Claim(SessionIdClaim, _sessionKey) }, Options.AuthenticationType); model = new AuthenticationTicket(identity, null); } string cookieValue = Options.TicketDataFormat.Protect(model); Options.CookieManager.AppendResponseCookie( Context, Options.CookieName, cookieValue, signInContext.CookieOptions); var signedInContext = new CookieResponseSignedInContext( Context, Options, Options.AuthenticationType, signInContext.Identity, signInContext.Properties); Options.Provider.ResponseSignedIn(signedInContext); } else if (shouldSignout) { if (Options.SessionStore != null && _sessionKey != null) { await Options.SessionStore.RemoveAsync(_sessionKey); } var context = new CookieResponseSignOutContext( Context, Options, cookieOptions); Options.Provider.ResponseSignOut(context); Options.CookieManager.DeleteCookie( Context, Options.CookieName, context.CookieOptions); } else if (_shouldRenew && model.Identity != null) { model.Properties.IssuedUtc = _renewIssuedUtc; model.Properties.ExpiresUtc = _renewExpiresUtc; if (Options.SessionStore != null && _sessionKey != null) { await Options.SessionStore.RenewAsync(_sessionKey, model); ClaimsIdentity identity = new ClaimsIdentity( new[] { new Claim(SessionIdClaim, _sessionKey) }, Options.AuthenticationType); model = new AuthenticationTicket(identity, null); } string cookieValue = Options.TicketDataFormat.Protect(model); if (model.Properties.IsPersistent) { cookieOptions.Expires = _renewExpiresUtc.ToUniversalTime().DateTime; } Options.CookieManager.AppendResponseCookie( Context, Options.CookieName, cookieValue, cookieOptions); } Response.Headers.Set( HeaderNameCacheControl, HeaderValueNoCache); Response.Headers.Set( HeaderNamePragma, HeaderValueNoCache); Response.Headers.Set( HeaderNameExpires, HeaderValueMinusOne); bool shouldLoginRedirect = shouldSignin && Options.LoginPath.HasValue && Request.Path == Options.LoginPath; bool shouldLogoutRedirect = shouldSignout && Options.LogoutPath.HasValue && Request.Path == Options.LogoutPath; if ((shouldLoginRedirect || shouldLogoutRedirect) && Response.StatusCode == 200) { IReadableStringCollection query = Request.Query; string redirectUri = query.Get(Options.ReturnUrlParameter); if (!string.IsNullOrWhiteSpace(redirectUri) && IsHostRelative(redirectUri)) { var redirectContext = new CookieApplyRedirectContext(Context, Options, redirectUri); Options.Provider.ApplyRedirect(redirectContext); } } } catch (Exception exception) { CookieExceptionContext exceptionContext = new CookieExceptionContext(Context, Options, CookieExceptionContext.ExceptionLocation.ApplyResponseGrant, exception, model); Options.Provider.Exception(exceptionContext); if (exceptionContext.Rethrow) { throw; } } }
public override void Exception(CookieExceptionContext context) { base.Exception(context); }
private static void HandleCookieException(CookieExceptionContext ex) { Log.Fatal(ex.Exception.Message, ex.Exception, typeof(CookieAuthentication)); }