コード例 #1
0
        public async Task <IActionResult> IssueToken(
            [FromBody] BearerTokenRequest model,
            [FromHeader(Name = ActiveTenant.Constants.MultiTenancy.ApplicationHeader)]
            string application,
            [FromHeader(Name = ActiveTenant.Constants.MultiTenancy.TenantHeader)]
            string tenant,
            [FromHeader(Name = ActiveVersion.Constants.Versioning.VersionHeader)]
            string version
            )
        {
            if (!this.TryValidateModelOrError(ModelState, ErrorEvents.ValidationFailed,
                                              ErrorStrings.ValidationFailed, out var error))
            {
                return(error);
            }

            // FIXME: pin claims transformation to user-provided scope
            var operation = await _signInService.SignInAsync(model.IdentityType, model.Identity, model.Password);

            if (!operation.Succeeded)
            {
                return(operation.ToResult());
            }

            var token = _fabricator.CreateToken(operation.Data);

            return(Ok(new { AccessToken = token }));
        }
コード例 #2
0
        public Task <IActionResult> IssueToken([FromBody] BearerTokenRequest model,
                                               [FromHeader(Name = ActiveTenant.Constants.MultiTenancy.ApplicationHeader)]
                                               string application,
                                               [FromHeader(Name = ActiveTenant.Constants.MultiTenancy.TenantHeader)]
                                               string tenant,
                                               [FromHeader(Name = ActiveVersion.Constants.Versioning.VersionHeader)]
                                               string version)
        {
            if (!this.TryValidateModelOrError(ModelState, ErrorEvents.ValidationFailed, ErrorStrings.ValidationFailed,
                                              out var error))
            {
                return(Task.FromResult((IActionResult)error));
            }

            bool isSuperUser;
            var  superUser = _options.Value;

            switch (model.IdentityType)
            {
            case IdentityType.Username:
                isSuperUser = superUser.Username == model.Identity;
                if (!isSuperUser)
                {
                    return(this.NotFoundAsync());
                }
                break;

            case IdentityType.Email:
                isSuperUser = superUser.Email == model.Identity;
                if (!isSuperUser)
                {
                    return(this.NotFoundAsync());
                }
                break;

            case IdentityType.PhoneNumber:
                isSuperUser = superUser.PhoneNumber == model.Identity;
                if (!isSuperUser)
                {
                    return(this.NotFoundAsync());
                }
                break;

            default:
                throw new ArgumentOutOfRangeException();
            }

            if (!Utilities.Compare(Encoding.UTF8.GetBytes(model.Password),
                                   Encoding.UTF8.GetBytes(_options.Value.Password)))
            {
                return(this.UnauthorizedAsync());
            }

            var claims = new List <Claim>
            {
                new Claim(_claimNameProvider?.RoleClaim ?? ClaimTypes.Role,
                          Constants.ClaimValues.SuperUser)
            };

            var user = typeof(TKey) != typeof(Guid)
                                ? typeof(TKey).IsNumeric()
                                        ? new { Id = Constants.SuperUserNumberId }.QuackLike <IUserIdProvider <TKey> >()
                                        : new { Id = Constants.SuperUserStringId }.QuackLike <IUserIdProvider <TKey> >()
                                : new { Id = Constants.SuperUserGuidId }.QuackLike <IUserIdProvider <TKey> >();

            var token = _fabricator.CreateToken(user, claims);

            var response = new BearerTokenResponse
            {
                IdentityType = model.IdentityType,
                AccessToken  = token
            };

            return(Task.FromResult((IActionResult)Ok(response)));
        }