public override async Task AuthenticateLocalAsync(LocalAuthenticationContext context) { var user = await _userRepository.GetAsync(context.UserName, HashHelper.Sha512(context.Password)); context.AuthenticateResult = user == null ? new AuthenticateResult("Incorrect credentials") : new AuthenticateResult(user.Username, user.Username); }
public override Task <BitJwtToken> LocalLogin(LocalAuthenticationContext context, CancellationToken cancellationToken) { string userName = context.UserName; string password = context.Password; string activeDirectoryName = AppEnvironment.GetConfig <string>(AppEnvironment.KeyValues.IdentityServer.ActiveDirectoryName); using (PrincipalContext principalContext = new PrincipalContext(ContextType.Domain, activeDirectoryName)) { string userNameAsWinUserName = userName; if (!userNameAsWinUserName.Contains(activeDirectoryName)) { userNameAsWinUserName = $"{activeDirectoryName}\\{userNameAsWinUserName}"; } if (principalContext.ValidateCredentials(userNameAsWinUserName, password)) { using (UserPrincipal user = UserPrincipal.FindByIdentity(principalContext, IdentityType.SamAccountName, userNameAsWinUserName)) { if (user != null) { return(Task.FromResult(new BitJwtToken { UserId = user.Sid.Value })); } } } } throw new DomainLogicException("UserInActiveDirectoryCouldNotBeFound"); }
public async Task UpdateFromMember() { var member = new Member { Id = Guid.NewGuid(), Email = "*****@*****.**", FirstName = "UpdatedFirst", LastName = "UpdatedLast" }; var acct = GetSampleAccount(); acct.MemberId = member.Id; var args = new UserServiceBuilder(); args.DB.Add(acct); args.Members.Setup(f => f.GetMember(member.Id)).Returns(Task.FromResult(member)); var svc = args.Build(); var ctx = new LocalAuthenticationContext { UserName = Username, Password = Password }; args.DB.SaveChangesCount = 0; await svc.AuthenticateLocalAsync(ctx); ctx.AuthenticateResult.IsError.Should().BeFalse(); args.DB.SaveChangesCount.Should().Be(1); acct.Email.Should().Be(member.Email); acct.FirstName.Should().Be(member.FirstName); acct.LastName.Should().Be(member.LastName); }
/// <summary> /// This methods gets called for local authentication (whenever the user uses the username and password dialog). /// </summary> /// <param name="context">The context.</param> /// <returns></returns> public override async Task AuthenticateLocalAsync(LocalAuthenticationContext context) { User user = await _users.FindOneAsync(u => u.Username == context.UserName); if (user != null) { if (user.Locked) { context.AuthenticateResult = new AuthenticateResult("El usuario está bloqueado."); return; } bool ok = Crypto.VerifyHashedPassword(user.Password, context.Password); if (ok) { // agregar claim para security stamp? context.AuthenticateResult = new AuthenticateResult(user.Id, GetDisplayName(user)); } else { // access failed context.AuthenticateResult = new AuthenticateResult("El usuario o la contraseña ingresados son incorrectos."); return; } } }
public async Task MissingMember() { var member = new Member { Id = Guid.NewGuid(), Email = "*****@*****.**", FirstName = "UpdatedFirst", LastName = "UpdatedLast" }; var acct = GetSampleAccount(); acct.MemberId = member.Id; var args = new UserServiceBuilder(); args.DB.Add(acct); args.Logger.Setup(f => f.Error(LogStrings.LinkedMemberNotFound, acct)); args.Members.Setup(f => f.GetMember(member.Id)).Returns(Task.FromResult((Member)null)); var svc = args.Build(); var ctx = new LocalAuthenticationContext { UserName = Username, Password = Password }; args.DB.SaveChangesCount = 0; await svc.AuthenticateLocalAsync(ctx); ctx.AuthenticateResult.IsError.Should().BeTrue(); ctx.AuthenticateResult.ErrorMessage.Should().Be(Strings.AccountLocked); }
public override async Task AuthenticateLocalAsync(LocalAuthenticationContext context) { if (!string.IsNullOrEmpty(context.UserName)) { context.AuthenticateResult = new AuthenticateResult(context.UserName, context.UserName); } }
