protected virtual async Task <AuthenticationTicket> CreateTicketAsync(
ClaimsIdentity identity,
AuthenticationProperties properties,
AccessToken token)
{
log.LogDebug("CreateTicketAsync called tokens.ScreenName was " + token.ScreenName);
var context = new TwitterCreatingTicketContext(Context, token.UserId, token.ScreenName, token.Token, token.TokenSecret)
{
Principal = new ClaimsPrincipal(identity),
Properties = properties
};
await Options.Events.CreatingTicket(context);
if (context.Principal?.Identity == null)
{
return(null);
}
ISiteSettings site = siteResolver.Resolve();
if (site != null)
{
Claim siteGuidClaim = new Claim("SiteGuid", site.SiteGuid.ToString());
if (!identity.HasClaim(siteGuidClaim.Type, siteGuidClaim.Value))
{
identity.AddClaim(siteGuidClaim);
}
}
//return new AuthenticationTicket(notification.Principal, notification.Properties, Options.AuthenticationScheme);
return(new AuthenticationTicket(context.Principal, context.Properties, AuthenticationScheme.External));
}
//private string requiredSiteFolder;
//public SiteFolderRouteConstraint(string folderParam)
//{
// requiredSiteFolder = folderParam;
//}
public bool Match(
HttpContext httpContext,
IRouter route,
string parameterName,
IDictionary <string, object> values,
RouteDirection routeDirection)
{
string requestFolder = RequestSiteResolver.GetFirstFolderSegment(httpContext.Request.Path);
//return string.Equals(requiredSiteFolder, requestFolder, StringComparison.CurrentCultureIgnoreCase);
ISiteResolver siteResolver = httpContext.ApplicationServices.GetService <ISiteResolver>();
if (siteResolver != null)
{
try
{
// exceptions expected here until db install scripts have run or if db connection error
ISiteSettings site = siteResolver.Resolve();
if ((site != null) && (site.SiteFolderName == requestFolder))
{
return(true);
}
}
catch
{
// do we need to log this?
}
}
return(false);
}
protected override async Task <AuthenticationTicket> CreateTicketAsync(ClaimsIdentity identity, AuthenticationProperties properties, OAuthTokenResponse tokens)
{
log.LogDebug("CreateTicketAsync called");
var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
var response = await Backchannel.SendAsync(request, Context.RequestAborted);
response.EnsureSuccessStatusCode();
var payload = JObject.Parse(await response.Content.ReadAsStringAsync());
var context = new OAuthCreatingTicketContext(Context, Options, Backchannel, tokens, payload)
{
Properties = properties,
Principal = new ClaimsPrincipal(identity)
};
var identifier = MicrosoftAccountHelper.GetId(payload);
if (!string.IsNullOrEmpty(identifier))
{
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, identifier, ClaimValueTypes.String, Options.ClaimsIssuer));
identity.AddClaim(new Claim("urn:microsoftaccount:id", identifier, ClaimValueTypes.String, Options.ClaimsIssuer));
}
var name = MicrosoftAccountHelper.GetName(payload);
if (!string.IsNullOrEmpty(name))
{
identity.AddClaim(new Claim(ClaimTypes.Name, name, ClaimValueTypes.String, Options.ClaimsIssuer));
identity.AddClaim(new Claim("urn:microsoftaccount:name", name, ClaimValueTypes.String, Options.ClaimsIssuer));
}
var email = MicrosoftAccountHelper.GetEmail(payload);
if (!string.IsNullOrEmpty(email))
{
identity.AddClaim(new Claim(ClaimTypes.Email, email, ClaimValueTypes.String, Options.ClaimsIssuer));
}
await Options.Events.CreatingTicket(context);
ISiteSettings site = siteResolver.Resolve();
if (site != null)
{
Claim siteGuidClaim = new Claim("SiteGuid", site.SiteGuid.ToString());
if (!identity.HasClaim(siteGuidClaim.Type, siteGuidClaim.Value))
{
identity.AddClaim(siteGuidClaim);
}
}
//return new AuthenticationTicket(notification.Principal, notification.Properties, notification.Options.AuthenticationScheme);
return(new AuthenticationTicket(context.Principal, context.Properties, AuthenticationScheme.External));
}
public string GetLayoutName(ViewContext viewContext)
{
ISiteSettings site = siteResolver.Resolve();
if (site == null)
{
return(options.DefaultLayout);
}
string layout = options.DefaultLayout.Replace(".cshtml", string.Empty); // "Default_Layout"
// resolve tenant specific layout file name
if (options.SelectionMode == LayoutSelectionMode.Convention)
{
// with this mode layouts are not shown in a dropdown list in site settings
// so the layout cannot be changed from the UI
// use a convention like Site1Layout.cshtml Site2Layout.cshtml
// based on siteid
layout = string.Format(CultureInfo.InvariantCulture,
options.ConventionFormat,
site.SiteId.ToInvariantString());
}
else
{
// LayoutSelectionMode.Browsing -- this is the default
// in this mode a dropdown list of available layouts is shown
// and the layout can be chosen from the UI
// the list is filtered per tenant using file naming conventions
// where the SiteID is part of the filename format
// ie you could name files like this:
// Site1_dark_Layout.cshtml
// Site1_light_Layout.cshtml
// Site2_supercool_Layout.cshtml
// Site2_autumn_Layout.cshtml
// ...
