public static GetAuthProvider ( string provider ) : IAuthProvider | ||
provider | string | |
return | IAuthProvider |
public virtual IHttpResult OnAuthenticated(IServiceBase authService, IAuthSession session, IAuthTokens tokens, Dictionary <string, string> authInfo) { session.AuthProvider = Provider; if (session is AuthUserSession userSession) { LoadUserAuthInfo(userSession, tokens, authInfo); HostContext.TryResolve <IAuthMetadataProvider>().SafeAddMetadata(tokens, authInfo); LoadUserAuthFilter?.Invoke(userSession, tokens, authInfo); } var hasTokens = tokens != null && authInfo != null; if (hasTokens && SaveExtendedUserInfo) { if (tokens.Items == null) { tokens.Items = new Dictionary <string, string>(); } authInfo.ForEach((x, y) => tokens.Items[x] = y); } if (session is AuthUserSession authSession) { var failed = authSession.Validate(authService, session, tokens, authInfo); if (failed != null) { authService.RemoveSession(); return(failed); } } var authRepo = GetAuthRepository(authService.Request); using (authRepo as IDisposable) { if (CustomValidationFilter != null) { var ctx = new AuthContext { Request = authService.Request, Service = authService, AuthProvider = this, Session = session, AuthTokens = tokens, AuthInfo = authInfo, AuthRepository = authRepo, }; var response = CustomValidationFilter(ctx); if (response != null) { authService.RemoveSession(); return(response); } } if (authRepo != null) { var failed = ValidateAccount(authService, authRepo, session, tokens); if (failed != null) { authService.RemoveSession(); return(failed); } if (hasTokens) { var authDetails = authRepo.CreateOrMergeAuthSession(session, tokens); session.UserAuthId = authDetails.UserAuthId.ToString(); var firstTimeAuthenticated = authDetails.CreatedDate == authDetails.ModifiedDate; if (firstTimeAuthenticated) { session.OnRegistered(authService.Request, session, authService); AuthEvents.OnRegistered(authService.Request, session, authService); } } authRepo.LoadUserAuth(session, tokens); foreach (var oAuthToken in session.GetAuthTokens()) { var authProvider = AuthenticateService.GetAuthProvider(oAuthToken.Provider); var userAuthProvider = authProvider as OAuthProvider; userAuthProvider?.LoadUserOAuthProvider(session, oAuthToken); } var httpRes = authService.Request.Response as IHttpResponse; if (session.UserAuthId != null) { httpRes?.Cookies.AddPermanentCookie(HttpHeaders.XUserAuthId, session.UserAuthId); } } else { if (hasTokens) { session.UserAuthId = CreateOrMergeAuthSession(session, tokens); } } } try { session.IsAuthenticated = true; session.OnAuthenticated(authService, session, tokens, authInfo); AuthEvents.OnAuthenticated(authService.Request, session, authService, tokens, authInfo); } finally { this.SaveSession(authService, session, SessionExpiry); authService.Request.Items[Keywords.DidAuthenticate] = true; } return(null); }
public static void AuthenticateIfWindowsAuth(IRequest req, IResponse res) { var winAuthProvider = AuthenticateService.GetAuthProvider(Name) as AspNetWindowsAuthProvider; winAuthProvider?.IsAuthorized(req.GetUser()); }
public object Any(GetAccessToken request) { if (!(AuthenticateService.GetAuthProvider(JwtAuthProvider.Name) is JwtAuthProvider jwtAuthProvider)) { throw new NotSupportedException("JwtAuthProvider is not registered"); } if (jwtAuthProvider.RequireSecureConnection && !Request.IsSecureConnection) { throw HttpError.Forbidden(ErrorMessages.JwtRequiresSecureConnection); } if (string.IsNullOrEmpty(request.RefreshToken)) { throw new ArgumentNullException(nameof(request.RefreshToken)); } if (!(AuthRepository is IUserAuthRepository userRepo)) { throw new NotSupportedException("JWT Refresh Tokens requires a registered IUserAuthRepository"); } JsonObject jwtPayload; try { jwtPayload = jwtAuthProvider.GetVerifiedJwtPayload(Request, request.RefreshToken.Split('.')); } catch (ArgumentException) { throw; } catch (Exception ex) { throw new ArgumentException(ex.Message); } jwtAuthProvider.AssertJwtPayloadIsValid(jwtPayload); if (jwtAuthProvider.ValidateRefreshToken != null && !jwtAuthProvider.ValidateRefreshToken(jwtPayload, Request)) { throw new ArgumentException(ErrorMessages.RefreshTokenInvalid, nameof(request.RefreshToken)); } var userId = jwtPayload["sub"]; var userAuth = userRepo.GetUserAuth(userId); if (userAuth == null) { throw HttpError.NotFound(ErrorMessages.UserNotExists); } if (jwtAuthProvider.IsAccountLocked(userRepo, userAuth)) { throw new AuthenticationException(ErrorMessages.UserAccountLocked); } var session = SessionFeature.CreateNewSession(Request, SessionExtensions.CreateRandomSessionId()); jwtAuthProvider.PopulateSession(userRepo, userAuth, session); IEnumerable <string> roles = null, perms = null; if (userRepo is IManageRoles manageRoles && session.UserAuthId != null) { roles = manageRoles.GetRoles(session.UserAuthId); perms = manageRoles.GetPermissions(session.UserAuthId); } var accessToken = jwtAuthProvider.CreateJwtBearerToken(Request, session, roles, perms); return(new GetAccessTokenResponse { AccessToken = accessToken }); }
public override IHttpResult OnAuthenticated(IServiceBase authService, IAuthSession session, IAuthTokens tokens, Dictionary <string, string> authInfo) { var userSession = session as AuthUserSession; if (userSession != null) { LoadUserAuthInfo(userSession, tokens, authInfo); HostContext.TryResolve <IAuthMetadataProvider>().SafeAddMetadata(tokens, authInfo); if (LoadUserAuthFilter != null) { LoadUserAuthFilter(userSession, tokens, authInfo); } } var authRepo = authService.TryResolve <IAuthRepository>(); if (CustomValidationFilter != null) { var ctx = new AuthContext { Service = authService, AuthProvider = this, Session = session, AuthTokens = tokens, AuthInfo = authInfo, AuthRepository = authRepo, }; var response = CustomValidationFilter(ctx); if (response != null) { authService.RemoveSession(); return(response); } } if (authRepo != null) { if (tokens != null) { authInfo.ForEach((x, y) => tokens.Items[x] = y); session.UserAuthId = authRepo.CreateOrMergeAuthSession(session, tokens).UserAuthId.ToString(); } foreach (var oAuthToken in session.ProviderOAuthAccess) { var authProvider = AuthenticateService.GetAuthProvider(oAuthToken.Provider); if (authProvider == null) { continue; } var userAuthProvider = authProvider as OAuthProvider; if (userAuthProvider != null) { userAuthProvider.LoadUserOAuthProvider(session, oAuthToken); } } var httpRes = authService.Request.Response as IHttpResponse; if (httpRes != null) { httpRes.Cookies.AddPermanentCookie(HttpHeaders.XUserAuthId, session.UserAuthId); } var failed = ValidateAccount(authService, authRepo, session, tokens); if (failed != null) { return(failed); } } try { session.IsAuthenticated = true; session.OnAuthenticated(authService, session, tokens, authInfo); AuthEvents.OnAuthenticated(authService.Request, session, authService, tokens, authInfo); } finally { authService.SaveSession(session, SessionExpiry); } return(null); }
public override async Task <IHttpResult> OnAuthenticatedAsync(IServiceBase authService, IAuthSession session, IAuthTokens tokens, Dictionary <string, string> authInfo, CancellationToken token = default) { session.AuthProvider = Name; if (session is AuthUserSession userSession) { await LoadUserAuthInfoAsync(userSession, tokens, authInfo, token).ConfigAwait(); HostContext.TryResolve <IAuthMetadataProvider>().SafeAddMetadata(tokens, authInfo); LoadUserAuthFilter?.Invoke(userSession, tokens, authInfo); if (LoadUserAuthInfoFilterAsync != null) { await LoadUserAuthInfoFilterAsync(userSession, tokens, authInfo, token); } } if (session is IAuthSessionExtended authSession) { // ReSharper disable once MethodHasAsyncOverloadWithCancellation var failed = authSession.Validate(authService, session, tokens, authInfo) ?? await authSession.ValidateAsync(authService, session, tokens, authInfo, token) ?? AuthEvents.Validate(authService, session, tokens, authInfo) ?? (AuthEvents is IAuthEventsAsync asyncEvents ? await asyncEvents.ValidateAsync(authService, session, tokens, authInfo, token) : null); if (failed != null) { await authService.RemoveSessionAsync(token).ConfigAwait(); return(failed); } } var authRepo = GetUserAuthRepositoryAsync(authService.Request); #if NET472 || NETSTANDARD2_0 await using (authRepo as IAsyncDisposable) #else using (authRepo as IDisposable) #endif { if (authRepo != null) { if (tokens != null) { authInfo.ForEach((x, y) => tokens.Items[x] = y); session.UserAuthId = (await authRepo.CreateOrMergeAuthSessionAsync(session, tokens, token)).UserAuthId.ToString(); } foreach (var oAuthToken in session.GetAuthTokens()) { var authProvider = AuthenticateService.GetAuthProvider(oAuthToken.Provider); var userAuthProvider = authProvider as OAuthProvider; userAuthProvider?.LoadUserOAuthProvider(session, oAuthToken); } var failed = await ValidateAccountAsync(authService, authRepo, session, tokens, token).ConfigAwait(); if (failed != null) { return(failed); } } } try { session.IsAuthenticated = true; session.OnAuthenticated(authService, session, tokens, authInfo); if (session is IAuthSessionExtended sessionExt) { await sessionExt.OnAuthenticatedAsync(authService, session, tokens, authInfo, token).ConfigAwait(); } AuthEvents.OnAuthenticated(authService.Request, session, authService, tokens, authInfo); if (AuthEvents is IAuthEventsAsync asyncEvents) { await asyncEvents.OnAuthenticatedAsync(authService.Request, session, authService, tokens, authInfo, token).ConfigAwait(); } } finally { await this.SaveSessionAsync(authService, session, SessionExpiry, token).ConfigAwait(); authService.Request.Items[Keywords.DidAuthenticate] = true; } return(null); }
public virtual IHttpResult OnAuthenticated(IServiceBase authService, IAuthSession session, IAuthTokens tokens, Dictionary <string, string> authInfo) { var userSession = session as AuthUserSession; if (userSession != null) { LoadUserAuthInfo(userSession, tokens, authInfo); if (LoadUserAuthFilter != null) { LoadUserAuthFilter(userSession, tokens, authInfo); } } var authRepo = authService.TryResolve <IAuthRepository>(); if (authRepo != null) { var hasTokens = tokens != null; if (hasTokens) { authInfo.ForEach((x, y) => tokens.Items[x] = y); } var failed = ValidateAccount(authService, authRepo, session, tokens); if (failed != null) { return(failed); } if (hasTokens) { session.UserAuthId = authRepo.CreateOrMergeAuthSession(session, tokens); } authRepo.LoadUserAuth(session, tokens); foreach (var oAuthToken in session.ProviderOAuthAccess) { var authProvider = AuthenticateService.GetAuthProvider(oAuthToken.Provider); if (authProvider == null) { continue; } var userAuthProvider = authProvider as OAuthProvider; if (userAuthProvider != null) { userAuthProvider.LoadUserOAuthProvider(session, oAuthToken); } } var httpRes = authService.Request.Response as IHttpResponse; if (httpRes != null) { httpRes.Cookies.AddPermanentCookie(HttpHeaders.XUserAuthId, session.UserAuthId); } } try { session.IsAuthenticated = true; session.OnAuthenticated(authService, session, tokens, authInfo); } finally { authService.SaveSession(session, SessionExpiry); } return(null); }
public override IHttpResult OnAuthenticated(IServiceBase authService, IAuthSession session, IAuthTokens tokens, Dictionary <string, string> authInfo) { session.AuthProvider = Name; if (session is AuthUserSession userSession) { LoadUserAuthInfo(userSession, tokens, authInfo); HostContext.TryResolve <IAuthMetadataProvider>().SafeAddMetadata(tokens, authInfo); } if (session is IAuthSessionExtended authSession) { var failed = authSession.Validate(authService, session, tokens, authInfo) ?? AuthEvents.Validate(authService, session, tokens, authInfo); if (failed != null) { authService.RemoveSession(); return(failed); } } var authRepo = HostContext.AppHost.GetAuthRepository(authService.Request); using (authRepo as IDisposable) { if (authRepo != null) { if (tokens != null) { authInfo.ForEach((x, y) => tokens.Items[x] = y); session.UserAuthId = authRepo.CreateOrMergeAuthSession(session, tokens).UserAuthId.ToString(); } foreach (var oAuthToken in session.GetAuthTokens()) { var authProvider = AuthenticateService.GetAuthProvider(oAuthToken.Provider); var userAuthProvider = authProvider as OAuthProvider; userAuthProvider?.LoadUserOAuthProvider(session, oAuthToken); } var failed = ValidateAccount(authService, authRepo, session, tokens); if (failed != null) { return(failed); } } } try { session.OnAuthenticated(authService, session, tokens, authInfo); AuthEvents.OnAuthenticated(authService.Request, session, authService, tokens, authInfo); } finally { this.SaveSession(authService, session, SessionExpiry); authService.Request.Items[Keywords.DidAuthenticate] = true; } return(null); }
public virtual bool IsAuthorized(string provider) { var tokens = ProviderOAuthAccess.FirstOrDefault(x => x.Provider == provider); return(AuthenticateService.GetAuthProvider(provider).IsAuthorizedSafe(this, tokens)); }