/// <summary> /// This will return the current back office identity. /// </summary> /// <param name="http"></param> /// <param name="authenticateRequestIfNotFound"> /// If set to true and a back office identity is not found and not authenticated, this will attempt to authenticate the /// request just as is done in the Umbraco module and then set the current identity if it is valid. /// Just like in the UmbracoModule, if this is true then the user's culture will be assigned to the request. /// </param> /// <returns> /// Returns the current back office identity if an admin is authenticated otherwise null /// </returns> public static UmbracoBackOfficeIdentity GetCurrentIdentity(this HttpContextBase http, bool authenticateRequestIfNotFound) { if (http == null) { throw new ArgumentNullException(nameof(http)); } if (http.User == null) { return(null); //there's no user at all so no identity } //If it's already a UmbracoBackOfficeIdentity var backOfficeIdentity = http.User.GetUmbracoIdentity(); if (backOfficeIdentity != null) { return(backOfficeIdentity); } if (authenticateRequestIfNotFound == false) { return(null); } //even if authenticateRequestIfNotFound is true we cannot continue if the request is actually authenticated // which would mean something strange is going on that it is not an umbraco identity. if (http.User.Identity.IsAuthenticated) { return(null); } //So the user is not authed but we've been asked to do the auth if authenticateRequestIfNotFound = true, // which might occur in old webforms style things or for routes that aren't included as a back office request. // in this case, we are just reverting to authing using the cookie. // TODO: Even though this is in theory legacy, we have legacy bits laying around and we'd need to do the auth based on // how the Module will eventually do it (by calling in to any registered authenticators). var ticket = http.GetUmbracoAuthTicket(); if (http.AuthenticateCurrentRequest(ticket, true)) { //now we 'should have an umbraco identity return(http.User.Identity as UmbracoBackOfficeIdentity); } return(null); }
private void ReAuthenticate() { // response cookie collection CREATES a cookie when asked for it! var cookie = _context.Response.Cookies.AllKeys.Contains(CookieName) ? _context.Response.Cookies[CookieName] : null; // clear UmbracoBackOfficeIdentity internal cache - should be done in Umbraco _context.Items.Remove(typeof(UmbracoBackOfficeIdentity)); // authenticate if (cookie == null) { return; } var ticket = FormsAuthentication.Decrypt(cookie.Value); _context.AuthenticateCurrentRequest(ticket, false); }
/// <summary> /// This will return the current back office identity. /// </summary> /// <param name="http"></param> /// <param name="authenticateRequestIfNotFound"> /// If set to true and a back office identity is not found and not authenticated, this will attempt to authenticate the /// request just as is done in the Umbraco module and then set the current identity if it is valid. /// Just like in the UmbracoModule, if this is true then the user's culture will be assigned to the request. /// </param> /// <returns> /// Returns the current back office identity if an admin is authenticated otherwise null /// </returns> public static UmbracoBackOfficeIdentity GetCurrentIdentity(this HttpContextBase http, bool authenticateRequestIfNotFound) { if (http == null) { throw new ArgumentNullException("http"); } if (http.User == null) { return(null); //there's no user at all so no identity } //If it's already a UmbracoBackOfficeIdentity var backOfficeIdentity = http.User.Identity as UmbracoBackOfficeIdentity; if (backOfficeIdentity != null) { return(backOfficeIdentity); } //Otherwise convert to a UmbracoBackOfficeIdentity if it's auth'd and has the back office session var claimsIdentity = http.User.Identity as ClaimsIdentity; if (claimsIdentity != null && claimsIdentity.IsAuthenticated) { try { return(UmbracoBackOfficeIdentity.FromClaimsIdentity(claimsIdentity)); } catch (InvalidOperationException ex) { //This will occur if the required claim types are missing which would mean something strange is going on LogHelper.Error(typeof(AuthenticationExtensions), "The current identity cannot be converted to " + typeof(UmbracoBackOfficeIdentity), ex); } } if (authenticateRequestIfNotFound == false) { return(null); } //even if authenticateRequestIfNotFound is true we cannot continue if the request is actually authenticated // which would mean something strange is going on that it is not an umbraco identity. if (http.User.Identity.IsAuthenticated) { return(null); } //So the user is not authed but we've been asked to do the auth if authenticateRequestIfNotFound = true, // which might occur in old webforms style things or for routes that aren't included as a back office request. // in this case, we are just reverting to authing using the cookie. // TODO: Even though this is in theory legacy, we have legacy bits laying around and we'd need to do the auth based on // how the Module will eventually do it (by calling in to any registered authenticators). var ticket = http.GetUmbracoAuthTicket(); if (http.AuthenticateCurrentRequest(ticket, true)) { //now we 'should have an umbraco identity return(http.User.Identity as UmbracoBackOfficeIdentity); } return(null); }