private async Task <TicketResult> RemoveAsync(AuthenticationTokenReceiveContext context) { TicketResult result = new TicketResult(); StoreKeyFunc = StoreKeyFunc ?? ((ctx, token) => token); string key = StoreKeyFunc(context.Ticket, context.Token); IDatabase database = _redis.GetDatabase(_configuration.Db); byte[] ticket = await database.StringGetAsync(key); if (ticket != null) { TicketSerializer serializer = new TicketSerializer(); result.Ticket = serializer.Deserialize(ticket); result.Deleted = await database.KeyDeleteAsync(key); } else { await database.KeyDeleteAsync(context.Token); } return(result); }
public void NewSerializerCanReadInteropTicket() { var identity = new ClaimsIdentity("scheme"); identity.AddClaim(new Claim("Test", "Value")); var expires = DateTime.Today; var issued = new DateTime(1979, 11, 11); var properties = new Owin.Security.AuthenticationProperties(); properties.IsPersistent = true; properties.RedirectUri = "/redirect"; properties.Dictionary["key"] = "value"; properties.ExpiresUtc = expires; properties.IssuedUtc = issued; var interopTicket = new Owin.Security.AuthenticationTicket(identity, properties); var interopSerializer = new AspNetTicketSerializer(); var bytes = interopSerializer.Serialize(interopTicket); var newSerializer = new TicketSerializer(); var newTicket = newSerializer.Deserialize(bytes); Assert.NotNull(newTicket); Assert.Equal(1, newTicket.Principal.Identities.Count()); var newIdentity = newTicket.Principal.Identity as ClaimsIdentity; Assert.NotNull(newIdentity); Assert.Equal("scheme", newIdentity.AuthenticationType); Assert.True(newIdentity.HasClaim(c => c.Type == "Test" && c.Value == "Value")); Assert.NotNull(newTicket.Properties); Assert.True(newTicket.Properties.IsPersistent); Assert.Equal("/redirect", newTicket.Properties.RedirectUri); Assert.Equal("value", newTicket.Properties.Items["key"]); Assert.Equal(expires, newTicket.Properties.ExpiresUtc); Assert.Equal(issued, newTicket.Properties.IssuedUtc); }
public AuthenticationTicket Unprotect(string text) { var protectedData = Encoding.UTF8.GetBytes(text); var ticket = serializer.Deserialize(protectedData); return(ticket); }
public AuthenticateResult Authenticate(HttpContextBase contextBase) { if (!contextBase.Request.Browser.Cookies) { logger.LogWarning("This browser doesnot support cookies, so cookie based authentication is disabled"); return(AuthenticateResult.NoResult()); } var authCookie = contextBase.Request.Cookies.Get(AuthConstants.AUTH_COOKIE_NM); if (authCookie != null) { try { var unprotectedCookieBytes = dataProtector.UnProtect(Convert.FromBase64String(authCookie.Value)); var ticket = serializer.Deserialize(unprotectedCookieBytes); logger.LogDebug("Cookie authentication succeeded"); return(AuthenticateResult.Success(ticket)); } catch (Exception) { return(AuthenticateResult.Fail($"Unable to extract cookie '{AuthConstants.AUTH_COOKIE_NM}', cookie might be damaged/modified")); } } logger.LogDebug("Cookie authentication failed"); return(AuthenticateResult.NoResult()); }
public async Task ReceiveAsync(AuthenticationTokenReceiveContext context) { var db = context.OwinContext.Get <ApplicationDbContext>(); string hash = GetStringSha256Hash(context.Token); RefreshToken foundToken = db.RefreshTokens.Where(t => t.TokenHash == hash && t.ExpiresAtUtc > DateTime.UtcNow && !t.Revoked ).FirstOrDefault(); //RefreshToken foundToken = tokens.Where(t => // t.TokenHash == hash && // t.ExpiresAtUtc > DateTime.UtcNow && // !t.Revoked //).FirstOrDefault(); if (foundToken != null) { byte[] serializedTicket = Convert.FromBase64String( ServerUtils.StringCipher.Decrypt( foundToken.EncryptedTicket, context.Token)); TicketSerializer serializer = new TicketSerializer(); AuthenticationTicket ticket = serializer.Deserialize(serializedTicket); context.SetTicket(ticket); } }
public T Unprotect(string protectedText, string purpose) { TicketSerializer _serializer = new TicketSerializer(); byte[] bytes = Convert.FromBase64String(protectedText); return(_serializer.Deserialize(bytes) as T); }
public AuthenticationTicket Unprotect(string text) { var protectedData = Convert.FromBase64String(text); var ticket = serializer.Deserialize(protectedData); return(ticket); }
T ISecureDataFormat <T> .Unprotect(string protectedText) { TicketSerializer _serializer = new TicketSerializer(); byte[] bytes = Convert.FromBase64String(protectedText); return(_serializer.Deserialize(bytes) as T); }
public AuthenticationTicket Unprotect(string text) { var protectedData = _encoder.Decode(text); var ticketData = _protector.Unprotect(protectedData); var ticket = _serializer.Deserialize(ticketData); return(ticket); }
