/// <summary> /// Executes the workflow to do user authentication. /// </summary> /// <param name="request">The request.</param> /// <returns>The response.</returns> protected override UserAuthenticationResponse Process(UserAuthenticationRequest request) { ThrowIf.Null(request, "request"); Device device = null; CommerceIdentity identity; Employee employee; string deviceId = string.IsNullOrWhiteSpace(request.DeviceId) ? request.RequestContext.GetPrincipal().DeviceNumber : request.DeviceId; string deviceToken = string.IsNullOrWhiteSpace(request.DeviceToken) ? request.RequestContext.GetPrincipal().DeviceToken : request.DeviceToken; try { // Authenticate device only when the device token is specified if (!string.IsNullOrWhiteSpace(deviceToken)) { device = AuthenticationHelper.AuthenticateDevice( this.Context, deviceToken); } // User logs on. employee = AuthenticationHelper.AuthenticateAndAuthorizeUser(request, device); identity = new CommerceIdentity(employee, device); // If the request is for elevate operation if (request.RetailOperation != RetailOperation.None) { // Add the Elevation properties to the claim. identity.OriginalUserId = this.Context.GetPrincipal().UserId; identity.ElevatedRetailOperation = request.RetailOperation; // successful manager override for operation with id and operator with id var message = string.Format( "Manager with id '{0}' has approved override for operation with id '{1}' to the operator with id '{2}'.", request.StaffId, identity.ElevatedRetailOperation, identity.OriginalUserId); LogAuditEntry(request.RequestContext, "ElevateUser", message); } return(new UserAuthenticationResponse(employee, device, identity)); } catch (Exception exception) { RetailLogger.Log.CrtWorkflowUserAuthenticationRequestHandlerFailure(request.StaffId, deviceId, exception); throw; } }