public async Task <ActionResult> Index(string id, string code)
{
var ctx = Request.GetOwinContext();
var user = await ctx.Environment.GetIdentityServerPartialLoginAsync();
if (user == null)
{
return(View("Error"));
}
var subjectid = user.FindFirst("sub").Value;
var context = Request.GetOwinContext();
var env = Request.GetOwinContext().Environment;
var signInMessage = env.GetSignInMessage(id);
OwinEnvironmentService owin = new OwinEnvironmentService(env);
MidasUserService userService = new MidasUserService(owin);
if (!(await userService.VerifyTwoFactorTokenAsync(subjectid, code, signInMessage)))
{
ViewData["message"] = "Incorrect code";
return(View("Index"));
}
var claims = user.Claims.Where(c => c.Type != "amr").ToList();
claims.Add(new Claim("amr", "2fa"));
await ctx.Environment.UpdatePartialLoginClaimsAsync(claims);
var resumeUrl = await ctx.Environment.GetPartialLoginResumeUrlAsync();
return(Redirect(resumeUrl));
}
public AuthenticationController(
OwinEnvironmentService owin,
IViewService viewService,
IUserService userService,
IdentityServerOptions idSvrOptions,
IClientStore clientStore,
IEventService eventService,
ILocalizationService localizationService,
SessionCookie sessionCookie,
MessageCookie <SignInMessage> signInMessageCookie,
MessageCookie <SignOutMessage> signOutMessageCookie,
LastUserNameCookie lastUsernameCookie,
AntiForgeryToken antiForgeryToken)
{
this.context = new OwinContext(owin.Environment);
this.viewService = viewService;
this.userService = userService;
this.options = idSvrOptions;
this.clientStore = clientStore;
this.eventService = eventService;
this.localizationService = localizationService;
this.sessionCookie = sessionCookie;
this.signInMessageCookie = signInMessageCookie;
this.signOutMessageCookie = signOutMessageCookie;
this.lastUserNameCookie = lastUsernameCookie;
this.antiForgeryToken = antiForgeryToken;
}
public ClientSecretValidator(IClientStore clients, IEnumerable <ISecretParser> parsers, IEnumerable <ISecretValidator> validators, OwinEnvironmentService environment)
{
_clients = clients;
_parsers = parsers;
_validators = validators;
_environment = environment;
}
public ClientSecretValidator(IClientStore clients, SecretParser parser, SecretValidator validator, OwinEnvironmentService environment, IEventService events)
{
_clients = clients;
_parser = parser;
_validator = validator;
_environment = environment;
_events = events;
}
public ScopeSecretValidator(IScopeStore scopes, IEnumerable <ISecretParser> parsers, IEnumerable <ISecretValidator> validators, OwinEnvironmentService environment, IEventService events)
{
_scopes = scopes;
_parsers = parsers;
_validators = validators;
_environment = environment;
_events = events;
}
public ScopeSecretValidator(IScopeStore scopes, SecretParser parsers, SecretValidator validator, OwinEnvironmentService environment, IEventService events)
{
_scopes = scopes;
_environment = environment;
_parser = parsers;
_validator = validator;
_events = events;
}
/// <summary>
/// Initializes a new instance of the <see cref="DefaultTokenService" /> class.