public async Task <AuthenticationTicket> RetrieveAsync(string key) { var session = await _sessionStorage.GetAsync(key); if (session == default(Session)) { return(default(AuthenticationTicket)); } var ticket = _ticketSerializer.Deserialize(session.SerializedTicket); return(ticket); }
public async Task ReceiveAsync(AuthenticationTokenReceiveContext context) { var entities = new ApplicationDbContext(); var repo = new ApplicationRepository(entities); var hashedToken = GetHash(context.Token); var refreshToken = await repo.RefreshTokens.GetByIdAsync(hashedToken); if (refreshToken != null) { //Get protectedTicket from refreshToken class //context.DeserializeTicket(refreshToken.ProtectedTicket); TicketSerializer serializer = new TicketSerializer(); context.SetTicket(serializer.Deserialize(System.Text.Encoding.Default.GetBytes(refreshToken.ProtectedTicket))); //await repo.RefreshTokens.DeleteAndSaveAsync(hashedToken); } }
private TicketResult Remove(AuthenticationTokenReceiveContext context) { TicketResult result = new TicketResult(); RedisKeyGenerator = RedisKeyGenerator ?? ((ctx, token) => token); string key = RedisKeyGenerator(context.Ticket, context.Token); byte[] ticket = Db.StringGet(key); if (ticket.Length > default(int)) { TicketSerializer serializer = new TicketSerializer(); result.Ticket = serializer.Deserialize(ticket); result.Deleted = Db.KeyDelete(key); } return(result); }
public static IEnumerable <Claim> Decode(string encodedValue) { if (string.IsNullOrEmpty(encodedValue)) { return(Enumerable.Empty <Claim>()); } var serializer = new TicketSerializer(); try { var ticket = serializer.Deserialize(Convert.FromBase64String(encodedValue)); return(ticket.Principal.Claims); } catch (Exception) { return(Enumerable.Empty <Claim>()); } }
public async Task ReceiveAsync(AuthenticationTokenReceiveContext context) { string clientId = context.OwinContext.Get <string>("as:client_id"); string ticket = refreshTokenService.GetAuthenticationTicket(new Guid(context.Token), clientId); if (!string.IsNullOrEmpty(ticket) && !string.IsNullOrWhiteSpace(ticket)) { context.SetTicket(serializer.Deserialize(System.Text.Encoding.Default.GetBytes(ticket))); var command = new ReduceRefreshTokenTTL() { ClientId = clientId, RefreshToken = Guid.Parse(context.Token), AuthenticationTicket = ticket, TTL = ttlChange }; this.commandBus.Send(command); } }
private TicketResult Remove(AuthenticationTokenReceiveContext context) { TicketResult result = new TicketResult(); StoreKeyFunc = StoreKeyFunc ?? ((ctx, token) => token); string key = StoreKeyFunc(context.Ticket, context.Token); IDatabase database = _redis.GetDatabase(_configuration.Db); byte[] ticket = database.StringGet(key); if (ticket.Length > default(int)) { TicketSerializer serializer = new TicketSerializer(); result.Ticket = serializer.Deserialize(ticket); result.Deleted = database.KeyDelete(key); } return(result); }
private async Task <TicketResult> RemoveAsync(AuthenticationTokenReceiveContext context) { TicketResult result = new TicketResult(); RedisKeyGenerator = RedisKeyGenerator ?? ((ctx, token) => token); string key = RedisKeyGenerator(context.Ticket, context.Token); byte[] ticket = await Db.StringGetAsync(key); if (ticket != null) { TicketSerializer serializer = new TicketSerializer(); result.Ticket = serializer.Deserialize(ticket); result.Deleted = await Db.KeyDeleteAsync(key); } else { await Db.KeyDeleteAsync(context.Token); } return(result); }
public void NewSerializerCanReadInteropTicket() { var identity = new ClaimsIdentity("scheme"); identity.AddClaim(new Claim("Test", "Value")); var expires = DateTime.Today; var issued = new DateTime(1979, 11, 11); var properties = new Owin.Security.AuthenticationProperties(); properties.IsPersistent = true; properties.RedirectUri = "/redirect"; properties.Dictionary["key"] = "value"; properties.ExpiresUtc = expires; properties.IssuedUtc = issued; var interopTicket = new Owin.Security.AuthenticationTicket(identity, properties); var interopSerializer = new AspNetTicketSerializer(); var bytes = interopSerializer.Serialize(interopTicket); var newSerializer = new TicketSerializer(); var newTicket = newSerializer.Deserialize(bytes); Assert.NotNull(newTicket); Assert.Equal(1, newTicket.Principal.Identities.Count()); var newIdentity = newTicket.Principal.Identity as ClaimsIdentity; Assert.NotNull(newIdentity); Assert.Equal("scheme", newIdentity.AuthenticationType); Assert.True(newIdentity.HasClaim(c => c.Type == "Test" && c.Value == "Value")); Assert.NotNull(newTicket.Properties); Assert.True(newTicket.Properties.IsPersistent); Assert.Equal("/redirect", newTicket.Properties.RedirectUri); Assert.Equal("value", newTicket.Properties.Items["key"]); Assert.Equal(expires, newTicket.Properties.ExpiresUtc); Assert.Equal(issued, newTicket.Properties.IssuedUtc); }
