protected override async Task <AuthenticateResult> HandleAuthenticateAsync() { var action = Request.Method; string controller = string.Empty; string api = string.Empty; try { controller = Request.Path.Value.Contains("/api/") ? Request.Path.Value.Split('/')[2] : string.Empty; api = Request.Path.Value.Contains("/api/") && Request.Path.Value.Split('/').Length > 3 ? Request.Path.Value.Split('/')[3] : string.Empty; } catch (Exception) { Logging <AuthValidationHandler> .Warning("URL not valid: " + Request.Path.Value); return(AuthenticateResult.Fail("URL not valid: " + Request.Path.Value)); } AuthenticationTicket ticket = await CreateTicketAsync(action, controller, api); if (ticket == null) { return(AuthenticateResult.Fail("Authentication failed because the access token was invalid.")); } await AuthenticationHttpContextExtensions.SignInAsync(Request.HttpContext, ticket.AuthenticationScheme, ticket.Principal); return(AuthenticateResult.Success(ticket)); }
public JsonResult OnPost() { login_db _context = new login_db(AppGlobal.get_db_option()); //simplifying context initializer by override AppResponseMessage arm = new AppResponseMessage(); //inisialisasi ARM sebagai standarisasi respon balik try { using (var transaction = _context.Database.BeginTransaction()) { if (Request.Query["f"] == "logout_handler") { var history_id = User.FindFirst("history_id").Value; var history = _context.t_login_history.FirstOrDefault(e => e.t_login_history_id == Convert.ToInt32(history_id)); history.logout_time = DateTime.Now; _context.t_login_history.Update(history); _context.SaveChanges(); AuthenticationHttpContextExtensions.SignOutAsync(HttpContext, CookieAuthenticationDefaults.AuthenticationScheme); arm.success(); arm.message = "Success"; } transaction.Commit(); _context.SaveChanges(); } } catch (Exception ex) { arm.fail(); arm.message = ex.Message; } return(new JsonResult(arm)); //return ARM dg method JsonResult untuk auto serialize ke format JSON }
public async Task <IActionResult> Login(string name, string password, string email) { //validate that there is user data if (string.IsNullOrEmpty(name) || string.IsNullOrEmpty(password) || string.IsNullOrEmpty(email)) { RedirectToAction(nameof(Index), nameof(HomeController)); } //login the user: ClaimsIdentity, ClaimsPrincipal and SignInAsync() //Create identity clames for the user data var claims = new List <Claim>() { new Claim(ClaimTypes.Name, name), new Claim(ClaimTypes.Email, email) }; var identity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme); //create a claims principal for the user var principal = new ClaimsPrincipal(identity); //login the user await AuthenticationHttpContextExtensions.SignInAsync(HttpContext, CookieAuthenticationDefaults.AuthenticationScheme, principal); return(RedirectToAction("LogedInUsers", "Authentication")); }
public async Task Logout() { // TODO: Does not remove the antiforgery token from cookies await AuthenticationHttpContextExtensions.SignOutAsync(HttpContext, "Cookies"); await AuthenticationHttpContextExtensions.SignOutAsync(HttpContext, "oidc"); }
public async Task <IActionResult> Signout() { ViewData["AdfsLogoutUrl"] = _configuration["AdfsLogoutUrl"]; await AuthenticationHttpContextExtensions.SignOutAsync(HttpContext, "Cookies"); return(Redirect("/")); }
/// <summary> /// THIS LOGS OUT OF BOTH IPD AND mvc app /// </summary> /// <returns></returns> public async Task Logout() { //only logs out of client not IDP await AuthenticationHttpContextExtensions.SignOutAsync(HttpContext, "Cookies"); await AuthenticationHttpContextExtensions.SignOutAsync(HttpContext, "oidc"); }
public async Task <IActionResult> Login(LoginDTO loginDto) { var identity = loginHelper.GetClaimsIdentity(loginDto.ChipId, loginDto.Password); if (identity == null) { ViewBag.Error = "Wrooong!"; } else { // issue an authentication cookie var properties = new AuthenticationProperties() { IsPersistent = true, ExpiresUtc = DateTime.UtcNow.AddMonths(1) }; await AuthenticationHttpContextExtensions.SignInAsync(HttpContext, new ClaimsPrincipal(identity), properties); // redirect to the home page return(RedirectToRoute(new { controller = "Home", action = "Index" })); } return(View()); }
