private Task OnTicketReceived(TicketReceivedContext context) { string iPlanetProCookie = string.Empty; if (context.Request.HasFormContentType) { String jwtTokenString = context.Request.Form["id_token"]; //JwtSecurityToken jwtToken = new JwtSecurityToken(jwtTokenString); //context.Principal.AddIdentity(new ClaimsIdentity(jwtToken.Claims)); var identity = context.Principal.Identity as ClaimsIdentity; if (identity != null) { if (!context.Principal.HasClaim(c => c.Type == ClaimTypes.Name) && identity.HasClaim(c => c.Type == "name")) { identity.AddClaim(new Claim(ClaimTypes.Name, identity.FindFirst("name").Value)); } } context.HttpContext.Authentication.SignInAsync("Cookies", context.Principal); CookieOptions options = new CookieOptions(); options.Expires = DateTime.Now.AddDays(1); // Lire les cookies de la session et les stocker dans une chaine de caractere. //foreach (var cookie in context.HttpContext.Request.Cookies) { // if (cookie.Key.Equals("iPlanetDirectoryPro")) // iPlanetProCookie = cookie.Value; // Console.WriteLine( cookie.Key + ": " + cookie.Value); //} context.Response.Cookies.Append("ca.qc.inspq.oidc.token", jwtTokenString, options); } return(Task.FromResult(0)); }
private Task OnTicketReceived(TicketReceivedContext ticketReceivedContext) { // Get the ClaimsIdentity var identity = ticketReceivedContext.Principal.Identity as ClaimsIdentity; if (identity != null) { // Check if token names are stored in Properties if (ticketReceivedContext.Properties.Items.ContainsKey(".TokenNames")) { // Token names a semicolon separated var tokenNames = ticketReceivedContext.Properties.Items[".TokenNames"].Split(';'); // Add each token value as Claim foreach (var tokenName in tokenNames) { // Tokens are stored in a Dictionary with the Key ".Token.<token name>" var tokenValue = ticketReceivedContext.Properties.Items[$".Token.{tokenName}"]; identity.AddClaim(new Claim(tokenName, tokenValue)); } } } return(Task.FromResult(0)); }
public override Task TicketReceived(TicketReceivedContext context) { var userDto = new UserDto { Username = context.Principal.Claims.FirstOrDefault(x => x.Type.Contains("email")).Value, FirstName = context.Principal.Claims.FirstOrDefault(x => x.Type.Contains("givenname")).Value, LastName = context.Principal.Claims.FirstOrDefault(x => x.Type.Contains("surname")).Value }; var existingUser = _userService.GetByUsername(userDto.Username); if (existingUser == null) { var user = _userAdapter.ConvertToEntity(userDto); user.Token = GenerateJwtToken(user); existingUser = _userService.Create(user); } else { if (DateTime.UtcNow > existingUser.Token.ExpirationDate) { existingUser.Token = GenerateJwtToken(existingUser); _userService.Update(existingUser); } } context.Request.Headers.Add("Bearer", existingUser.Token.TokenString); return(Task.FromResult(context)); }
private static Task _onTicketReceived(TicketReceivedContext context) { context.Properties.IsPersistent = true; context.Properties.AllowRefresh = true; context.Properties.ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(30); return(Task.CompletedTask); }
/// <summary> /// When an oauth token has been successfully received. /// </summary> /// <param name="context"></param> /// <returns></returns> public static async Task HandleOnTicketReceived(TicketReceivedContext context) { await Task.Run(() => { var datasource = context.HttpContext.RequestServices.GetRequiredService <IDataSource>(); AuthenticationHelper.AuthorizeOauthUser(datasource, context.Principal); }); context.Success(); }
