public override void Validate(string userName, string password) { if (null == userName || null == password) { throw new ArgumentNullException(); } string tenantName; if (userName.Contains("\\")) { var parts = userName.Split('\\'); tenantName = parts[0]; userName = parts[1]; } else { throw new Exception("Cannot determine tenant and username."); } _oauth2AuthenticationSettings.Username = userName; _oauth2AuthenticationSettings.TenantName = tenantName; _oauth2AuthenticationSettings.Password = password; var accessTokenResponse = BearerTokenHelper.RetrieveBearTokenFromCacheOrNew(_oauth2AuthenticationSettings); ClaimsWebApiHelper.Authenticate(_oauth2AuthenticationSettings.Url, accessTokenResponse.AccessToken); }
private static bool AuthenticateUser(string userName, string password) { string tenantName = ""; try { var parts = userName.Split('\\'); if (parts.Length > 1) { tenantName = parts[0]; userName = parts[1]; } else { throw new AuthenticationException("Could not determine tenant name and user name") { StatusCode = HttpStatusCode.Unauthorized, ReasonPhrase = "Could not determine tenant name and user name" }; } _oauth2AuthenticationSettings.Password = password; _oauth2AuthenticationSettings.Username = userName; _oauth2AuthenticationSettings.TenantName = tenantName; //Get Token for this user. var accessTokenResponse = BearerTokenHelper.RetrieveBearTokenFromCacheOrNew(_oauth2AuthenticationSettings); if (accessTokenResponse == null || string.IsNullOrEmpty(accessTokenResponse.AccessToken)) { throw new AuthenticationException("Unable to retrieve token") { StatusCode = HttpStatusCode.Unauthorized, ReasonPhrase = "Unable to retrieve token" }; } //If token was cached we did not guarantee that tenant, user name and password are correct. //We only verified that the tenant and user name are the same. var memoryCachingService = new MemoryCacheProvider(); var hashedPassword = memoryCachingService.FetchAndCache(accessTokenResponse.AccessToken, () => EncryptionHelper.Md5Encryption.GetMd5Hash(password), SecurityTokenConstants.TokenLifeTime); if (EncryptionHelper.Md5Encryption.GetMd5Hash(password) != hashedPassword) { throw new AuthenticationException("username or password does not match") { StatusCode = HttpStatusCode.Unauthorized, ReasonPhrase = "username or password does not match" } } ; //Validates that the token is good. ClaimsWebApiHelper.Authenticate(_oauth2AuthenticationSettings.Url, accessTokenResponse.AccessToken); } catch (Exception ex) { _logger.WriteLogEntry(tenantName, null, MethodBase.GetCurrentMethod().Name + " " + ex.GetInnerMostException(), LogLevelType.Error, ex); throw; } return(true); }