public virtual async Task <TResult> OnUnmappedUserAsync <TResult>( string subject, IDictionary <string, string> extraParameters, EastFive.Azure.Auth.Method authentication, EastFive.Azure.Auth.Authorization authorization, IProvideAuthorization authorizationProvider, Uri baseUri, Func <Guid, TResult> onCreatedMapping, Func <TResult> onAllowSelfServeAccounts, Func <Uri, TResult> onInterceptProcess, Func <TResult> onNoChange) { if (authorizationProvider is Credentials.IProvideAccountInformation) { var accountInfoProvider = authorizationProvider as Credentials.IProvideAccountInformation; return(await accountInfoProvider .CreateAccount(subject, extraParameters, authentication, authorization, baseUri, this, onCreatedMapping, onAllowSelfServeAccounts, onInterceptProcess, onNoChange)); } return(onNoChange()); }
public virtual Task <bool> ShouldAuthorizeIntegrationAsync(XIntegration integration, EastFive.Azure.Auth.Authorization authorization) { if (authorization.accountIdMaybe.HasValue) { if (integration.accountId != authorization.accountIdMaybe.Value) { return(false.AsTask()); } } return(true.AsTask()); }
internal static async Task <TResult> CreateByMethodAndKeyAsync <TResult>(Authorization authorization, string externalAccountKey, Guid internalAccountId, Func <TResult> onCreated, Func <TResult> onAlreadyMapped, bool shouldRemap = false) { var accountMapping = new AccountMapping() { accountId = internalAccountId, }; accountMapping.Method = authorization.Method; // method is used in the .mappingId accountMapping.authorization = authorization.authorizationRef; var authorizationLookup = new AuthorizationLookup { accountMappingRef = accountMapping.mappingId, authorizationLookupRef = authorization.authorizationRef, }; bool created = await authorizationLookup.StorageCreateAsync( (idDiscard) => { return(true); }, () => { // I guess this is cool... return(false); }); var lookup = new AccountMappingLookup() { accountkey = externalAccountKey, accountMappingId = accountMapping.mappingId, Method = authorization.Method, }; accountMapping.accountMappingLookup = await await lookup.StorageCreateAsync( (discard) => lookup.accountMappingLookupId.Optional().AsTask(), async() => { if (!shouldRemap) { return(RefOptional <AccountMappingLookup> .Empty()); } return(await lookup.accountMappingLookupId.StorageCreateOrUpdateAsync( async(created, lookupToUpdate, saveAsync) => { lookupToUpdate.accountMappingId = accountMapping.mappingId; await saveAsync(lookupToUpdate); return lookupToUpdate.accountMappingLookupId.Optional(); })); }); return(await await accountMapping.StorageCreateAsync( createdId => { return onCreated().AsTask(); }, async() => { if (!shouldRemap) { return onAlreadyMapped(); } return await accountMapping.mappingId.StorageCreateOrUpdateAsync( async(created, mapping, saveAsync) => { mapping.accountMappingLookup = accountMapping.accountMappingLookup; mapping.authorization = accountMapping.authorization; await saveAsync(mapping); return onCreated(); }); })); }
public async static Task <TResult> AuthenticationAsync <TResult>( EastFive.Azure.Auth.Method authentication, IDictionary <string, string> values, IAzureApplication application, IHttpRequest request, IInvokeApplication endpoints, Uri baseUri, IRefOptional <Authorization> authorizationRefToCreate, Func <Uri, Guid?, Func <IHttpResponse, IHttpResponse>, TResult> onRedirect, Func <TResult> onAuthorizationNotFound, Func <string, TResult> onCouldNotConnect, Func <string, TResult> onGeneralFailure) { var telemetry = application.Telemetry; return(await await authentication.RedeemTokenAsync(values, application, async (externalAccountKey, authorizationRefMaybe, loginProvider, extraParams) => { #region Handle case where there was a direct link or a POST if (!authorizationRefMaybe.HasValue) { var authorization = new Authorization { authorizationRef = authorizationRefToCreate.HasValue? authorizationRefToCreate.Ref : new Ref <Authorization>(Security.SecureGuid.Generate()), Method = authentication.authenticationId, parameters = extraParams, authorized = true, }; return await ProcessAsync(authorization, async(authorizationUpdated) => { bool created = await authorizationUpdated.StorageCreateAsync( authIdDiscard => { return true; }, () => { //if(authorizationRefToCreate.HasValueNotNull()) // throw new Exception("Authorization to create already exists."); //throw new Exception("Duplicated update from ProcessAsync."); return false; }); }, authentication, externalAccountKey, extraParams, application, request, endpoints, loginProvider, baseUri, onRedirect, onGeneralFailure, telemetry); } #endregion var authorizationRef = authorizationRefMaybe.Ref; return await authorizationRef.StorageUpdateAsync( async(authorization, saveAsync) => { return await ProcessAsync(authorization, saveAsync, authentication, externalAccountKey, extraParams, application, request, endpoints, loginProvider, baseUri, onRedirect, onGeneralFailure, telemetry); }, () => { return onAuthorizationNotFound(); }); }, (authorizationRef, extraparams) => onGeneralFailure("Cannot use logout to authenticate").AsTask(), (why) => onCouldNotConnect(why).AsTask(), (why) => onGeneralFailure(why).AsTask())); }