public override async Task AuthenticateLocalAsync(LocalAuthenticationContext ctx) { var username = ctx.UserName; var password = ctx.Password; var message = ctx.SignInMessage; ctx.AuthenticateResult = null; IUserStoreService service = GetUserStoreService(message.ClientId); var user = service.GetUser(ctx.UserName, ctx.Password); if (user != null) { var result = await PostAuthenticateLocalAsync(user, message); if (result == null) { var claims = GetUserClaims(user); result = new AuthenticateResult(user.Id.ToString(), user.DisplayName, claims); } ctx.AuthenticateResult = result; } else { ctx.AuthenticateResult = new AuthenticateResult("User cannot be authenticated due to incorrect credentials"); } }
public override async Task AuthenticateLocalAsync(LocalAuthenticationContext context) { if (Membership.ValidateUser(context.UserName, context.Password)) { return; } using (var ctx = new ncelsEntities()) { var user = await ctx.aspnet_Users.FirstOrDefaultAsync(x => x.UserName == context.UserName); if (user == null) { return; } var authenticateResult = GetAuthenticateResult(new InMemoryUser { Username = user.UserName, Subject = user.UserName, Claims = new[] { new Claim(Constants.ClaimTypes.GivenName, user.UserName) } }); context.AuthenticateResult = authenticateResult; } }
public void AuthenticateLocalAsync_UserValidationFails_AuthenticateResultIsNull() { // Arrange var options = new MembershipOptions(); var membershipService = A.Fake <IMembershipService>(); var roleService = A.Fake <IRoleService>(); var context = new LocalAuthenticationContext { UserName = "******", Password = "******" }; A.CallTo(() => membershipService.GetUserAsync("*****@*****.**")) .Returns(Task.FromResult(new MembershipUser { IsLockedOut = false })); A.CallTo(() => membershipService.ValidateUser("*****@*****.**", "password123")) .Returns(Task.FromResult(false)); var service = new MembershipUserService(options, membershipService, roleService); // Act service.AuthenticateLocalAsync(context).Wait(); // Assert context.AuthenticateResult.Should().BeNull(); A.CallTo(() => membershipService.GetUserAsync("*****@*****.**")).MustHaveHappened(); A.CallTo(() => membershipService.ValidateUser("*****@*****.**", "password123")).MustHaveHappened(); }
/// <summary>Authenticate the User locally</summary> /// <param name="context">Context</param> public override async Task AuthenticateLocalAsync(LocalAuthenticationContext context) { context.AuthenticateResult = null; if (string.IsNullOrWhiteSpace(context.UserName)) { return; } var user = await membershipService.GetUserAsync(context.UserName).ConfigureAwait(false); if (user == null || user.IsLockedOut) { return; } if (!await membershipService.ValidateUser(context.UserName, context.Password).ConfigureAwait(false)) { return; } var claims = GetClaimsFromAccount(user); context.AuthenticateResult = new AuthenticateResult(user.UserId.ToString("N"), user.UserName, claims); }
public virtual async Task AuthenticateLocalAsync(LocalAuthenticationContext context, CancellationToken cancellationToken) { if (context == null) { throw new ArgumentNullException(nameof(context)); } try { if (context.AuthenticateResult == null) { BitJwtToken bitJwtToken = await LocalLogin(context, cancellationToken).ConfigureAwait(false); AuthenticateResult result = new AuthenticateResult(bitJwtToken.UserId, bitJwtToken.UserId, BuildClaimsFromBitJwtToken(bitJwtToken), authenticationMethod: "custom"); context.AuthenticateResult = result; } } catch (Exception ex) { ScopeStatusManager.MarkAsFailed("LocalLogin_Failed"); if (context.AuthenticateResult == null && ExceptionToHttpErrorMapper.IsKnownError(ex)) { context.AuthenticateResult = new AuthenticateResult(ExceptionToHttpErrorMapper.GetMessage(ex)); } else { throw; } } await base.AuthenticateLocalAsync(context).ConfigureAwait(false); }
public override Task AuthenticateLocalAsync(LocalAuthenticationContext context) { //TODO RO FLOW to Azure AD Tenant, see unit tests for prototype. return(base.AuthenticateLocalAsync(context)); }
