} //for quicker serialization
public User(Credentials credentials,
AuthenticationToken token,
UserStatus status,
string name,
string descr,
Rights rights)
{
m_Credentials = credentials;
m_AuthenticationToken = token;
m_Status = status;
m_Name = name;
m_Description = descr;
m_Rights = rights;
m_StatusTimeStampUTC = App.TimeSource.UTCNow;
}
} //for quicker serialization
public User(Credentials credentials,
AuthenticationToken token,
UserStatus status,
string name,
string descr,
Rights rights,
DateTime?utcNow = null)
{
m_Credentials = credentials;
m_AuthenticationToken = token;
m_Status = status;
m_Name = name;
m_Description = descr;
m_Rights = rights;
m_StatusTimeStampUTC = utcNow ?? Ambient.UTCNow;
}
/// <summary>
/// Framework-internal. Do not call
/// </summary>
public void ___update_status(
UserStatus status,
string name,
string descr,
Rights rights)
{
if (object.ReferenceEquals(this, s_FakeUserInstance))
{
return; //Fake user is immutable
}
m_Status = status;
m_Name = name;
m_Description = descr;
m_Rights = rights;
m_StatusTimeStampUTC = App.TimeSource.UTCNow;
}
public User Authenticate(Credentials credentials)
{
var sect = m_Config ?? App.ConfigRoot[CommonApplicationLogic.CONFIG_SECURITY_SECTION];
if (sect.Exists && credentials is IDPasswordCredentials)
{
var idpass = (IDPasswordCredentials)credentials;
var usern = findUserNode(sect, idpass);
if (usern.Exists)
{
var name = usern.AttrByName(CONFIG_NAME_ATTR).ValueAsString(string.Empty);
var descr = usern.AttrByName(CONFIG_DESCRIPTION_ATTR).ValueAsString(string.Empty);
var status = usern.AttrByName(CONFIG_STATUS_ATTR).ValueAsEnum <UserStatus>(UserStatus.Invalid);
var rights = Rights.None;
var rightsn = usern[CONFIG_RIGHTS_SECTION];
if (rightsn.Exists)
{
var data = new MemoryConfiguration();
data.CreateFromNode(rightsn);
rights = new Rights(data);
}
return(new User(credentials,
credToAuthToken(idpass),
status,
name,
descr,
rights, App.TimeSource.UTCNow));
}
}
return(new User(credentials,
new AuthenticationToken(),
UserStatus.Invalid,
StringConsts.SECURITY_NON_AUTHENTICATED,
StringConsts.SECURITY_NON_AUTHENTICATED,
Rights.None, App.TimeSource.UTCNow));
}
public User Authenticate(Credentials credentials)
{
if (credentials is BearerCredentials bearer)
{
var oauth = App.ModuleRoot.TryGet <Services.IOAuthModule>();
if (oauth == null)
{
return(MakeBadUser(credentials));
}
var accessToken = oauth.TokenRing.GetAsync <Tokens.AccessToken>(bearer.Token).GetAwaiter().GetResult(); //since this manager is sync-only
if (accessToken != null) //if token is valid
{
if (SysAuthToken.TryParse(accessToken.SubjectSysAuthToken, out var sysToken))
{
return(Authenticate(sysToken));
}
}
}
var sect = m_Config ?? App.ConfigRoot[CommonApplicationLogic.CONFIG_SECURITY_SECTION];
if (sect.Exists)
{
IConfigSectionNode usern = sect.Configuration.EmptySection;
if (credentials is IDPasswordCredentials idpass)
{
usern = findUserNode(sect, idpass);
}
if (credentials is EntityUriCredentials enturi)
{
usern = findUserNode(sect, enturi);
}
if (usern.Exists)
{
var name = usern.AttrByName(CONFIG_NAME_ATTR).ValueAsString(string.Empty);
var descr = usern.AttrByName(CONFIG_DESCRIPTION_ATTR).ValueAsString(string.Empty);
var status = usern.AttrByName(CONFIG_STATUS_ATTR).ValueAsEnum(UserStatus.Invalid);
var rights = Rights.None;
var rightsn = usern[CONFIG_RIGHTS_SECTION];
if (rightsn.Exists)
{
var data = new MemoryConfiguration();
data.CreateFromNode(rightsn);
rights = new Rights(data);
}
return(MakeUser(credentials,
credToAuthToken(credentials),
status,
name,
descr,
rights));
}
}
return(MakeBadUser(credentials));
}
protected virtual User MakeUser(Credentials credentials, SysAuthToken sysToken, UserStatus status, string name, string descr, Rights rights)
{
return(new User(credentials,
sysToken,
status,
name,
descr,
rights, App.TimeSource.UTCNow));
}
public User(Credentials credentials,
AuthenticationToken token,
string name,
Rights rights, DateTime?utcNow = null) : this(credentials, token, UserStatus.User, name, null, rights, utcNow)
{
}
public User(Credentials credentials,
AuthenticationToken token,
string name,
Rights rights) : this(credentials, token, UserStatus.User, name, null, rights)
{
}
