/// <summary>
/// This will return the current back office identity.
/// </summary>
/// <param name="http"></param>
/// <param name="authenticateRequestIfNotFound">
/// If set to true and a back office identity is not found and not authenticated, this will attempt to authenticate the
/// request just as is done in the Umbraco module and then set the current identity if it is valid.
/// Just like in the UmbracoModule, if this is true then the user's culture will be assigned to the request.
/// </param>
/// <returns>
/// Returns the current back office identity if an admin is authenticated otherwise null
/// </returns>
public static UmbracoBackOfficeIdentity GetCurrentIdentity(this HttpContextBase http, bool authenticateRequestIfNotFound)
{
if (http == null)
{
throw new ArgumentNullException(nameof(http));
}
if (http.User == null)
{
return(null); //there's no user at all so no identity
}
//If it's already a UmbracoBackOfficeIdentity
var backOfficeIdentity = http.User.GetUmbracoIdentity();
if (backOfficeIdentity != null)
{
return(backOfficeIdentity);
}
if (authenticateRequestIfNotFound == false)
{
return(null);
}
//even if authenticateRequestIfNotFound is true we cannot continue if the request is actually authenticated
// which would mean something strange is going on that it is not an umbraco identity.
if (http.User.Identity.IsAuthenticated)
{
return(null);
}
//So the user is not authed but we've been asked to do the auth if authenticateRequestIfNotFound = true,
// which might occur in old webforms style things or for routes that aren't included as a back office request.
// in this case, we are just reverting to authing using the cookie.
// TODO: Even though this is in theory legacy, we have legacy bits laying around and we'd need to do the auth based on
// how the Module will eventually do it (by calling in to any registered authenticators).
var ticket = http.GetUmbracoAuthTicket();
if (http.AuthenticateCurrentRequest(ticket, true))
{
//now we 'should have an umbraco identity
return(http.User.Identity as UmbracoBackOfficeIdentity);
}
return(null);
}
private void ReAuthenticate()
{
// response cookie collection CREATES a cookie when asked for it!
var cookie = _context.Response.Cookies.AllKeys.Contains(CookieName)
? _context.Response.Cookies[CookieName]
: null;
// clear UmbracoBackOfficeIdentity internal cache - should be done in Umbraco
_context.Items.Remove(typeof(UmbracoBackOfficeIdentity));
// authenticate
if (cookie == null)
{
return;
}
var ticket = FormsAuthentication.Decrypt(cookie.Value);
_context.AuthenticateCurrentRequest(ticket, false);
}
/// <summary>
/// This will return the current back office identity.
/// </summary>
/// <param name="http"></param>
/// <param name="authenticateRequestIfNotFound">
/// If set to true and a back office identity is not found and not authenticated, this will attempt to authenticate the
/// request just as is done in the Umbraco module and then set the current identity if it is valid.
/// Just like in the UmbracoModule, if this is true then the user's culture will be assigned to the request.
/// </param>
/// <returns>
/// Returns the current back office identity if an admin is authenticated otherwise null
/// </returns>
public static UmbracoBackOfficeIdentity GetCurrentIdentity(this HttpContextBase http, bool authenticateRequestIfNotFound)
{
if (http == null)
{
throw new ArgumentNullException("http");
}
if (http.User == null)
{
return(null); //there's no user at all so no identity
}
//If it's already a UmbracoBackOfficeIdentity
var backOfficeIdentity = http.User.Identity as UmbracoBackOfficeIdentity;
if (backOfficeIdentity != null)
{
return(backOfficeIdentity);
}
//Otherwise convert to a UmbracoBackOfficeIdentity if it's auth'd and has the back office session
var claimsIdentity = http.User.Identity as ClaimsIdentity;
if (claimsIdentity != null && claimsIdentity.IsAuthenticated)
{
try
{
return(UmbracoBackOfficeIdentity.FromClaimsIdentity(claimsIdentity));
}
catch (InvalidOperationException ex)
{
//This will occur if the required claim types are missing which would mean something strange is going on
LogHelper.Error(typeof(AuthenticationExtensions), "The current identity cannot be converted to " + typeof(UmbracoBackOfficeIdentity), ex);
}
}
if (authenticateRequestIfNotFound == false)
{
return(null);
}
//even if authenticateRequestIfNotFound is true we cannot continue if the request is actually authenticated
// which would mean something strange is going on that it is not an umbraco identity.
if (http.User.Identity.IsAuthenticated)
{
return(null);
}
//So the user is not authed but we've been asked to do the auth if authenticateRequestIfNotFound = true,
// which might occur in old webforms style things or for routes that aren't included as a back office request.
// in this case, we are just reverting to authing using the cookie.
// TODO: Even though this is in theory legacy, we have legacy bits laying around and we'd need to do the auth based on
// how the Module will eventually do it (by calling in to any registered authenticators).
var ticket = http.GetUmbracoAuthTicket();
if (http.AuthenticateCurrentRequest(ticket, true))
{
//now we 'should have an umbraco identity
return(http.User.Identity as UmbracoBackOfficeIdentity);
}
return(null);
}