if (site.Layout.Length > 0)
{
layout = site.Layout.Replace(".cshtml", string.Empty);
}
}
// in all cases we need to determine of the layout file exists
// and if not log something and fallback to a known layout file
var layoutPageResult = viewEngine.FindPage(viewContext, layout);
if (layoutPageResult.Page == null)
{
log.LogError("could not find the layout " + layout);
return(options.DefaultLayout.Replace(".cshtml", string.Empty));
}
log.LogDebug("using the layout " + layout);
return(layout);
}
public CoreDataController(
ISiteResolver siteResolver,
GeoDataManager geoDataManager,
IOptions<UIOptions> uiOptionsAccessor
)
{
Site = siteResolver.Resolve();
dataManager = geoDataManager;
uiOptions = uiOptionsAccessor.Options;
}
public CoreDataController(
ISiteResolver siteResolver,
GeoDataManager geoDataManager,
IOptions <UIOptions> uiOptionsAccessor
)
{
Site = siteResolver.Resolve();
dataManager = geoDataManager;
uiOptions = uiOptionsAccessor.Value;
}
public string GetLayoutName(ViewContext viewContext)
{
ISiteSettings site = siteResolver.Resolve();
if (site == null)
{
return(options.DefaultLayout);
}
string layout = options.DefaultLayout; //"_Layout"
// resolve tenant specific layout file name
if (options.SelectionMode == LayoutSelectionMode.Convention) // this is the default for now
{
// we could use a convention like Site1Layout.cshtml Site2Layout.cshtml
// based on siteid
layout = string.Format(CultureInfo.InvariantCulture, options.ConventionFormat, site.SiteId.ToInvariantString());
}
else
{
// we could store a layout name in ISiteSettings.Skin
// in that case we would need a way to browse layout files from the UI
// and tricky logic or conventions to filter to only layout files so no other views can be chosen
// then if we do that would we need a way to make each tenant not be able to select
// a layout that belongs to another tenant?
// generally I think of multi-tenant for multiple sites owned by the same customer
// so in that case it is not a big issue for one tenant to see the other tenant layouts
// need a way to enumerate layout views in the file system to populate a dropdown
// currently there is no ui for selecting a layout so you would have to set it in the db
// in mp_Sites.Skin field
if (site.Skin.Length > 0)
{
layout = site.Skin.Replace(".cshtml", string.Empty);
}
}
// in all cases we need to determine of the layout file exists
// and if not log something and fallback to a known layout file
var layoutPageResult = viewEngine.FindPage(viewContext, layout);
if (layoutPageResult.Page == null)
{
log.LogError("could not find the layout " + layout);
return(options.DefaultLayout);
}
else
{
//log.LogInformation("found the layout " + layout);
return(layout);
}
}
public TimeZoneInfo GetSiteTimeZone()
{
ISiteSettings site = siteResolver.Resolve();
if ((site != null) && (site.TimeZoneId.Length > 0))
{
return(TimeZoneInfo.FindSystemTimeZoneById(site.TimeZoneId));
}
return(TimeZoneInfo.Utc);
}
public ManageController(
ISiteResolver siteResolver,
SiteUserManager <SiteUser> userManager,
SiteSignInManager <SiteUser> signInManager,
ISmsSender smsSender)
{
Site = siteResolver.Resolve();
this.userManager = userManager;
this.signInManager = signInManager;
// this.emailSender = emailSender;
this.smsSender = smsSender;
}
public ManageController(
ISiteResolver siteResolver,
SiteUserManager<SiteUser> userManager,
SiteSignInManager<SiteUser> signInManager,
ISmsSender smsSender)
{
Site = siteResolver.Resolve();
this.userManager = userManager;
this.signInManager = signInManager;
// this.emailSender = emailSender;
this.smsSender = smsSender;
}
public string GetPrefix()
{
if (options.Mode == MultiTenantMode.FolderName)
{