public async Task <Task> CreateOnSignUp(TicketReceivedContext ticketReceivedContext) { string username = null; string firstName = null; string lastName = null; string email = null; bool isNewUser = false; List <Claim> claims = ticketReceivedContext.Principal.Claims.ToList(); var claim = claims.FirstOrDefault(x => x.Type.EndsWith("isNewUser")); string userOId = claims.FirstOrDefault(c => c.Type == ClaimTypes.NameIdentifier).Value; var userInfo = _context.User.FirstOrDefault(s => s.ExternalId == userOId); if ((userInfo == null) || bool.Parse(claim.Value)) { isNewUser = true; } if (isNewUser) { ticketReceivedContext.ReturnUri = "/Users/Profile"; username = claims.FirstOrDefault(x => x.Type.EndsWith("nickname")).Value; //claims.First(x => x.Type == ClaimTypes.) if (claims.Find(c => (c.Type == ClaimTypes.NameIdentifier)).Value.StartsWith("google")) { if (claims.FirstOrDefault(x => x.Type.Contains("givenname")) != null) { firstName = claims.FirstOrDefault(x => x.Type.Contains("givenname")).Value; } if (claims.FirstOrDefault(x => x.Type.Contains("surname")) != null) { lastName = (claims.FirstOrDefault(x => x.Type.Contains("surname")).Value); } email = username + "@gmail.com"; } // claims.FirstOrDefault(x => x.Type.EndsWith("name")).Value; if (claims.Find(c => (c.Type == ClaimTypes.NameIdentifier)).Value.StartsWith("auth0")) { email = claims.FirstOrDefault(x => x.Type.StartsWith("name")).Value; } var pictureURL = claims.FirstOrDefault(x => x.Type.EndsWith("picture")).Value; if (String.IsNullOrEmpty(pictureURL)) { pictureURL = "http://ssl.gstatic.com/accounts/ui/avatar_2x.png"; } User user = new User() { Firstname = firstName, Lastname = lastName, ExternalId = userOId, Username = username, Email = email, PictureUrl = pictureURL }; //insert new value into DB _context.Add(user); await _context.SaveChangesAsync(); } return(Task.CompletedTask); }
public async Task <int> OnTokenReceived(TicketReceivedContext context) { var identity = context.Principal.Identity as ClaimsIdentity; identity.AddClaim(new Claim("id_token", tempIdToken)); var name = identity.Claims.ToList().Find(x => x.Type == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier"); //Do not wait for this , the cache will get upated in the background _cache.RefreshAndDontWait(name.Value, tempIdToken); return(await Task.FromResult(0)); }
public void PostLoginActions(TicketReceivedContext context, ServiceProvider serviceProvider) { var userEmail = context.Principal.Claims.First(x => x.Type == "preferred_username").Value; var userManager = (UserManager <User>)serviceProvider.GetService(typeof(UserManager <User>)); var signinManager = (SignInManager <User>)serviceProvider.GetService(typeof(SignInManager <User>)); var userResult = CheckIfUserIsNewAndCreate(userManager, signinManager, userEmail).Result; MergeDatabaseRolesWithClaims(context, userManager, userResult); }
public override Task TicketReceived(TicketReceivedContext context) { context.Properties.Items.Clear(); context.Properties.Items.Clear(); foreach (var principalClaim in context.Principal.Claims) { principalClaim.Properties.Clear(); } return(base.TicketReceived(context)); }
private Task HandleOnTicketReceived(TicketReceivedContext context) { // Get the principal identity var identity = context.Principal.Identities.First(); // Grab the email address var emailAddress = identity.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Email).Value; // Here, we can use the e-mail address to verify user state in our own database, attach any claims or transform the identity prior to stamping the cookie // Continue with the pipeline return(Task.CompletedTask); }
private Task OnTicketReceived(TicketReceivedContext context) { var userId = context.Principal.FindFirst(ClaimTypes.NameIdentifier).Value; var claims = new List <Claim> { new Claim(ClaimTypes.Role, _sqrlAdminUserIds.Contains(userId) ? "SqrlAdminRole" : "SqrlUserRole") }; var appIdentity = new ClaimsIdentity(claims); context.Principal.AddIdentity(appIdentity); return(Task.CompletedTask); }
