private void PopulateUserSessionWithIsInRole(IRequest req, IPrincipal user, IAuthSession session)
{
foreach (var role in AllRoles.Safe())
{
if (session.Roles.Contains(role))
{
continue;
}
if (user.IsInRole(role))
{
session.Roles.AddIfNotExists(role);
}
}
}
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request)
{
var user = authService.Request.GetUser();
var userName = user.GetUserName();
if (!LoginMatchesSession(session, userName))
{
authService.RemoveSession();
session = authService.GetSession();
}
if (IsAuthorized(user))
{
session.IsAuthenticated = true;
if (session.UserAuthName == null)
{
session.UserAuthName = userName;
}
var aspReq = (HttpRequestBase)authService.Request.OriginalRequest;
var loginUser = aspReq.ServerVariables["LOGON_USER"].ToNullIfEmpty();
var remoteUser = aspReq.ServerVariables["REMOTE_USER"].ToNullIfEmpty();
var identityName = aspReq.LogonUserIdentity != null ? aspReq.LogonUserIdentity.Name : null;
session.DisplayName = loginUser
?? remoteUser
?? identityName;
var tokens = new AuthTokens {
Provider = Name,
UserName = userName,
DisplayName = session.DisplayName,
Items = new Dictionary <string, string> {
{ "LOGON_USER", loginUser },
{ "REMOTE_USER", remoteUser },
{ "LogonUserIdentityName", identityName },
}
};
session.ReferrerUrl = GetReferrerUrl(authService, session, request);
var response = OnAuthenticated(authService, session, tokens, new Dictionary <string, string>());
if (session.Roles == null)
{
session.Roles = new List <string>();
}
foreach (var role in AllRoles.Safe())
{
if (user.IsInRole(role))
{
session.Roles.AddIfNotExists(role);
}
}
SaveSession(authService, session, SessionExpiry);
if (response != null)
{
return(response);
}
return(new AuthenticateResponse
{
UserName = userName,
SessionId = session.Id,
DisplayName = session.DisplayName,
ReferrerUrl = request.Continue
});
}
throw HttpError.Unauthorized(ErrorMessages.WindowsAuthFailed);
}