public async Task <IActionResult> LoginCallback(string returnUrl) { IActionResult result; AuthenticateResult asyncVariable0 = await AuthenticationHttpContextExtensions.AuthenticateAsync(this.HttpContext, "QQConnect"); AuthenticateResult authenticateResult = asyncVariable0; asyncVariable0 = null; if (!authenticateResult.Succeeded || !authenticateResult.Principal.Claims.Any <Claim>()) { result = this.RedirectToRoute("Login"); } else { ExternalAuthenticationParameters asyncVariable3 = new ExternalAuthenticationParameters { ProviderSystemName = "ExternalAuth.QQConnect" }; ExternalAuthenticationParameters asyncVariable1 = asyncVariable3; string asyncVariable2 = await AuthenticationHttpContextExtensions.GetTokenAsync(this.HttpContext, "QQConnect", "access_token"); asyncVariable1.AccessToken = asyncVariable2; asyncVariable3.Email = authenticateResult.Principal.FindFirst(claim => claim.Type == ClaimTypes.Email)?.Value; asyncVariable3.ExternalIdentifier = authenticateResult.Principal.FindFirst(claim => claim.Type == ClaimTypes.NameIdentifier)?.Value; asyncVariable3.ExternalDisplayIdentifier = authenticateResult.Principal.FindFirst(claim => claim.Type == ClaimTypes.Name)?.Value; asyncVariable3.Claims = authenticateResult.Principal.Claims.Select(claim => new ExternalAuthenticationClaim(claim.Type, claim.Value)).ToList(); ExternalAuthenticationParameters parameters = asyncVariable3; asyncVariable1 = null; asyncVariable2 = null; asyncVariable3 = null; result = this._externalAuthenticationService.Authenticate(parameters, returnUrl); } return(result); }
public async Task <IActionResult> Contact() { //when getting info pass in authority if IDP var discoveryClient = new DiscoveryClient("https://localhost:44365/"); //gets meta data var metaDataResponse = await discoveryClient.GetAsync(); //get userInfo endpoint pass in meta data var userInfoClient = new UserInfoClient(metaDataResponse.UserInfoEndpoint); //need an access token to call this endpoint above var accessToken = await AuthenticationHttpContextExtensions .GetTokenAsync(HttpContext, OpenIdConnectParameterNames.AccessToken); //call endpoint pass in access token var response = await userInfoClient.GetAsync(accessToken); //throw an error exeption if any errors: if (response.IsError) { throw new Exception("error on user endpoint", response.Exception); } // response object has a list of claims that are returned from the user info endpoint //match scopes that are in the access token-- if null its gonna be null var address = response.Claims.FirstOrDefault(x => x.Type == "address")?.Value; //return view and pass in new orderview frame model with address in ctor return(View(new OrderViewFrameModel(address))); }
public async Task <IActionResult> GoogleCallback(string code) { var token = await _api.TokenExchange(code); var googleUser = await _api.GoogleUser(token); var user = await _db.Users.FirstOrDefaultAsync(u => u.Email == googleUser.Email); if (user == null) { return(RedirectToAction("Beta", "Home")); } var claims = new List <Claim>() { new Claim(ClaimTypes.Role, "user"), new Claim(ClaimTypes.Name, googleUser.Name), new Claim(ClaimTypes.Email, googleUser.Email), new Claim(ClaimTypes.Sid, user.Id.ToString()) }; var identity = new ClaimsIdentity(claims, "GoogleAuthLogin"); var principal = new ClaimsPrincipal(new[] { identity }); await AuthenticationHttpContextExtensions.SignInAsync(HttpContext, AUTH_NAME, principal); return(RedirectToAction("Index", "Home")); }
