private static Task HandleFailedAuthenticationAsync(ValidateCredentialsContext context, bool?allowAnonymousAccess = null, string authenticationScheme = "Basic")
{
if (context.Username != "anonymous")
{
return(Task.FromResult(0));
}
var hostOptions = context.HttpContext.RequestServices.GetRequiredService <IOptions <WebDavHostOptions> >();
var allowAnonAccess = allowAnonymousAccess ?? hostOptions.Value.AllowAnonymousAccess;
if (!allowAnonAccess)
{
return(Task.FromResult(0));
}
var groups = Enumerable.Empty <Group>();
var accountInfo = new AccountInfo()
{
Username = context.Username,
HomeDir = hostOptions.Value.AnonymousHomePath,
};
var ticket = CreateAuthenticationTicket(accountInfo, groups, "anonymous", authenticationScheme);
context.Principal = ticket.Principal;
context.Properties = ticket.Properties;
context.Success();
return(Task.FromResult(0));
}
private Task ValidateWindowsTestCredentialsAsync(ValidateCredentialsContext context)
{
var credentials = new List <AccountInfo>()
{
new AccountInfo()
{
Username = "******", Password = "******", HomeDir = "c:\\temp\\tester"
},
}.ToDictionary(x => x.Username, StringComparer.OrdinalIgnoreCase);
if (!credentials.TryGetValue(context.Username, out var accountInfo))
{
return(HandleFailedAuthenticationAsync(context));
}
if (accountInfo.Password != context.Password)
{
context.Fail("Invalid password");
return(Task.FromResult(0));
}
var groups = Enumerable.Empty <Group>();
var ticket = CreateAuthenticationTicket(accountInfo, groups);
context.Principal = ticket.Principal;
context.Properties = ticket.Properties;
context.Success();
return(Task.FromResult(0));
}
public virtual async Task ValidateAsync(ValidateCredentialsContext context)
{
if (string.IsNullOrWhiteSpace(context.Username))
{
context.Fail("User not found.");
return;
}
var sp = context.HttpContext.RequestServices;
var user = await _cache.FindAsync(sp, context.Username);
if (user == null)
{
context.Fail("User not found.");
return;
}
var attempt = _cache.VerifyPassword(sp, user, context.Password);
if (attempt == PasswordVerificationResult.Failed)
{
context.Fail("Login failed, password not match.");
return;
}
context.Principal = await _cache.IssueAsync(sp, user, false);
context.Success();
}
public async Task CheckUser(ValidateCredentialsContext context, CancellationToken cancellationToken)
{
var userName = context.Username;
logger.LogInformation("Authenticating the user {UserName} ...", userName);
var userId = await userAuthenticator.AuthenticateUser(userName, context.Password, cancellationToken);
if (userId != null)
{
logger.LogInformation("The user {UserName} was authenticated successfully", userName);
var claims = new[]
{
new Claim(ClaimTypes.NameIdentifier, userId),
new Claim(ClaimTypes.Name, userName),
};
context.Principal = new ClaimsPrincipal(new ClaimsIdentity(claims, context.Scheme.Name));
context.Success();
return;
}
logger.LogWarning("Failed to authenticate user {UserName}", userName);
context.Fail("The user name or password is incorrect");
}
private Task ValidateLinuxTestCredentialsAsync(ValidateCredentialsContext context)
{
if (!Npam.NpamUser.Authenticate("passwd", context.Username, context.Password))
{
return(HandleFailedAuthenticationAsync(context));
}
var groups = Npam.NpamUser.GetGroups(context.Username).ToList();
var accountInfo = Npam.NpamUser.GetAccountInfo(context.Username);
var ticket = CreateAuthenticationTicket(accountInfo, groups);
context.Principal = ticket.Principal;
context.Properties = ticket.Properties;
context.Success();
return(Task.FromResult(0));
}