ISiteSettings site = siteResolver.Resolve();
if ((site != null) && (site.SiteFolderName.Length > 0))
{
return(site.SiteFolderName);
}
}
return(string.Empty);
}
public AccountController(
ISiteResolver siteResolver,
SiteUserManager<SiteUser> userManager,
SiteSignInManager<SiteUser> signInManager,
ISiteMessageEmailSender emailSender,
ISmsSender smsSender,
ILogger<AccountController> logger)
{
Site = siteResolver.Resolve();
this.userManager = userManager;
this.signInManager = signInManager;
//config = configuration;
this.emailSender = emailSender;
this.smsSender = smsSender;
log = logger;
}
public AccountController(
ISiteResolver siteResolver,
SiteUserManager <SiteUser> userManager,
SiteSignInManager <SiteUser> signInManager,
ISiteMessageEmailSender emailSender,
ISmsSender smsSender,
ILogger <AccountController> logger)
{
Site = siteResolver.Resolve();
this.userManager = userManager;
this.signInManager = signInManager;
//config = configuration;
this.emailSender = emailSender;
this.smsSender = smsSender;
log = logger;
}
public Task ValidatePrincipal(CookieValidatePrincipalContext context)
{
ISiteSettings site = siteResolver.Resolve();
if (site == null)
{
return(Task.FromResult(0));
}
Claim siteGuidClaim = new Claim("SiteGuid", site.SiteGuid.ToString());
if (!context.Principal.HasClaim(siteGuidClaim.Type, siteGuidClaim.Value))
{
log.LogInformation("rejecting principal because it does not have siteguid");
context.RejectPrincipal();
}
return(Task.FromResult(0));
}
protected override async Task <AuthenticationTicket> CreateTicketAsync(ClaimsIdentity identity, AuthenticationProperties properties, OAuthTokenResponse tokens)
{
log.LogDebug("CreateTicketAsync called");
//Options.AuthenticationScheme = AuthenticationScheme.External;
var endpoint = QueryHelpers.AddQueryString(Options.UserInformationEndpoint, "access_token", tokens.AccessToken);
if (Options.SendAppSecretProof)
{
endpoint = QueryHelpers.AddQueryString(endpoint, "appsecret_proof", GenerateAppSecretProof(tokens.AccessToken));
}
var response = await Backchannel.GetAsync(endpoint, Context.RequestAborted);
response.EnsureSuccessStatusCode();
var payload = JObject.Parse(await response.Content.ReadAsStringAsync());
var notification = new OAuthAuthenticatedContext(Context, Options, Backchannel, tokens, payload)
{
Properties = properties,
Principal = new ClaimsPrincipal(identity)
};
var identifier = FacebookAuthenticationHelper.GetId(payload);
if (!string.IsNullOrEmpty(identifier))
{
log.LogDebug("CreateTicketAsync FacebookAuthenticationHelper.GetId(payload) " + identifier);
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, identifier, ClaimValueTypes.String, Options.ClaimsIssuer));
}
var userName = FacebookAuthenticationHelper.GetUserName(payload);
if (!string.IsNullOrEmpty(userName))
{
log.LogDebug("CreateTicketAsync FacebookAuthenticationHelper.GetUserName(payload) " + userName);
identity.AddClaim(new Claim(ClaimsIdentity.DefaultNameClaimType, userName, ClaimValueTypes.String, Options.ClaimsIssuer));
}
var email = FacebookAuthenticationHelper.GetEmail(payload);
if (!string.IsNullOrEmpty(email))
{
log.LogDebug("CreateTicketAsync FacebookAuthenticationHelper.GetEmail(payload) " + email);
identity.AddClaim(new Claim(ClaimTypes.Email, email, ClaimValueTypes.String, Options.ClaimsIssuer));
}
var name = FacebookAuthenticationHelper.GetName(payload);
if (!string.IsNullOrEmpty(name))
{
log.LogDebug("CreateTicketAsync FacebookAuthenticationHelper.GetName(payload) " + name);
identity.AddClaim(new Claim("urn:facebook:name", name, ClaimValueTypes.String, Options.ClaimsIssuer));
// Many Facebook accounts do not set the UserName field. Fall back to the Name field instead.