private async Task SignUpUser(TicketReceivedContext ticketReceivedContext) { var user = (ClaimsIdentity)ticketReceivedContext.Principal.Identity; if (user.IsAuthenticated) { var athleteService = ticketReceivedContext.HttpContext.RequestServices.GetService <IAthleteService>(); await athleteService.OnAthleteLogin(user, ticketReceivedContext.Properties); } return; }
private static void MergeDatabaseRolesWithClaims(TicketReceivedContext context, UserManager <User> userManager, User user) { var isUserAnAdministrator = userManager.IsInRoleAsync(user, ConstantRoles.AdministratorRole).Result; if (isUserAnAdministrator) { var extraIdentity = new ClaimsIdentity(new List <Claim>() { new Claim(ClaimTypes.Role, ConstantRoles.AdministratorRole) }); context.Principal.AddIdentity(extraIdentity); } }
private async Task HandleTicketRecieved(TicketReceivedContext context) { _log.LogDebug($"ticket received"); var tokens = context.Properties.GetTokens().ToList(); if (tokens.Count > 0) { await _oidcHybridFlowHelper.CaptureOidcTokens(context.Principal, tokens); } //return Task.CompletedTask; }
public Task TicketReceived(TicketReceivedContext context) { /* * var userId = context.HttpContext.User.GetUserId(); * var token = context.ProtocolMessage.AccessToken; * * context.HttpContext.Response.Cookies.Append("token", token); */ _logger.LogInformation("Ticket Received", context.Ticket); return(Task.FromResult(0)); }
public async override Task TicketReceived(TicketReceivedContext context) { //如果不调用HandleResponse,默认的行为是重定向到RedirectUri属性指定的地址。 //在这里不需要定向 var handleResponseContext = new HandleResponseContext(context.HttpContext , context.Scheme , context.Options as WeChatClientOptions , context.Principal); await HandleResponse(handleResponseContext); context.HandleResponse(); await base.TicketReceived(context); }
private Task OnTicketReceived(TicketReceivedContext context) { var identity = context.Principal.Identity as ClaimsIdentity; StringBuilder builder = new StringBuilder(); var claims = identity?.Claims.Select(x => $"{x.Type}:{x.Value};"); if (claims != null) { builder.AppendJoin(", ", claims); } Logger.LogInformation($"Ticket received: [Claims:{builder}]"); //identity?.AddClaim(new Claim(AlfClaimTypes.SelectedTenant, AuthenticationOptions.TenantId)); return(Task.CompletedTask); }
public Task OnTicketReceived(TicketReceivedContext context) { // Get the ClaimsIdentity ClaimsIdentity identity = context.Principal.Identity as ClaimsIdentity; if (identity != null) { // Add the Name ClaimType. This is required if we want User.Identity.Name to actually return something! if (!context.Principal.HasClaim(c => c.Type == ClaimTypes.Name) && identity.HasClaim(c => c.Type == "name")) { identity.AddClaim(new Claim(ClaimTypes.Name, identity.FindFirst("name").Value)); } // Check if token names are stored in Properties if (context.Properties.Items.ContainsKey(".TokenNames")) { // Token names a semicolon separated string[] tokenNames = context.Properties.Items[".TokenNames"].Split(';'); // Add each token value as Claim foreach (string tokenName in tokenNames) { // Tokens are stored in a Dictionary with the Key ".Token.<token name>" string tokenValue = context.Properties.Items[$".Token.{tokenName}"]; identity.AddClaim(new Claim(tokenName, tokenValue)); } } Need4Service service = new Need4Service(); Need4Protocol.UserService.UserServiceClient userService = service.GetUserClient(); Need4Protocol.PermissionService.PermissionServiceClient permissionService = service.GetPermissionClient(); string email = Claims.GetEmail(context.Principal.Claims); Need4Protocol.User user = new Need4Protocol.User { Email = email }; Need4Protocol.User response = userService.GetUser(user); if (!response.Created) { response = userService.CreateUser(user); } else { Need4Protocol.PermissionSet permissions = permissionService.GetAllPermissions(user); } } return(Task.CompletedTask); }