/// </summary>
/// <param name="options">The options.</param>
/// <param name="claimsProvider">The claims provider.</param>
/// <param name="tokenHandles">The token handles.</param>
/// <param name="signingService">The signing service.</param>
/// <param name="events">The OWIN environment service.</param>
/// <param name="owinEnvironmentService">The events service.</param>
public DefaultTokenService(IdentityServerOptions options, IClaimsProvider claimsProvider, ITokenHandleStore tokenHandles, ITokenSigningService signingService, IEventService events, OwinEnvironmentService owinEnvironmentService)
{
_options = options;
_claimsProvider = claimsProvider;
_tokenHandles = tokenHandles;
_signingService = signingService;
_events = events;
_owinEnvironmentService = owinEnvironmentService;
}
public TokenService(
IdentityServerOptions options,
IClaimsProvider claimsProvider,
ITokenHandleStore tokenHandles,
ITokenSigningService signingService,
IEventService events,
OwinEnvironmentService owinEnvironmentService)
: base(options, claimsProvider, tokenHandles, signingService, events, owinEnvironmentService)
{
}
public GlobalizedLocalizationService(OwinEnvironmentService owinEnvironmentService, LocaleOptions options = null)
{
_owinEnvironmentService = owinEnvironmentService;
if (owinEnvironmentService == null)
{
throw new ArgumentException(@"Cannot be null. Is needed for LocaleProvider Func API. Did you register this service correctly?", "owinEnvironmentService");
}
_internalOpts = options ?? new LocaleOptions();
_owinEnvironmentService = owinEnvironmentService;
}
public ImpersonateUserService(
OwinEnvironmentService owinEnvironmentService,
IConfigurationManager configurationManager,
IPermissionService permissionService,
IUserService userService)
{
_owinContext = new OwinContext(owinEnvironmentService.Environment);
_configurationManager = configurationManager;
_userService = userService;
_permissionService = permissionService;
}
public virtual void Arrange()
{
_requestQueryString = new Dictionary <string, string[]>();
_owinEnvironmentService = new OwinEnvironmentService(new Dictionary <string, object>
{
{ "Microsoft.Owin.Query#dictionary", _requestQueryString }
});
_mediator = new Mock <IMediator>();
_userService = new UserService(_owinEnvironmentService, _mediator.Object);
}
public virtual void Configure(IAppBuilder owinApp)
{
if (owinApp == null)
{
throw new ArgumentNullException(nameof(owinApp));
}
owinApp.Map("/core", coreApp =>
{
LogProvider.SetCurrentLogProvider(DependencyManager.Resolve <ILogProvider>());
IdentityServerServiceFactory factory = new IdentityServerServiceFactory()
.UseInMemoryClients(DependencyManager.Resolve <IOAuthClientsProvider>().GetClients().ToArray())
.UseInMemoryScopes(ScopesProvider.GetScopes());
IUserService ResolveUserService(IdentityServer3.Core.Services.IDependencyResolver resolver)
{
OwinEnvironmentService owinEnv = resolver.Resolve <OwinEnvironmentService>();
IOwinContext owinContext = new OwinContext(owinEnv.Environment);
IUserService userService = owinContext.GetDependencyResolver().Resolve <IUserService>();
return(userService);
}
factory.UserService = new Registration <IUserService>(ResolveUserService);
IEventService ResolveEventService(IdentityServer3.Core.Services.IDependencyResolver resolver)
{
OwinEnvironmentService owinEnv = resolver.Resolve <OwinEnvironmentService>();
IOwinContext owinContext = new OwinContext(owinEnv.Environment);
if (owinContext.TryGetDependencyResolver(out Core.Contracts.IDependencyResolver? dependencyResolver))
{
IRequestInformationProvider requestInformationProvider = dependencyResolver.Resolve <IRequestInformationProvider>();
if (IPAddress.TryParse(requestInformationProvider.ClientIp, out IPAddress _))
{
owinContext.Request.RemoteIpAddress = requestInformationProvider.ClientIp;
}
else
{
owinContext.Request.RemoteIpAddress = "::1";
}
return(dependencyResolver.Resolve <IEventService>());
}
else
{
return(new FakeEventService {
});
}
}
public void FetchesResrouceBasedOnOwinEnvironment()
{
IDictionary <string, object> environment = new Dictionary <string, object>();
environment["UserSettings.Language"] = "nb-NO";
var owinEnvironmentService = new OwinEnvironmentService(environment);
var options = new LocaleOptions
{
LocaleProvider = env => env["UserSettings.Language"].ToString()
};
var service = new GlobalizedLocalizationService(owinEnvironmentService, options);
var norwegianString = service.GetString(IdSrvConstants.Messages, MessageIds.MissingClientId);
Assert.Equal("ClientId mangler", norwegianString);
}
public virtual void Configure(IAppBuilder owinApp)
{
if (owinApp == null)
{
throw new ArgumentNullException(nameof(owinApp));
}
owinApp.Map("/core", coreApp =>
{
LogProvider.SetCurrentLogProvider(DependencyManager.Resolve <ILogProvider>());
IdentityServerServiceFactory factory = new IdentityServerServiceFactory()
.UseInMemoryClients(DependencyManager.Resolve <IOAuthClientsProvider>().GetClients().ToArray())
.UseInMemoryScopes(ScopesProvider.GetScopes());
IUserService ResolveUserService(IdentityServer3.Core.Services.IDependencyResolver resolver)
{
OwinEnvironmentService owinEnv = resolver.Resolve <OwinEnvironmentService>();
IOwinContext owinContext = new OwinContext(owinEnv.Environment);
IUserService userService = owinContext.GetDependencyResolver().Resolve <IUserService>();
return(userService);
}
factory.UserService = new Registration <IUserService>(ResolveUserService);
IEventService ResolveEventService(IdentityServer3.Core.Services.IDependencyResolver resolver)
{
OwinEnvironmentService owinEnv = resolver.Resolve <OwinEnvironmentService>();
IOwinContext owinContext = new OwinContext(owinEnv.Environment);
if (owinContext.TryGetDependencyResolver(out Core.Contracts.IDependencyResolver dependencyResolver))
{
IRequestInformationProvider requestInformationProvider = dependencyResolver.Resolve <IRequestInformationProvider>();
owinEnv.Environment["server.RemoteIpAddress"] = requestInformationProvider.ClientIp ?? "::1"; // some test hosts won't provide remote ip address request feature and idSrv requires it in event sevice decorator.
