public async Task PostAuthenticateAsync(PostAuthenticationContext context)
{
foreach (var service in this.services)
{
await service.PostAuthenticateAsync(context);
}
}
public async Task PostAuthenticateAsync(PostAuthenticationContext context)
{
var signInData = Mapper.Map<SignInMessage, SignInData>(context.SignInMessage);
var authenticationResult = Mapper.Map<AuthenticateResult, AuthenticationResult>(context.AuthenticateResult);
var result = await domainService.PostAuthenticateAsync(signInData, authenticationResult);
context.AuthenticateResult = Mapper.Map<AuthenticationResult, AuthenticateResult>(result);
}
public Task PostAuthenticateAsync(PostAuthenticationContext context)
{
return inner.PostAuthenticateAsync(context);
}
public async Task PostAuthenticateAsync(PostAuthenticationContext context)
{
await this.inMemoryUserService.PostAuthenticateAsync(context);
}
private async Task<Tuple<IHttpActionResult, AuthenticateResult>> PostAuthenticateAsync(SignInMessage signInMessage, AuthenticateResult result)
{
if (result.IsPartialSignIn == false)
{
Logger.Info("Calling PostAuthenticateAsync on the user service");
var ctx = new PostAuthenticationContext
{
SignInMessage = signInMessage,
AuthenticateResult = result
};
await userService.PostAuthenticateAsync(ctx);
var authResult = ctx.AuthenticateResult;
if (authResult == null)
{
Logger.Error("user service PostAuthenticateAsync returned a null AuthenticateResult");
return new Tuple<IHttpActionResult,AuthenticateResult>(RenderErrorPage(), null);
}
if (authResult.IsError)
{
Logger.WarnFormat("user service PostAuthenticateAsync returned an error message: {0}", authResult.ErrorMessage);
return new Tuple<IHttpActionResult, AuthenticateResult>(RenderErrorPage(authResult.ErrorMessage), null);
}
if (result != authResult)
{
result = authResult;
Logger.Info("user service PostAuthenticateAsync returned a different AuthenticateResult");
}
}
return new Tuple<IHttpActionResult, AuthenticateResult>(null, result);
}
public Task PostAuthenticateAsync(PostAuthenticationContext context)
{
return Task.FromResult(0);
}
public override Task PostAuthenticateAsync(PostAuthenticationContext context)
{
return base.PostAuthenticateAsync(context);
}
private static void PerformTwoFactorAuthentication(PostAuthenticationContext context,
ClaimsPrincipal authenticatedUser)
{
var twoFactorTokenService = new TwoFactorTokenService();
if (twoFactorTokenService.HasVerifiedTwoFactorCode(authenticatedUser.GetSubjectId()))
{
return;
}
twoFactorTokenService.GenerateTwoFactorCodeFor(authenticatedUser.GetSubjectId());
context.AuthenticateResult =
new AuthenticateResult("~/twofactorauthentication", authenticatedUser.GetSubjectId(),
authenticatedUser.GetName(), authenticatedUser.Claims);
}
private Task<bool> IsTwoFactorAuthenticationRequiredAsync(PostAuthenticationContext context)
{
var twoFactorRequired = context.SignInMessage.AcrValues.Any(v => v == "2fa");
return Task.FromResult(twoFactorRequired);
}
public override async Task PostAuthenticateAsync(PostAuthenticationContext context)
{
var twoFactorRequired = await IsTwoFactorAuthenticationRequiredAsync(context);
if (!twoFactorRequired)
{
return;
}
var authenticatedUser = context.AuthenticateResult.User;
PerformTwoFactorAuthentication(context, authenticatedUser);
}
