public async Task <CustomerAuthenticationDTO> GetAsync(CustomerAuthenticationId id) { var sqlParams = new { Id = id.RawValue }; string sql = @"; SELECT Id, CustomerId, CredentialType, Secret, DisplayName, CreationTime, CreatedBy, IsRevoked, RevokeTime FROM dbo.CustomerAuthenticationMethods WHERE Id = @Id; "; return(await _db.QuerySingleOrDefault(async (db) => { return await db.FetchAsync <CustomerAuthenticationDTO>(sql, sqlParams); })); }
public async Task <ClaimsPrincipal> GetOneTimeLoginAsync(CustomerAuthenticationId id, string secret, CredentialType credentialType) { var customerAuth = await _persistence.CustomerAuthentications.GetAsync(id); if (customerAuth == null) { return(null); } if (customerAuth.CredentialType != credentialType || !customerAuth.Secret.Equals(secret, StringComparison.InvariantCultureIgnoreCase)) { return(null); } if (customerAuth.IsRevoked) { return(null); } var claimsIdentity = new ClaimsIdentity(Options.APIAuthenticationScheme); AddCustomerIdClaim(claimsIdentity, customerAuth.CustomerId); AddCustomerAuthClaim(claimsIdentity, customerAuth.Id); return(new ClaimsPrincipal(claimsIdentity)); }
protected override async Task <AuthenticateResult> HandleAuthenticateAsync() { // Is this relevant to us? if (!Request.Headers.TryGetValue(Options.HTTPHeader, out var authValue)) { return(AuthenticateResult.NoResult()); } // Is it a good pair? var actualAuthValue = authValue.FirstOrDefault(); var apiValues = actualAuthValue.Split(':', 2); if (apiValues.Length != 2 || String.IsNullOrEmpty(apiValues[0]) || String.IsNullOrEmpty(apiValues[1])) { return(AuthenticateResult.Fail($"Invalid authentication format, expected 'id:secret'")); } var customerAuthId = CustomerAuthenticationId.FromString(apiValues[0]); var secret = apiValues[1]; var principal = await _membership.GetOneTimeLoginAsync(customerAuthId, secret, CredentialType.CustomerAPIKey); if (principal == null) { return(AuthenticateResult.Fail("Invalid authentication provided, access denied.")); } var ticket = new AuthenticationTicket(principal, Options.AuthenticationScheme); return(AuthenticateResult.Success(ticket)); }
public CustomerAuthenticationDTO(CustomerAuthenticationId id, CustomerId customerid, CredentialType credentialtype, string secret, string displayname, DateTime creationtime, UserId createdby, bool isrevoked = false, DateTime?revoketime = null) { Id = id; CustomerId = customerid; CredentialType = credentialtype; Secret = secret; DisplayName = displayname; CreationTime = creationtime; CreatedBy = createdby; IsRevoked = isrevoked; RevokeTime = revoketime; }
private void AddCustomerAuthClaim(ClaimsIdentity identity, CustomerAuthenticationId customerAuthId) { identity.AddClaim(new Claim("customerAuthId", customerAuthId.RawValue.ToString())); }