return(dependencyResolver.Resolve <IEventService>());
}
else
{
return(new FakeEventService {
});
}
}
public EventServiceDecorator(IdentityServerOptions options, OwinEnvironmentService owinEnvironment, IEventService inner)
{
this.options = options;
this.context = new OwinContext(owinEnvironment.Environment);
this.inner = inner;
}
public virtual void Configure(IAppBuilder owinApp)
{
if (owinApp == null)
{
throw new ArgumentNullException(nameof(owinApp));
}
owinApp.Map("/core", coreApp =>
{
LogProvider.SetCurrentLogProvider(DependencyManager.Resolve <ILogProvider>());
IdentityServerServiceFactory factory = new IdentityServerServiceFactory()
.UseInMemoryClients(DependencyManager.Resolve <IOAuthClientsProvider>().GetClients().ToArray())
.UseInMemoryScopes(ScopesProvider.GetScopes());
IUserService ResolveUserService(IdentityServer3.Core.Services.IDependencyResolver resolver)
{
OwinEnvironmentService owinEnv = resolver.Resolve <OwinEnvironmentService>();
IOwinContext owinContext = new OwinContext(owinEnv.Environment);
IUserService userService = owinContext.GetDependencyResolver().Resolve <IUserService>();
if (userService is UserService bitUserService)
{
bitUserService.CurrentCancellationToken = owinContext.Request.CallCancelled;
}
return(userService);
}
factory.UserService = new Registration <IUserService>(ResolveUserService);
factory.EventService = new Registration <IEventService>(EventService);
IViewService ResolveViewService(IdentityServer3.Core.Services.IDependencyResolver resolver)
{
OwinEnvironmentService owinEnv = resolver.Resolve <OwinEnvironmentService>();
IOwinContext owinContext = new OwinContext(owinEnv.Environment);
return(owinContext.GetDependencyResolver().Resolve <IViewService>());
}
factory.ViewService = new Registration <IViewService>(ResolveViewService);
factory.RedirectUriValidator = new Registration <IRedirectUriValidator>(RedirectUriValidator);
bool requireSslConfigValue = AppEnvironment.GetConfig("RequireSsl", defaultValueOnNotFound: false);
string identityServerSiteName = AppEnvironment.GetConfig("IdentityServerSiteName", $"{AppEnvironment.AppInfo.Name} Identity Server");
IdentityServerOptions identityServerOptions = new IdentityServerOptions
{
SiteName = identityServerSiteName,
SigningCertificate = AppCertificatesProvider.GetSingleSignOnCertificate(),
Factory = factory,
RequireSsl = requireSslConfigValue,
EnableWelcomePage = AppEnvironment.DebugMode == true,
IssuerUri = AppEnvironment.GetSsoIssuerName(),
CspOptions = new CspOptions
{
// Content security policy
Enabled = false
},
Endpoints = new EndpointOptions
{
EnableAccessTokenValidationEndpoint = true,
EnableAuthorizeEndpoint = true,
EnableCheckSessionEndpoint = true,
EnableClientPermissionsEndpoint = true,
EnableCspReportEndpoint = true,
EnableDiscoveryEndpoint = true,
EnableEndSessionEndpoint = true,
EnableIdentityTokenValidationEndpoint = true,
EnableIntrospectionEndpoint = true,
EnableTokenEndpoint = true,
EnableTokenRevocationEndpoint = true,
EnableUserInfoEndpoint = true
},
EventsOptions = new EventsOptions
{
RaiseErrorEvents = true,
RaiseFailureEvents = true
},
AuthenticationOptions = new AuthenticationOptions
{
IdentityProviders = ConfigureIdentityProviders
}
};
foreach (IIdentityServerOptionsCustomizer customizer in Customizers)
{
customizer.Customize(identityServerOptions);
}
coreApp.UseIdentityServer(identityServerOptions);
});
}
public UserService(OwinEnvironmentService owinEnv)
{
ctx = new OwinContext(owinEnv.Environment);
}
public MyCustomClaimsProvider(ICustomLogger logger, IUserService userSvc, OwinEnvironmentService owin)
: base(userSvc)
{
this.logger = logger;
this.logger.Log("yay, custom type was injected");
}
public SignInResponseGenerator(IdentityServerOptions options, IUserService users, OwinEnvironmentService owinEnvironment, ICustomWsFederationClaimsService customClaimsService)
{
_options = options;
_users = users;
_environment = owinEnvironment.Environment;
_customClaimsService = customClaimsService;
}
/// <summary>
/// Initializes a new instance of the <see cref="DefaultTokenService" /> class.