internal static Task OnTicketReceived(TicketReceivedContext context) { if (context.Principal != null && context.Options.SignInScheme == new IdentityCookieOptions().ExternalCookieAuthenticationScheme) { //This way we will know all events were fired. var identity = context.Principal.Identities.First(); var manageStoreClaim = identity?.Claims.Where(c => c.Type == "ManageStore" && c.Value == "false").FirstOrDefault(); if (manageStoreClaim != null) { identity.RemoveClaim(manageStoreClaim); identity.AddClaim(new Claim("ManageStore", "Allowed")); } } return(Task.FromResult(0)); }
private static async Task SetupIdentityAndClaimsAndGa( TicketReceivedContext context, OpenIdAuthOptions authOptions) { var id = await GetClaimsIdentity( context.Scheme.Name, context.Properties.GetTokenValue("access_token"), context.HttpContext, authOptions, context.Principal.Claims?.ToArray()); await RegisterExternalAccount(context, id); try { await context.HttpContext.ConfirmAccountAsync( id, context.Properties.GetTokenValue("access_token")); } catch (Exception) { // Not logging here as it's already logged elsewhere. context.HandleResponse(); context.Response.Redirect("/error/authfailure"); return; } context.Principal = new ClaimsPrincipal(id); // The following is for GA. var subjectIdClaim = id.Claims.FirstOrDefault(x => x.Type == "sub"); if (subjectIdClaim != null) { var distributedCache = context.HttpContext.RequestServices.GetRequiredService <IDistributedCache>(); await distributedCache.SetAsync($"JUST-LOGGED-IN-{subjectIdClaim?.Value}", Encoding.UTF8.GetBytes("TRUE"), new DistributedCacheEntryOptions { AbsoluteExpirationRelativeToNow = TimeSpan.FromSeconds(5) }); } }
private static async Task OnTicketReceived(TicketReceivedContext context) { var principal = context.Principal; if (principal != null) { var mediator = context.HttpContext.RequestServices.GetRequiredService <IMediator>(); var @event = new UserLoggedInEvent { FullName = principal.Identity.Name, Email = principal.Claims .FirstOrDefault(x => x.Type == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress")?.Value }; await mediator.Publish(@event); } }
private async Task OnTicketReceived(TicketReceivedContext context) { var userId = context.Principal.FindFirst(ClaimTypes.NameIdentifier).Value; var database = context.HttpContext.RequestServices.GetRequiredService <DatabaseContext>(); var user = await database.User.SingleAsync(x => x.SqrlUser.UserId == userId); var claims = new List <Claim> { new Claim(ClaimTypes.Role, user.Role) }; var appIdentity = new ClaimsIdentity(claims); context.Principal.AddIdentity(appIdentity); context.Properties.IsPersistent = true; context.Properties.ExpiresUtc = DateTimeOffset.UtcNow.AddHours(3); context.Properties.IssuedUtc = DateTimeOffset.UtcNow; context.Properties.AllowRefresh = true; }
public static Task OnTicketReceivedCallback(TicketReceivedContext context) { List <Claim> claims = context.Principal.Claims.ToList(); string userId = claims.FirstOrDefault(context => { return(context.Type == ClaimTypes.NameIdentifier); }).Value; string email = context.Principal.Identity.Name; IUserService service = context.HttpContext.RequestServices.GetService <IUserService>(); User userModel = new User { Id = userId, Email = email }; service.Add(userModel); return(Task.CompletedTask); }
