public async Task <IHttpActionResult> PostToken(Guid accountProductId, bool setAsDefault = false) { return(await CurrentAccountExecuteAsync(async delegate(Account user) { if (!user.IsActivated && !user.IsAnonymous) { return AccountNotActivated(); } AuthenticationTicket ticket; var sessionId = UserManagerHelper.Session(Request, out ticket); var sessions = await _auth.SessionTokensGetAsync(user.Id); var sessionToken = sessions.FirstOrDefault(e => e.Id == sessionId); if (object.Equals(sessionToken, null)) { return AccountUnauthorized(); } var products = await _authProduct.AccountProductsGetAsync(sessionToken.AccountId, sessionToken.SystemId); var scopeWorker = SaaSScopeWorkerFactory.Create(sessionToken.Scope); scopeWorker.FilterProducts(products, sessionToken); var product = products.FirstOrDefault(e => e.AccountProductId == accountProductId && !e.IsDisabled); return await PostToken(products, product, sessions, sessionToken, user, ticket); })); }
internal async Task <IHttpActionResult> PostToken(List <ViewAccountProduct> products, ViewAccountProduct product, List <SessionToken> sessions, SessionToken session, Account user, AuthenticationTicket ticket) { if (object.Equals(product, null)) { return(ProductNotFound()); } var scopeWorker = SaaSScopeWorkerFactory.Create(session.Scope, _auth, _authProduct); if (!scopeWorker.ValidateSessionTokenAsync(user, sessions, session, product)) { return(ErrorContent("invalid_grant", "You are logged into too many devices.", HttpStatusCode.Conflict)); } if (!await scopeWorker.ValidateAccountSystemAsync(user, session, product)) { return(ErrorContent("invalid_grant", "Your license is currently associated with another device.", HttpStatusCode.Conflict)); } var modules = UserManagerHelper.GetAllowedModules(products, product.AccountProductId, ticket.Identity); var activeProducts = UserManagerHelper.GetActiveProducts(products, modules, product.AccountProductId); var moduleFeatures = AccountController.GetModuleFeatures(product, modules); var client = GetClient(session.ClientId); var oldId = OauthManager.UpdateTicket(user, session, ticket, product, client); await _auth.SessionTokenInsertAsync(session, oldId, false, product.IsPPC); return(Ok(OauthManager.ReleaseToken(session, ticket, modules, moduleFeatures, activeProducts, user))); }
public async Task <IHttpActionResult> PostToken() { return(await CurrentAccountExecuteAsync(async delegate(Account user) { AuthenticationTicket ticket; var sessionId = UserManagerHelper.Session(Request, out ticket); var sessions = await _auth.SessionTokensGetAsync(user.Id); var sessionToken = sessions.FirstOrDefault(e => e.Id == sessionId); if (object.Equals(sessionToken, null)) { return AccountUnauthorized(); } var products = await _authProduct.AccountProductsGetAsync(sessionToken.AccountId, sessionToken.SystemId); var scopeWorker = SaaSScopeWorkerFactory.Create(sessionToken.Scope); scopeWorker.FilterProducts(products, sessionToken); var offeringProducts = products.Where(e => !e.IsDisabled && !e.IsMinor && !e.IsPPC); var product = offeringProducts.FirstOrDefault(e => !e.IsFree) ?? offeringProducts.FirstOrDefault(); return await PostToken(products, product, sessions, sessionToken, user, ticket); })); }
private async Task <SessionTokenProducts> GetSessionTokenProducts() { AuthenticationTicket ticket; var session = UserManagerHelper.Session(Request, out ticket); var sessionToken = await _auth.SessionTokenGetAsync(session); if (object.Equals(sessionToken, null)) { return(new SessionTokenProducts()); } var products = await _authProduct.AccountProductsGetAsync(sessionToken.AccountId, sessionToken.SystemId); var scopeWorker = SaaSScopeWorkerFactory.Create(sessionToken.Scope); scopeWorker.FilterProducts(products, sessionToken); return(new SessionTokenProducts(sessionToken, products)); }
public async Task <IHttpActionResult> RegisterAnonymous(RegisterAnonymousViewModel model, Guid?visitorId = null) { try { var account = await _auth.AccountAnonymousCreateAsync(model.Password); if (object.Equals(account, null)) { return(AccountNotFound()); } var client = GetClient(model.client_id); if (object.Equals(client, null)) { return(ClientNotFound()); } var identity = new ClaimsIdentity(Startup.OAuthBearerOptions.AuthenticationType); var session = Guid.NewGuid(); var properties = new Dictionary <string, string> { { "session", session.ToString("N") } }; identity.AddClaim(ClaimTypes.NameIdentifier, account.Id); identity.AddClaim(ClaimTypes.Name, account.Email); identity.AddClaims(account, client); var ticket = new AuthenticationTicket(identity, new AuthenticationProperties(properties)); var issued = DateTime.UtcNow; var expires = issued.Add(Startup.OAuthServerOptions.AccessTokenExpireTimeSpan); var token = new SessionToken { Id = session, AccountId = account.Id, ClientId = client.Id, ClientVersion = model.client_version, IssuedUtc = issued, ExpiresUtc = expires }; ticket.Properties.IssuedUtc = issued; ticket.Properties.ExpiresUtc = expires; token.ProtectedTicket = Startup.OAuthServerOptions.AccessTokenFormat.Protect(ticket); var scopeWorker = SaaSScopeWorkerFactory.Create("webeditor", _auth, _authProduct); await scopeWorker.SessionTokenInsertAsync(token, null); await _auth.AccountVisitorIdSetAsync(account, visitorId); return(Ok(new { access_token = token.ProtectedTicket, token_type = ticket.Identity.AuthenticationType, expires_in = (int)(ticket.Properties.ExpiresUtc - ticket.Properties.IssuedUtc).Value.TotalSeconds, refresh_token = token.Id.ToString("N"), issued = ticket.Properties.IssuedUtc, expires = ticket.Properties.ExpiresUtc, email = account.Email, firstName = account.FirstName, lastName = account.LastName, status = account.GetStatus() })); } catch (Exception exc) { return(Request.HttpExceptionResult(exc)); } }