/// </summary>
/// <param name="options">The options.</param>
/// <param name="claimsProvider">The claims provider.</param>
/// <param name="tokenHandles">The token handles.</param>
/// <param name="signingService">The signing service.</param>
/// <param name="events">The events service.</param>
/// <param name="owinEnvironmentService">The OWIN environment service.</param>
public DefaultTokenService(IdentityServerOptions options, IClaimsProvider claimsProvider, ITokenHandleStore tokenHandles, ITokenSigningService signingService, IEventService events, OwinEnvironmentService owinEnvironmentService)
: this(options, claimsProvider, tokenHandles, signingService, events, new OwinContext(owinEnvironmentService.Environment).GetIdentityServerIssuerUri())
{
}
public CustomLoginPageUserService(OwinEnvironmentService owinEnv)
{
ctx = new OwinContext(owinEnv.Environment);
}
/// <summary>
/// Initializes a new instance of the <see cref="DefaultTokenService" /> class.
/// </summary>
/// <param name="options">The options.</param>
/// <param name="claimsProvider">The claims provider.</param>
/// <param name="tokenHandles">The token handles.</param>
/// <param name="signingService">The signing service.</param>
/// <param name="events">The OWIN environment service.</param>
/// <param name="owinEnvironmentService">The events service.</param>
public DefaultTokenService(IdentityServerOptions options, IClaimsProvider claimsProvider, ITokenHandleStore tokenHandles, ITokenSigningService signingService, IEventService events, OwinEnvironmentService owinEnvironmentService)
{
_options = options;
_claimsProvider = claimsProvider;
_tokenHandles = tokenHandles;
_signingService = signingService;
_events = events;
_owinEnvironmentService = owinEnvironmentService;
}
public TokenValidator(IdentityServerOptions options, IClientStore clients, ITokenHandleStore tokenHandles, ICustomTokenValidator customValidator, OwinEnvironmentService owinEnvironment, ISigningKeyService keyService, ICertificateSigningKeyService certificateKeyService)
{
_options = options;
_clients = clients;
_tokenHandles = tokenHandles;
_customValidator = customValidator;
_context = new OwinContext(owinEnvironment.Environment);
_keyService = keyService;
_certificateKeyService = certificateKeyService;
_log = new TokenValidationLog();
}
public AuthorizeResponseGenerator(ITokenService tokenService, IAuthorizationCodeStore authorizationCodes, IEventService events, OwinEnvironmentService owinEnvironmentService)
{
_tokenService = tokenService;
_authorizationCodes = authorizationCodes;
_events = events;
_context = new OwinContext(owinEnvironmentService.Environment);
}
public JetonUserService(OwinEnvironmentService env)
{
_userRepository = new UserRepository();
_owinEnv = env;
}
public MetadataResponseGenerator(IdentityServerOptions options, OwinEnvironmentService owin)
{
_options = options;
_environment = owin.Environment;
}
public HrdUserService(OwinEnvironmentService env)
: base(users)
{
this.context = new OwinContext(env.Environment);
}
public AlwaysInvalidAccessTokenValidator(IdentityServerOptions options, IClientStore clients, ITokenHandleStore tokenHandles, ICustomTokenValidator customValidator, OwinEnvironmentService context)
: base(options, clients, tokenHandles, customValidator, context, new DefaultSigningKeyService(options))
{
}
public ExternalRegistrationUserService(OwinEnvironmentService owinService, IConfigurationService configService)
{
this.owinService = owinService;
this.configService = configService;
}
public UserService(OwinEnvironmentService oes)
{
_oes = oes;
}
public TokenValidator(IdentityServerOptions options, IClientStore clients, ITokenHandleStore tokenHandles, ICustomTokenValidator customValidator, OwinEnvironmentService owinEnvironment, ISigningKeyService keyService)
: this(options, clients, tokenHandles, customValidator, new OwinContext(owinEnvironment.Environment).GetIdentityServerIssuerUri(), keyService)
{
}