protected override async Task <AuthenticationTicket> AuthenticateCoreAsync() { AuthenticationProperties properties = null; try { var query = Request.Query; var protectedRequestToken = Request.Cookies[StateCookie]; var requestToken = Options.StateDataFormat.Unprotect(protectedRequestToken); if (requestToken == null) { _logger.WriteWarning("Invalid state"); return(null); } properties = requestToken.Properties; var returnedToken = query.Get("oauth_token"); if (string.IsNullOrWhiteSpace(returnedToken)) { _logger.WriteWarning("Missing oauth_token"); return(new AuthenticationTicket(null, properties)); } if (returnedToken != requestToken.Token) { _logger.WriteWarning("Unmatched token"); return(new AuthenticationTicket(null, properties)); } var oauthVerifier = query.Get("oauth_verifier"); if (string.IsNullOrWhiteSpace(oauthVerifier)) { _logger.WriteWarning("Missing or blank oauth_verifier"); return(new AuthenticationTicket(null, properties)); } var accessToken = await ObtainAccessTokenAsync(Options.ConsumerKey, Options.ConsumerSecret, requestToken, oauthVerifier); var context = new DoYouBuzzAuthenticatedContext(Context, accessToken.UserId, accessToken.Token, accessToken.TokenSecret) { Identity = new ClaimsIdentity( new[] { new Claim(ClaimTypes.NameIdentifier, accessToken.UserId, "http://www.w3.org/2001/XMLSchema#string", Options.AuthenticationType), new Claim("urn:DoYouBuzz:userid", accessToken.UserId, "http://www.w3.org/2001/XMLSchema#string", Options.AuthenticationType), }, Options.AuthenticationType, ClaimsIdentity.DefaultNameClaimType, ClaimsIdentity.DefaultRoleClaimType), Properties = requestToken.Properties }; Response.Cookies.Delete(StateCookie); await Options.Provider.Authenticated(context); return(new AuthenticationTicket(context.Identity, context.Properties)); } catch (Exception ex) { _logger.WriteError("Authentication failed", ex); return(new AuthenticationTicket(null, properties)); } }
/// <summary> /// Invoked whenever DoYouBuzz successfully authenticates a user /// </summary> /// <param name="context">Contains information about the login session as well as the user <see cref="System.Security.Claims.ClaimsIdentity"/>.</param> /// <returns>A <see cref="Task"/> representing the completed operation.</returns> public virtual Task Authenticated(DoYouBuzzAuthenticatedContext context) { return OnAuthenticated(context); }
/// <summary> /// Invoked whenever DoYouBuzz successfully authenticates a user /// </summary> /// <param name="context">Contains information about the login session as well as the user <see cref="System.Security.Claims.ClaimsIdentity"/>.</param> /// <returns>A <see cref="Task"/> representing the completed operation.</returns> public virtual Task Authenticated(DoYouBuzzAuthenticatedContext context) { return(OnAuthenticated(context)); }