private async Task PerformSignIn(GenericPrincipal user, string webToken) { Dictionary <string, string> items = new Dictionary <string, string> { { "AuthScheme", CookieAuthenticationDefaults.AuthenticationScheme }, }; AuthenticationProperties props = new AuthenticationProperties(items) { // web authentication ticket life time, after expire new log in required ExpiresUtc = DateTime.UtcNow.AddHours(8), IsPersistent = false, AllowRefresh = false, }; List <AuthenticationToken> authenticationTokens = new List <AuthenticationToken> { new AuthenticationToken { Name = "access_token", Value = webToken }, }; AuthenticationTokenExtensions.StoreTokens(props, authenticationTokens); await AuthenticationHttpContextExtensions.SignInAsync(_httpContext, CookieAuthenticationDefaults.AuthenticationScheme, user, props); }
private async Task <string> GetAccessToken(IConfiguration appConfiguration, IHttpContextAccessor httpContextAccessor) { string accessToken = string.Empty; var currentContext = httpContextAccessor.HttpContext; // Should we renew access & refresh tokens? var expires_at = await AuthenticationHttpContextExtensions.GetTokenAsync(currentContext, "expires_at"); // compare - make sure to use the exact date formats for comparison // (UTC, in this case) if (string.IsNullOrWhiteSpace(expires_at) || ((DateTime.Parse(expires_at).AddSeconds(-60)).ToUniversalTime() < DateTime.UtcNow)) { accessToken = await RenewTokens(appConfiguration, httpContextAccessor); } else { // get access token accessToken = await AuthenticationHttpContextExtensions.GetTokenAsync(currentContext, OpenIdConnectParameterNames.AccessToken); } return(accessToken); }
/// <summary> /// 获取当前上下文的access_token /// </summary> /// <returns></returns> public async Task <string> GetToken() { //只要无法decoded被jwthandler,这里就会有空值 HttpContext httpContext = _httpContextAccessor.HttpContext; return(await AuthenticationHttpContextExtensions.GetTokenAsync(httpContext, "access_token")); }
public async Task <ActionResult> ACS(IFormCollection collection) { string samlResponse = ""; string redirect = ""; AuthResponse resp = new AuthResponse(); try { samlResponse = Encoding.UTF8.GetString(Convert.FromBase64String(collection["SAMLResponse"])); redirect = Encoding.UTF8.GetString(Convert.FromBase64String(collection["RelayState"])); resp.Deserialize(samlResponse); } catch (Exception ex) { _logger.LogError(ex, "Error reading SAML Response {0}", samlResponse); } if (resp.RequestStatus == SamlRequestStatus.Success) { //CookieOptions options = new CookieOptions(); //options.Expires = resp.SessionIdExpireDate; //Response.Cookies.Delete("SPID_COOKIE"); //Response.Cookies.Append("SPID_COOKIE", JsonConvert.SerializeObject(resp), options); var scheme = "SPIDCookie"; //CookieAuthenticationDefaults.AuthenticationScheme var claims = resp.GetClaims(); var identityClaims = new List <Claim>(); foreach (var item in claims) { identityClaims.Add(new Claim(item.Key, item.Value, ClaimValueTypes.String, resp.Issuer)); } identityClaims.Add(new Claim(ClaimTypes.Name, claims["Name"], ClaimValueTypes.String, resp.Issuer)); identityClaims.Add(new Claim(ClaimTypes.Surname, claims["FamilyName"], ClaimValueTypes.String, resp.Issuer)); identityClaims.Add(new Claim(ClaimTypes.Email, claims["Email"], ClaimValueTypes.String, resp.Issuer)); var identity = new ClaimsIdentity(identityClaims, scheme); var principal = new ClaimsPrincipal(identity); HttpContext.User = principal; await AuthenticationHttpContextExtensions.SignInAsync(HttpContext, scheme, principal, new AuthenticationProperties { ExpiresUtc = DateTime.UtcNow.AddMinutes(20), IsPersistent = true, AllowRefresh = false }); } if (string.IsNullOrEmpty(redirect)) { redirect = "/"; } return(Redirect(redirect)); }
public async System.Threading.Tasks.Task <IActionResult> logout() { await AuthenticationHttpContextExtensions.SignOutAsync(HttpContext); _requestItemsService.Logout(); return(LocalRedirect("/")); }
/// <summary> /// 获取授权数据 /// </summary> /// <param name="valueType"></param> /// <returns></returns> public string GetAuthClainValue(AuthorizationStorageType valueType) { string value = string.Empty; try { Task <AuthenticateResult> authenticateInfo = AuthenticationHttpContextExtensions.AuthenticateAsync(HttpContext, authenticationScheme); if (authenticateInfo.IsFaulted || authenticateInfo.Result.Principal == null) { return(value); } IEnumerable <Claim> claims = authenticateInfo.Result.Principal.Claims; foreach (Claim claim in claims) { if (claim.Type.Equals(valueType.ToString())) { value = claim.Value; break; } } } catch (Exception) { } return(value); }
