public MultiTenantEndSessionProtocolRouteMatcher(
SiteContext currentSite,
IOptions<MultiTenantOptions> multiTenantOptionsAccessor)
{
multiTenantOptions = multiTenantOptionsAccessor.Value;
site = currentSite;
}
public FolderTenantNodeUrlPrefixProvider(
SiteContext currentSite,
IOptions<MultiTenantOptions> multiTenantOptions)
{
site = currentSite;
options = multiTenantOptions.Value;
}
public SiteManager(
SiteContext currentSite,
ISiteCommands siteCommands,
ISiteQueries siteQueries,
IUserCommands userCommands,
IUserQueries userQueries,
SiteDataProtector dataProtector,
IHttpContextAccessor contextAccessor,
ILogger<SiteManager> logger,
IOptions<MultiTenantOptions> multiTenantOptionsAccessor,
IOptions<SiteConfigOptions> setupOptionsAccessor,
CacheHelper cacheHelper
)
{
commands = siteCommands;
queries = siteQueries;
this.userCommands = userCommands;
this.userQueries = userQueries;
multiTenantOptions = multiTenantOptionsAccessor.Value;
setupOptions = setupOptionsAccessor.Value;
_context = contextAccessor?.HttpContext;
this.dataProtector = dataProtector;
log = logger;
//resolver = siteResolver;
siteSettings = currentSite;
this.cacheHelper = cacheHelper;
}
public CoreDataController(
SiteContext currentSite,
GeoDataManager geoDataManager,
IStringLocalizer<CloudscribeCore> localizer,
IOptions<UIOptions> uiOptionsAccessor
)
{
Site = currentSite;
dataManager = geoDataManager;
uiOptions = uiOptionsAccessor.Value;
sr = localizer;
}
public static IApplicationBuilder UseCloudscribeCoreDefaultAuthentication(
this IApplicationBuilder builder,
ILoggerFactory loggerFactory,
MultiTenantOptions multiTenantOptions,
SiteContext tenant,
CookieSecurePolicy applicationCookieSecure = CookieSecurePolicy.SameAsRequest
)
{
var useFolder = !multiTenantOptions.UseRelatedSitesMode
&& multiTenantOptions.Mode == cloudscribe.Core.Models.MultiTenantMode.FolderName
&& tenant.SiteFolderName.Length > 0;
var externalCookieOptions = builder.SetupOtherCookies(
AuthenticationScheme.External,
multiTenantOptions.UseRelatedSitesMode,
tenant);
builder.UseCookieAuthentication(externalCookieOptions);
var twoFactorRememberMeCookieOptions = builder.SetupOtherCookies(
AuthenticationScheme.TwoFactorRememberMe,
multiTenantOptions.UseRelatedSitesMode,
tenant);
builder.UseCookieAuthentication(twoFactorRememberMeCookieOptions);
var twoFactorUserIdCookie = builder.SetupOtherCookies(
AuthenticationScheme.TwoFactorUserId,
multiTenantOptions.UseRelatedSitesMode,
tenant);
builder.UseCookieAuthentication(twoFactorUserIdCookie);
//var cookieEvents = new CookieAuthenticationEvents();
var logger = loggerFactory.CreateLogger<SiteAuthCookieValidator>();
var cookieValidator = new SiteAuthCookieValidator(logger);
var appCookieOptions = builder.SetupAppCookie(
cookieValidator,
AuthenticationScheme.Application,
multiTenantOptions.UseRelatedSitesMode,
tenant,
applicationCookieSecure
);
builder.UseCookieAuthentication(appCookieOptions);
// known issue here is if a site is updated to populate the
// social auth keys, it currently requires a restart so that the middleware gets registered
// in order for it to work or for the social auth buttons to appear
builder.UseSocialAuth(tenant, externalCookieOptions, useFolder);
return builder;
}
public ConsentController(
ILogger<ConsentController> logger,
IIdentityServerInteractionService interaction,
IClientStore clientStore,
IScopeStore scopeStore,
IIdentityServerIntegration identityServerIntegration,
SiteContext currentSite
)
{
_logger = logger;
_interaction = interaction;
_clientStore = clientStore;
_scopeStore = scopeStore;
_site = currentSite;
this.identityServerIntegration = identityServerIntegration;
}
public ManageController(
SiteContext currentSite,
SiteUserManager<SiteUser> userManager,
SiteSignInManager<SiteUser> signInManager,
ISmsSender smsSender,
IStringLocalizer<CloudscribeCore> localizer,
ITimeZoneIdResolver timeZoneIdResolver,
ITimeZoneHelper timeZoneHelper
)
{
Site = currentSite;
this.userManager = userManager;
this.signInManager = signInManager;
this.smsSender = smsSender;
sr = localizer;
this.timeZoneIdResolver = timeZoneIdResolver;
tzHelper = timeZoneHelper;
}
public AccountController(
SiteContext currentSite,
SiteUserManager<SiteUser> userManager,
SiteSignInManager<SiteUser> signInManager,
IpAddressTracker ipAddressTracker,
ISiteMessageEmailSender emailSender,
ISmsSender smsSender,
IIdentityServerIntegration identityServerIntegration,
IStringLocalizer<CloudscribeCore> localizer,
ILogger<AccountController> logger
)
{
Site = currentSite;
this.userManager = userManager;
this.signInManager = signInManager;
this.identityServerIntegration = identityServerIntegration;
this.emailSender = emailSender;
this.smsSender = smsSender;
this.ipAddressTracker = ipAddressTracker;
sr = localizer;
log = logger;
}
public SiteNavigationCacheKeyResolver(SiteContext currentSite)
{
this.currentSite = currentSite;
}
public static IApplicationBuilder UseSocialAuth(
this IApplicationBuilder app,
SiteContext site,
CookieAuthenticationOptions externalCookieOptions,
bool shouldUseFolder)
{
// TODO: will this require a restart if the options are updated in the ui?