public async Task TicketReceivedAsync(TicketReceivedContext context) { if (context == null) { throw new ArgumentNullException(nameof(context)); } var principal = context.Principal; var email = principal.GetRequiredClaim(ClaimTypes.Email); var role = principal.GetOptionalClaim(_options.Value.RoleClaimType); var name = principal.GetName(); var user = await _userManager.FindByEmailAsync(email); if (user == null) { user = new ApplicationUser { UserName = email, Name = name, Email = email }; await _userManager.CreateAsync(user); } var claims = principal.GetAllClaimsExcept( ClaimTypes.NameIdentifier, ClaimTypes.Name, ClaimTypes.Role ).ToList(); claims.Add(new Claim(ClaimTypes.NameIdentifier, user.Id)); claims.Add(new Claim(ClaimTypes.Name, name)); if (!string.IsNullOrEmpty(role)) { claims.Add(new Claim(ClaimTypes.Role, role)); } context.Principal = new ClaimsPrincipal(new ClaimsIdentity(claims, principal.Identity.AuthenticationType)); }
private Task OnTicketReceived(TicketReceivedContext context) { if (context.Request.HasFormContentType) { String jwtTokenString = context.Request.Form["id_token"]; var identity = context.Principal.Identity as ClaimsIdentity; if (identity != null) { if (!context.Principal.HasClaim(c => c.Type == ClaimTypes.Name) && identity.HasClaim(c => c.Type == "name")) { identity.AddClaim(new Claim(ClaimTypes.Name, identity.FindFirst("name").Value)); } } CookieOptions options = new CookieOptions(); options.Expires = DateTime.Now.AddDays(1); context.Response.Cookies.Append("iPlanetDirectoryPro", jwtTokenString, options); } return(Task.FromResult(0)); }
private async Task OnTicketReceived(TicketReceivedContext ticketReceivedContext) { // Only one identity supported by the current implementation of IdentityServer4 if (ticketReceivedContext.Principal.Identities.Count() != 1) { throw new InvalidOperationException("only a single identity supported"); } var oldIdentity = ticketReceivedContext.Principal.Identity as ClaimsIdentity; var oldPrincipal = ticketReceivedContext.Principal; oldPrincipal.Clone(); var claims = new List <Claim>(); claims.AddRange(oldPrincipal.Claims); claims.Add(new Claim("sub", ticketReceivedContext.Principal.FindFirstValue(_configuration["Settings:WindowsAccountNameClaimtype"]))); var newIdentity = new ClaimsIdentity(claims, oldIdentity.AuthenticationType, oldIdentity.NameClaimType, oldIdentity.RoleClaimType); newIdentity.Actor = oldIdentity.Actor; ticketReceivedContext.Principal = new ClaimsPrincipal(newIdentity); }
public override Task TicketReceived(TicketReceivedContext context) { if (!String.IsNullOrEmpty(_domainName)) { var emailClaim = context.Ticket.Principal.Claims.FirstOrDefault( c => c.Type == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"); if (emailClaim == null) { context.Response.Redirect("/account/forbidden?reason=no_email_claim"); context.HandleResponse(); } if (emailClaim.Value == null || !emailClaim.Value.ToLower().EndsWith(_domainName)) { context.Response.Redirect("/account/forbidden?reason=domain_not_allowed"); context.HandleResponse(); } } return(base.TicketReceived(context)); }
private async Task OnClientAuthenticated(TicketReceivedContext arg) { string email = arg.Principal.Claims.Where(c => c.Type == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress").Select(c => c.Value).SingleOrDefault(); if (!string.IsNullOrEmpty(email)) { var userManager = arg.HttpContext.RequestServices.GetService <SignInManager <ApplicationUser> >(); AppDBContent appDbContent = arg.HttpContext.RequestServices.GetService <AppDBContent>(); if (appDbContent != null) { var user = await appDbContent.Users.Where(u => u.Email == email).FirstOrDefaultAsync(); if (user == null) { var query = HttpUtility.ParseQueryString(""); query["text_main"] = "Этот аккаунт еще не был зарегистрирован"; query["text"] = "Пожалуйста, пройдите регистрацию"; string queryStr = query.ToString(); arg.ReturnUri = "Error?" + queryStr; return; } if (userManager != null) { await userManager.SignInAsync(user, true); } else { arg.ReturnUri = "/Error"; return; } } return; } return; }
public Task OnTicketReceivedFunc(TicketReceivedContext ctx) { return(Task.CompletedTask); }
private static Task OnTicketReceived(TicketReceivedContext context) { return(Task.FromResult(0)); }