private async static Task <TResult> AuthenticationAsync <TResult>(Guid requestId, EastFive.Azure.Auth.Method authentication, IDictionary <string, string> values, Uri baseUri, AzureApplication application, Func <Uri, TResult> onRedirect, Func <TResult> onAuthorizationNotFound, Func <string, TResult> onCouldNotConnect, Func <string, TResult> onGeneralFailure) { var authorizationRequestManager = application.AuthorizationRequestManager; var telemetry = application.Telemetry; return(await await authentication.RedeemTokenAsync(values, application, async (externalAccountKey, authorizationRefMaybe, loginProvider, extraParams) => { #region Handle case where there was a direct link if (!authorizationRefMaybe.HasValue) { var authorization = new Authorization { authorizationRef = new Ref <Authorization>(Security.SecureGuid.Generate()), Method = authentication.authenticationId, parameters = extraParams, authorized = true, }; return await ProcessAsync(authorization, async(authorizationUpdated) => { bool created = await authorizationUpdated.StorageCreateAsync( authIdDiscard => { return true; }, () => throw new Exception("Secure guid not unique")); }, authentication, externalAccountKey, extraParams, requestId, baseUri, application, loginProvider, onRedirect, onGeneralFailure, telemetry); } #endregion var authorizationRef = authorizationRefMaybe.Ref; return await authorizationRef.StorageUpdateAsync( async(authorization, saveAsync) => { return await ProcessAsync(authorization, saveAsync, authentication, externalAccountKey, extraParams, requestId, baseUri, application, loginProvider, onRedirect, onGeneralFailure, telemetry); }, () => { return onAuthorizationNotFound(); }); }, (authorizationRef, extraparams) => onGeneralFailure("Cannot use logout to authenticate").AsTask(), (why) => onCouldNotConnect(why).AsTask(), (why) => onGeneralFailure(why).AsTask())); }
private static Task <TResult> CreateLoginResponseAsync <TResult>(Guid requestId, Guid?accountId, IDictionary <string, string> extraParams, Method method, Authorization authorization, Uri baseUri, AzureApplication application, IProvideAuthorization authorizationProvider, Func <Uri, TResult> onRedirect, Func <string, TResult> onBadResponse, TelemetryClient telemetry) { return(application.GetRedirectUriAsync(requestId, accountId, extraParams, method, authorization, baseUri, authorizationProvider, (redirectUrlSelected) => { telemetry.TrackEvent($"CreateResponse - redirectUrlSelected1: {redirectUrlSelected.AbsolutePath}"); telemetry.TrackEvent($"CreateResponse - redirectUrlSelected2: {redirectUrlSelected.AbsoluteUri}"); return onRedirect(redirectUrlSelected); }, (paramName, why) => { var message = $"Invalid parameter while completing login: {paramName} - {why}"; telemetry.TrackException(new ResponseException(message)); return onBadResponse(message); }, (why) => { var message = $"General failure while completing login: {why}"; telemetry.TrackException(new ResponseException(message)); return onBadResponse(message); })); }
public static async Task <TResult> ProcessAsync <TResult>(Authorization authorization, Func <Authorization, Task> saveAsync, Method authentication, string externalAccountKey, IDictionary <string, string> extraParams, Guid requestId, Uri baseUri, AzureApplication application, IProvideLogin loginProvider, Func <Uri, TResult> onRedirect, Func <string, TResult> onGeneralFailure, TelemetryClient telemetry) { authorization.authorized = true; authorization.LocationAuthentication = null; var result = await await AccountMapping.FindByMethodAndKeyAsync(authentication.authenticationId, externalAccountKey, authorization, // Found async internalAccountId => { authorization.parameters = extraParams; authorization.accountIdMaybe = internalAccountId; await saveAsync(authorization); return(await CreateLoginResponseAsync(requestId, internalAccountId, extraParams, authentication, authorization, baseUri, application, loginProvider, onRedirect, onGeneralFailure, telemetry)); }, // Not found async() => { return(await await UnmappedCredentialAsync(externalAccountKey, extraParams, authentication, authorization, loginProvider, application, baseUri, // Create mapping async(internalAccountId) => { authorization.parameters = extraParams; authorization.accountIdMaybe = internalAccountId; await saveAsync(authorization); return await await AccountMapping.CreateByMethodAndKeyAsync(authorization, externalAccountKey, internalAccountId, () => { return CreateLoginResponseAsync(requestId, internalAccountId, extraParams, authentication, authorization, baseUri, application, loginProvider, onRedirect, onGeneralFailure, telemetry); }, (why) => onGeneralFailure(why).AsTask()); }, // Allow self serve async() => { authorization.parameters = extraParams; await saveAsync(authorization); return await CreateLoginResponseAsync(requestId, default(Guid?), extraParams, authentication, authorization, baseUri, application, loginProvider, onRedirect, onGeneralFailure, telemetry); }, // Intercept process async(interceptionUrl) => { authorization.parameters = extraParams; await saveAsync(authorization); return onRedirect(interceptionUrl); }, // Failure async(why) => { // Save params so they can be used later authorization.parameters = extraParams; await saveAsync(authorization); return onGeneralFailure(why); }, telemetry)); }); return(result); }