public override async Task AuthenticateLocalAsync(LocalAuthenticationContext ctx) { var clientId = ctx.SignInMessage.ClientId; if (clientId == null) { var isWsfpRequest = WsFedProtocolHelper.IsWsFedProtocolRequest(ctx.SignInMessage.ReturnUrl); Ensure.Equal(isWsfpRequest, true); var realm = WsFedProtocolHelper.GetRealm(ctx.SignInMessage.ReturnUrl); var wsfp = _tenantService.GetWsFedProtocolMappingByRealm(realm); var mapping = _tenantService.GetClientMapping(wsfp.Realm); _schema = mapping.TenantId; } else if (clientId == AppSettings.IamClientId) { _schema = ctx.SignInMessage.Tenant; } else { var mapping = _tenantService.GetClientMapping(clientId); _schema = mapping.TenantId; } ((IamUserManager)userManager).IdsUserStore.IdsContext.CacheKey = _schema; await base.AuthenticateLocalAsync(ctx); }
public Task AuthenticateLocalAsync(LocalAuthenticationContext context) { var user = _userRepository.Find(context.UserName); //check if passwords match against user column //My password was hashed, //so I had to hash it with the saved salt first and then compare. if (user.Password == context.Password) { context.AuthenticateResult = new AuthenticateResult( user.UserId.ToString(), user.Email, //I set up some claims new Claim[] { //Firstname and Surname are DB columns mapped to User object (from table [User]) new Claim(Constants.ClaimTypes.Name, user.Firstname + " " + user.Surname), new Claim(Constants.ClaimTypes.Email, user.Email), new Claim(Constants.ClaimTypes.Role, user.Role.ToString()), //custom claim new Claim("company", user.Company) } ); } return(Task.FromResult(0)); }
public async override Task <BitJwtToken> LocalLogin(LocalAuthenticationContext context, CancellationToken cancellationToken) { if (context.SignInMessage.TryGetValueFromAcr("x", out string x)) { Logger.AddLogData("x", x); } if (context.SignInMessage.TryGetValueFromAcr("y", out string y)) { Logger.AddLogData("y", y); } Logger.AddLogData("username", context.UserName); Logger.AddLogData("password", context.Password); LocalUser user = _localUsers.SingleOrDefault(u => u.UserId == context.UserName && u.Password == context.Password); if (user == null) { throw new DomainLogicException("LoginFailed"); } BitJwtToken jwtToken = new BitJwtToken { UserId = user.UserId }; jwtToken.CustomProps.Add("custom-data", "test"); return(jwtToken); }
public override Task AuthenticateLocalAsync(LocalAuthenticationContext context) { var username = context.UserName; var password = context.Password; var message = context.SignInMessage; if (message != null) { var tenant = message.Tenant; if (username == password) { var claims = new List <Claim> { new Claim("account_store", tenant) }; var result = new AuthenticateResult("123", username, claims: claims, authenticationMethod: "custom"); context.AuthenticateResult = new AuthenticateResult("123", username, claims); } } return(Task.FromResult(0)); }
public async Task AuthenticateLocalAsync(LocalAuthenticationContext context) { var signInData = Mapper.Map <SignInMessage, SignInData>(context.SignInMessage); var result = await domainService.AuthenticateLocalAsync(context.UserName, context.Password, signInData); context.AuthenticateResult = Mapper.Map <AuthenticationResult, AuthenticateResult>(result); }
public override async Task AuthenticateLocalAsync(LocalAuthenticationContext context) { var form = await ctx.Request.ReadFormAsync(); var extra = form["extra"]; await base.AuthenticateLocalAsync(context); }
public override async Task AuthenticateLocalAsync(LocalAuthenticationContext context) { string username = context.UserName; string password = context.Password; try { using (PrincipalContext principalContext = new PrincipalContext(ContextType.Domain, _activeDirectoryName)) { string userNameAsWinUserName = username; if (!userNameAsWinUserName.Contains(_activeDirectoryName)) { userNameAsWinUserName = $"{_activeDirectoryName}\\{userNameAsWinUserName}"; } if (principalContext.ValidateCredentials(userNameAsWinUserName, password)) { using ( UserPrincipal user = UserPrincipal.FindByIdentity(principalContext, IdentityType.SamAccountName, userNameAsWinUserName)) { if (user == null) { throw new InvalidOperationException("LoginFailed"); } List <Claim> claims = new List <Claim> { new Claim("sub", user.Sid.Value), new Claim("primary_sid", user.Sid.Value), new Claim("upn", user.UserPrincipalName), new Claim("name", user.Name), new Claim("given_name", user.GivenName) }; AuthenticateResult result = new AuthenticateResult(user.SamAccountName, user.SamAccountName, claims, authenticationMethod: "custom"); context.AuthenticateResult = result; } } else { throw new InvalidOperationException("LoginFailed"); } } await base.AuthenticateLocalAsync(context); } catch { AuthenticateResult result = new AuthenticateResult("LoginFailed"); context.AuthenticateResult = result; } }