public async Task <IActionResult> SignIn([FromBody] LoginArgs loginArgs) { try { // credential validation ... var claims = new List <Claim> { new Claim(ClaimTypes.Name, "Alex") }; var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme); var authProperties = new AuthenticationProperties { IsPersistent = true, RedirectUri = Request.Host.Value }; await AuthenticationHttpContextExtensions.SignInAsync( HttpContext, CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity), authProperties); return(Ok()); } catch (Exception ex) { return(BadRequest(new { Error = ex.Message })); } }
/// <summary> /// 设置授权认证数 /// </summary> /// <param name="value">实体序列化JsonConvert.SerializeObject(data)</param> /// <param name="valueType"></param> public async void SetsAuthenticationAsync(string value, AuthorizationStorageType valueType) { var claims = new List <Claim>() { new Claim(valueType.ToString(), value) }; Task <AuthenticateResult> authenticateInfo = AuthenticationHttpContextExtensions.AuthenticateAsync(HttpContext, authenticationScheme); if (!authenticateInfo.IsFaulted && authenticateInfo.Result.Principal != null) { claims = authenticateInfo.Result.Principal.Claims.ToList(); int idx = claims.FindIndex(c => { return(c.Type.Equals(valueType.ToString())); }); if (idx >= 0) { claims.RemoveAt(idx); } claims.Add(new Claim(valueType.ToString(), value)); } ClaimsIdentity identity = new ClaimsIdentity(claims); var userPrincipal = new ClaimsPrincipal(identity); await AuthenticationHttpContextExtensions.SignInAsync(HttpContext, authenticationScheme, userPrincipal, new Microsoft.AspNetCore.Authentication.AuthenticationProperties { ExpiresUtc = DateTime.UtcNow.AddHours(24), IsPersistent = false, AllowRefresh = true }); }
public async Task <IActionResult> Login(LoginViewModel model) { if (!Request.Form.Keys.Any(x => x == "external")) { // 通常ログイン if (ModelState.IsValid) { if (!string.IsNullOrEmpty(model.UserName)) { // 認証情報を作成する。 List <Claim> claims = new List <Claim>(); claims.Add(new Claim(ClaimTypes.Name, model.UserName)); // 認証情報を保存する。 ClaimsIdentity userIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme); ClaimsPrincipal userPrincipal = new ClaimsPrincipal(userIdentity); // サイン アップする。 await AuthenticationHttpContextExtensions.SignInAsync( this.HttpContext, CookieAuthenticationDefaults.AuthenticationScheme, userPrincipal); // 認証情報を保存する。 MyUserInfo ui = new MyUserInfo(model.UserName, (new GetClientIpAddress()).GetAddress()); UserInfoHandle.SetUserInformation(ui); //基盤に任せるのでリダイレクトしない。 return(View(model)); } else { // ユーザー認証 失敗 this.ModelState.AddModelError(string.Empty, "指定されたユーザー名またはパスワードが正しくありません。"); } } else { // LoginViewModelの検証に失敗 } // Session消去 //this.FxSessionAbandon(); // ポストバック的な return(this.View(model)); } else { // 外部ログイン return(Redirect(string.Format( "https://localhost:44300/MultiPurposeAuthSite/authorize" + "?client_id=" + OAuth2AndOIDCParams.ClientID + "&response_type=code" + "&scope=profile%20email%20phone%20address%20openid" + "&state={0}" + "&nonce={1}" + "&prompt=none", this.State, this.Nonce))); } }
public async System.Threading.Tasks.Task <IActionResult> logout() { await AuthenticationHttpContextExtensions.SignOutAsync(HttpContext); _requestItemsService.Logout(); _configuration["quickstart"] = "false"; return(LocalRedirect("/?egName=home")); }
public async Task <IActionResult> Login(string returnUrl = null) { // Clear the existing external cookie to ensure a clean login process await AuthenticationHttpContextExtensions.SignOutAsync(HttpContext); ViewData["ReturnUrl"] = returnUrl; return(View()); }
public async Task <IActionResult> Logout() { //FormsAuthentication.SignOut(); await AuthenticationHttpContextExtensions.SignOutAsync( this.HttpContext, CookieAuthenticationDefaults.AuthenticationScheme); return(this.Redirect(Url.Action("Index", "Home"))); }