// no just need to clear the tenant cache after updating the settings
if (!string.IsNullOrWhiteSpace(site.GoogleClientId))
{
var googleOptions = new GoogleOptions();
googleOptions.AuthenticationScheme = "Google";
googleOptions.SignInScheme = externalCookieOptions.AuthenticationScheme;
googleOptions.ClientId = site.GoogleClientId;
googleOptions.ClientSecret = site.GoogleClientSecret;
if (shouldUseFolder)
{
googleOptions.CallbackPath = "/" + site.SiteFolderName + "/signin-google";
}
app.UseGoogleAuthentication(googleOptions);
}
if (!string.IsNullOrWhiteSpace(site.FacebookAppId))
{
var facebookOptions = new FacebookOptions();
facebookOptions.AuthenticationScheme = "Facebook";
facebookOptions.SignInScheme = externalCookieOptions.AuthenticationScheme;
facebookOptions.AppId = site.FacebookAppId;
facebookOptions.AppSecret = site.FacebookAppSecret;
if (shouldUseFolder)
{
facebookOptions.CallbackPath = "/" + site.SiteFolderName + "/signin-facebook";
}
app.UseFacebookAuthentication(facebookOptions);
}
if (!string.IsNullOrWhiteSpace(site.MicrosoftClientId))
{
var microsoftOptions = new MicrosoftAccountOptions();
microsoftOptions.SignInScheme = externalCookieOptions.AuthenticationScheme;
microsoftOptions.ClientId = site.MicrosoftClientId;
microsoftOptions.ClientSecret = site.MicrosoftClientSecret;
if (shouldUseFolder)
{
microsoftOptions.CallbackPath = "/" + site.SiteFolderName + "/signin-microsoft";
}
app.UseMicrosoftAccountAuthentication(microsoftOptions);
}
//app.Use()
//Func<HttpContext, bool> hasTwitterKeys = (HttpContext context) =>
//{
// var tenant = context.GetTenant<SiteSettings>();
// if (tenant == null) return false;
// if (string.IsNullOrWhiteSpace(tenant.TwitterConsumerKey)) return false;
// if (string.IsNullOrWhiteSpace(tenant.TwitterConsumerSecret)) return false;
// return true;
//};
//app.UseWhen(context => hasTwitterKeys(context), appBuilder =>
//{
if (!string.IsNullOrWhiteSpace(site.TwitterConsumerKey))
{
var twitterOptions = new TwitterOptions();
twitterOptions.SignInScheme = externalCookieOptions.AuthenticationScheme;
twitterOptions.ConsumerKey = site.TwitterConsumerKey;
twitterOptions.ConsumerSecret = site.TwitterConsumerSecret;
if (shouldUseFolder)
{
twitterOptions.CallbackPath = "/" + site.SiteFolderName + "/signin-twitter";
}
app.UseTwitterAuthentication(twitterOptions);
}
//});
return app;
}
public static CookieAuthenticationOptions SetupOtherCookies(
this IApplicationBuilder app,
string scheme,
bool useRelatedSitesMode,
SiteContext tenant,
CookieSecurePolicy cookieSecure = CookieSecurePolicy.None
)
{
var options = new CookieAuthenticationOptions();
if (useRelatedSitesMode)
{
options.AuthenticationScheme = scheme;
options.CookieName = scheme;
options.CookiePath = "/";
}
else
{
//options.AuthenticationScheme = $"{scheme}-{tenant.SiteFolderName}";
options.AuthenticationScheme = scheme;
options.CookieName = $"{scheme}-{tenant.SiteFolderName}";
options.CookiePath = "/" + tenant.SiteFolderName;
}
options.AutomaticAuthenticate = false;
if (cookieSecure != CookieSecurePolicy.None)
{
options.CookieSecure = cookieSecure;
}
return options;
}
public static CookieAuthenticationOptions SetupAppCookie(
this IApplicationBuilder app,
SiteAuthCookieValidator siteValidator,
string scheme,
bool useRelatedSitesMode,
SiteContext tenant,
CookieSecurePolicy cookieSecure = CookieSecurePolicy.SameAsRequest
)
{
var cookieEvents = new CookieAuthenticationEvents();
var options = new CookieAuthenticationOptions();
if (useRelatedSitesMode)
{
options.AuthenticationScheme = scheme;
options.CookieName = scheme;
options.CookiePath = "/";
}
else
{
//options.AuthenticationScheme = $"{scheme}-{tenant.SiteFolderName}";
options.AuthenticationScheme = scheme;
options.CookieName = $"{scheme}-{tenant.SiteFolderName}";
options.CookiePath = "/" + tenant.SiteFolderName;
cookieEvents.OnValidatePrincipal = siteValidator.ValidatePrincipal;
}
var tenantPathBase = string.IsNullOrEmpty(tenant.SiteFolderName)
? PathString.Empty
: new PathString("/" + tenant.SiteFolderName);
options.LoginPath = tenantPathBase + "/account/login";
options.LogoutPath = tenantPathBase + "/account/logoff";
options.AccessDeniedPath = tenantPathBase + "/account/accessdenied";
options.Events = cookieEvents;
options.AutomaticAuthenticate = true;
options.AutomaticChallenge = false;
options.CookieSecure = cookieSecure;
return options;
}
public PerTenantNoDbProjectIdResolver(
SiteContext site)
{
this.site = site;
}