public void AuthenticatedUserClaimsAreGeneratedWhenPasswordMatches() { var context = new LocalAuthenticationContext { UserName = AccountName, Password = Password }; Task task = sut.AuthenticateLocalAsync(context); AssertAuthenticatedUserClaims(task, context.AuthenticateResult); }
public override async Task AuthenticateLocalAsync(LocalAuthenticationContext context) { var user = await _userRepository .GetUserAsync(context.UserName, context.Password); context.AuthenticateResult = user == null ? new AuthenticateResult("Invalid credentials") : new AuthenticateResult(user.Subject, user.UserName); }
public override Task <string> GetUserIdByLocalAuthenticationContextAsync(LocalAuthenticationContext context, CancellationToken cancellationToken) { if (context.UserName == context.Password) { return(Task.FromResult(context.UserName)); } throw new DomainLogicException("LoginFailed"); }
public async Task AuthenticateLocalAsync(LocalAuthenticationContext context) { var user = await _userService.GetUser(context.UserName, context.Password.Sha256()); if (user != null) { context.AuthenticateResult = new AuthenticateResult(user.Subject, user.Username); } }
public override async Task AuthenticateLocalAsync(LocalAuthenticationContext context) { var form = await ctx.Request.ReadFormAsync(); var password = form["password"]; context.Password = Utils.md5Unicodebase64(password); await base.AuthenticateLocalAsync(context); }
public async override Task AuthenticateLocalAsync(LocalAuthenticationContext context) { if (OnAuthenticateLocal != null) { await OnAuthenticateLocal(context); } else { await base.AuthenticateLocalAsync(context); } }
public override Task <BitJwtToken> LocalLogin(LocalAuthenticationContext context, CancellationToken cancellationToken) { if (context.UserName == context.Password) { return(Task.FromResult(new BitJwtToken { UserId = context.UserName })); } throw new DomainLogicException("LoginFailed"); }
/// <inheritdoc/> public override async Task AuthenticateLocalAsync(LocalAuthenticationContext context) { IdSrvUserDto user = await this.UserRepository.GetUserByUserNameAndPasswordAsync(context.UserName, context.Password); if (user != null) { context.AuthenticateResult = user.IsBlocked ? new AuthenticateResult(errorMessage: $"User \"{user.UserName}\" is blocked") : new AuthenticateResult(user.Id.ToString(), user.UserName); } }
public override Task AuthenticateLocalAsync(LocalAuthenticationContext context) { var user = Users.SingleOrDefault(x => x.Username == context.UserName && x.Password == context.Password); if (user != null) { context.AuthenticateResult = new AuthenticateResult(user.Subject, user.Username); } return(Task.FromResult(0)); }
/// <summary> /// 使用username password自定义登录 /// </summary> /// <param name="context"></param> /// <returns></returns> public override Task AuthenticateLocalAsync(LocalAuthenticationContext context) { var signInMessage = context.SignInMessage; var user = UserBiz.CheckLogin(context.UserName, context.Password); if (user != null) { context.AuthenticateResult = new AuthenticateResult(user.Subject, user.Username); } return(Task.FromResult(0)); }
public void EmptyResultIsReturnedWhenPasswordDoesNotMatch() { var context = new LocalAuthenticationContext { UserName = AccountName, Password = Password }; identityManagementUserService.IsMatchingPassword(AccountName, Password).Returns(false); Task task = sut.AuthenticateLocalAsync(context); AssertEmptyResult(task, context.AuthenticateResult); }