public async Task <IActionResult> Shouts() { await RefreshTokensAync(); var token = await AuthenticationHttpContextExtensions.GetTokenAsync(this.HttpContext, "access_token"); return(View()); }
public async Task <IActionResult> Login(LoginDto data) { var claims = new[] { new Claim(ClaimTypes.Name, data.Username), new Claim(ClaimTypes.Role, "role") }; var identity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme); await AuthenticationHttpContextExtensions.SignInAsync(HttpContext, CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(identity)); return(Redirect("~/Home/Profile")); }
public static string getUserName(HttpContext context) { string tokenString = AuthenticationHttpContextExtensions.GetTokenAsync(context, "access_token").Result; JwtSecurityTokenHandler handler = new JwtSecurityTokenHandler(); JwtSecurityToken token = handler.ReadJwtToken(tokenString); return(token.Subject); }
public async Task <ActionResult <IEnumerable <string> > > GetAsync() { var token = await AuthenticationHttpContextExtensions.GetTokenAsync(HttpContext, "Bearer", "access_token"); string userId = User.FindFirst(ClaimTypes.Name)?.Value; return(new string[] { "Token for calling the frontend api is", token }); }
/// <summary> /// Handle onPost Login AJAX based dengan return value JsonResult /// </summary> /// <param name="request_parameter"></param> /// <param name="returnURL"></param> /// <returns></returns> public JsonResult OnPost(string request_parameter, string returnURL = null) { dynamic login_object = JsonConvert.DeserializeObject(request_parameter); string user_name = login_object["username"]; string password = login_object["password"]; //Console.WriteLine("user_name>> " + user_name); //Console.WriteLine("password >> " + password); AppResponseMessage arm = new AppResponseMessage(); if (!string.IsNullOrWhiteSpace(user_name) && !string.IsNullOrWhiteSpace(password)) { //jika masukan username & password valid if (IsValidLogin(user_name, password)) { //jika username & password dikenali string user_id = _context.m_user.Where(f => f.user_name == user_name).FirstOrDefault().m_user_id + ""; string Role = _context.m_user.Include(f => f.m_user_group).Where(f => f.user_name == user_name).FirstOrDefault().m_user_group.user_group_name; string user_category_id = _context.m_user.Where(f => f.user_name == user_name).FirstOrDefault().m_user_group_id + ""; bool status_aktif = _context.m_user.Where(f => f.user_name == user_name).FirstOrDefault().user_active; if (status_aktif != true) { //jika user tidak aktif arm.fail(); arm.message = "user tidak aktif"; } else { //jika user valid & aktif var claims = new[] { new Claim(ClaimTypes.Name, user_name), new Claim(ClaimTypes.Role, Role), new Claim("user_id", user_id), new Claim("user_category_id", user_category_id), new Claim("user_name", user_name), }; ClaimsIdentity identity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme); ClaimsPrincipal principal = new ClaimsPrincipal(identity); AuthenticationHttpContextExtensions.SignInAsync(HttpContext, CookieAuthenticationDefaults.AuthenticationScheme, principal); arm.success(); arm.message = "login berhasil"; } } else { arm.fail(); arm.message = "login gagal"; } } else { arm.fail(); arm.message = "login gagal"; } return(new JsonResult(arm)); }
/// <summary> /// Attempts to sign out user. /// </summary> /// <returns>Default route view.</returns> public async Task <IActionResult> Logout() { if (User.Identity.IsAuthenticated) { await AuthenticationHttpContextExtensions.SignOutAsync(HttpContext, CookieAuthenticationDefaults.AuthenticationScheme); } return(Redirect("/")); }
public async Task <IActionResult> Login() { if (IsAuthenticated) { await AuthenticationHttpContextExtensions.SignOutAsync(HttpContext, authenticationScheme); } return(View()); }
public async Task <IActionResult> Index() { ViewData["access_token"] = await AuthenticationHttpContextExtensions.GetTokenAsync(HttpContext, "access_token"); ViewData["id_token"] = await AuthenticationHttpContextExtensions.GetTokenAsync(HttpContext, "id_token"); return(View()); }