if (string.IsNullOrEmpty(userName))
{
identity.AddClaim(new Claim(identity.NameClaimType, name, ClaimValueTypes.String, Options.ClaimsIssuer));
}
}
var link = FacebookAuthenticationHelper.GetLink(payload);
if (!string.IsNullOrEmpty(link))
{
log.LogDebug("CreateTicketAsync FacebookAuthenticationHelper.GetLink(payload) " + link);
identity.AddClaim(new Claim("urn:facebook:link", link, ClaimValueTypes.String, Options.ClaimsIssuer));
}
log.LogDebug("CreateTicketAsync notification.Options.AuthenticationScheme " + notification.Options.AuthenticationScheme);
await Options.Notifications.Authenticated(notification);
ISiteSettings site = siteResolver.Resolve();
if (site != null)
{
Claim siteGuidClaim = new Claim("SiteGuid", site.SiteGuid.ToString());
if (!identity.HasClaim(siteGuidClaim.Type, siteGuidClaim.Value))
{
identity.AddClaim(siteGuidClaim);
}
}
log.LogDebug("CreateTicketAsync notification.Principal " + notification.Principal.Identity.Name.ToString());
//https://github.com/aspnet/Security/blob/dev/src/Microsoft.AspNet.Authentication/AuthenticationTicket.cs
//return new AuthenticationTicket(notification.Principal, notification.Properties, notification.Options.AuthenticationScheme);
return(new AuthenticationTicket(notification.Principal, notification.Properties, AuthenticationScheme.External));
}
protected override async Task <AuthenticationTicket> CreateTicketAsync(
ClaimsIdentity identity,
AuthenticationProperties properties,
OAuthTokenResponse tokens)
{
log.LogDebug("CreateTicketAsync called tokens.AccessToken was " + tokens.AccessToken);
// Get the Google user
var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
var response = await Backchannel.SendAsync(request, Context.RequestAborted);
//string r = await response.Content.ReadAsStringAsync();
//log.LogInformation(r);
response.EnsureSuccessStatusCode();
var payload = JObject.Parse(await response.Content.ReadAsStringAsync());
var notification = new OAuthAuthenticatedContext(Context, Options, Backchannel, tokens, payload)
{
Properties = properties,
Principal = new ClaimsPrincipal(identity)
};
var identifier = GoogleAuthenticationHelper.GetId(payload);
if (!string.IsNullOrEmpty(identifier))
{
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, identifier, ClaimValueTypes.String, Options.ClaimsIssuer));
}
var givenName = GoogleAuthenticationHelper.GetGivenName(payload);
if (!string.IsNullOrEmpty(givenName))
{
identity.AddClaim(new Claim(ClaimTypes.GivenName, givenName, ClaimValueTypes.String, Options.ClaimsIssuer));
}
var familyName = GoogleAuthenticationHelper.GetFamilyName(payload);
if (!string.IsNullOrEmpty(familyName))
{
identity.AddClaim(new Claim(ClaimTypes.Surname, familyName, ClaimValueTypes.String, Options.ClaimsIssuer));
}
var name = GoogleAuthenticationHelper.GetName(payload);
if (!string.IsNullOrEmpty(name))
{
identity.AddClaim(new Claim(ClaimTypes.Name, name, ClaimValueTypes.String, Options.ClaimsIssuer));
}
var email = GoogleAuthenticationHelper.GetEmail(payload);
if (!string.IsNullOrEmpty(email))
{
identity.AddClaim(new Claim(ClaimTypes.Email, email, ClaimValueTypes.String, Options.ClaimsIssuer));
}
var profile = GoogleAuthenticationHelper.GetProfile(payload);
if (!string.IsNullOrEmpty(profile))
{
identity.AddClaim(new Claim("urn:google:profile", profile, ClaimValueTypes.String, Options.ClaimsIssuer));
}
await Options.Notifications.Authenticated(notification);
ISiteSettings site = siteResolver.Resolve();
if (site != null)
{
Claim siteGuidClaim = new Claim("SiteGuid", site.SiteGuid.ToString());
if (!identity.HasClaim(siteGuidClaim.Type, siteGuidClaim.Value))
{
identity.AddClaim(siteGuidClaim);
}
}
//return new AuthenticationTicket(notification.Principal, notification.Properties, notification.Options.AuthenticationScheme);
return(new AuthenticationTicket(notification.Principal, notification.Properties, AuthenticationScheme.External));
}