public async Task ReceiveAsync(AuthenticationTokenReceiveContext context) { var allowedOrigin = context.OwinContext.Get <string>(OwinContextKeys.CLIENT_ALLOWED_ORIGIN); context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin }); string hashedTokenId = HashGenerator.GetHash(context.Token); ApplicationDbContext appDbContext = context.OwinContext.Get <ApplicationDbContext>(); ApplicationUserManager applicationUserManager = context.OwinContext.GetUserManager <ApplicationUserManager>(); AuthRepository _repo = new AuthRepository(appDbContext, applicationUserManager); var refreshToken = await _repo.FindRefreshToken(hashedTokenId); if (refreshToken != null) { //Get protectedTicket from refreshToken class //context.DeserializeTicket(refreshToken.ProtectedTicket); TicketSerializer serializer = new TicketSerializer(); context.SetTicket(serializer.Deserialize(Encoding.Default.GetBytes(refreshToken.ProtectedTicket))); var result = await _repo.RemoveRefreshToken(hashedTokenId); } }
public async Task <AuthenticationTicket> RetrieveAsync(string key) { var buffer = await _cache.GetAsync(key); return(_ts.Deserialize(buffer)); }
/// <summary>(インスタンス化不要な直接的な)参照</summary> /// <param name="key">string</param> /// <returns>AuthenticationTicket</returns> /// <remarks>OAuth 2.0 Token Introspectionのサポートのために必要</remarks> public static AuthenticationTicket ReferDirectly(string key) { AuthenticationTicket ticket = null; if (ASPNETIdentityConfig.EnableRefreshToken) { // EnableRefreshToken == true TicketSerializer serializer = new TicketSerializer(); IEnumerable <byte[]> values = null; List <byte[]> list = null; switch (ASPNETIdentityConfig.UserStoreType) { case EnumUserStoreType.Memory: RefreshTokenProvider.RefreshTokens.TryGetValue(key, out ticket); break; case EnumUserStoreType.SqlServer: case EnumUserStoreType.ODPManagedDriver: case EnumUserStoreType.PostgreSQL: // DMBMS using (IDbConnection cnn = DataAccess.CreateConnection()) { cnn.Open(); switch (ASPNETIdentityConfig.UserStoreType) { case EnumUserStoreType.SqlServer: values = cnn.Query <byte[]>( "SELECT [Value] FROM [RefreshTokenDictionary] WHERE [Key] = @Key", new { Key = key }); list = values.AsList(); if (list.Count != 0) { ticket = serializer.Deserialize(values.AsList()[0]); } break; case EnumUserStoreType.ODPManagedDriver: values = cnn.Query <byte[]>( "SELECT \"Value\" FROM \"RefreshTokenDictionary\" WHERE \"Key\" = :Key", new { Key = key }); list = values.AsList(); if (list.Count != 0) { ticket = serializer.Deserialize(values.AsList()[0]); } break; case EnumUserStoreType.PostgreSQL: values = cnn.Query <byte[]>( "SELECT \"value\" FROM \"refreshtokendictionary\" WHERE \"key\" = @Key", new { Key = key }); list = values.AsList(); if (list.Count != 0) { ticket = serializer.Deserialize(values.AsList()[0]); } break; } } break; } } else { // EnableRefreshToken == false } return(ticket); }
/// <summary>ReceiveRefreshToken</summary> /// <param name="context">AuthenticationTokenReceiveContext</param> private void ReceiveRefreshToken(AuthenticationTokenReceiveContext context) { //context.DeserializeTicket(context.Token); // -------------------------------------------------- if (ASPNETIdentityConfig.EnableRefreshToken) { // EnableRefreshToken == true AuthenticationTicket ticket; TicketSerializer serializer = new TicketSerializer(); IEnumerable <byte[]> values = null; List <byte[]> list = null; switch (ASPNETIdentityConfig.UserStoreType) { case EnumUserStoreType.Memory: if (RefreshTokenProvider.RefreshTokens.TryRemove(context.Token, out ticket)) { context.SetTicket(ticket); } break; case EnumUserStoreType.SqlServer: case EnumUserStoreType.ODPManagedDriver: case EnumUserStoreType.PostgreSQL: // DMBMS using (IDbConnection cnn = DataAccess.CreateConnection()) { cnn.Open(); switch (ASPNETIdentityConfig.UserStoreType) { case EnumUserStoreType.SqlServer: values = cnn.Query <byte[]>( "SELECT [Value] FROM [RefreshTokenDictionary] WHERE [Key] = @Key", new { Key = context.Token }); list = values.AsList(); if (list.Count != 0) { ticket = serializer.Deserialize(values.AsList()[0]); context.SetTicket(ticket); cnn.Execute( "DELETE FROM [RefreshTokenDictionary] WHERE [Key] = @Key", new { Key = context.Token }); } break; case EnumUserStoreType.ODPManagedDriver: values = cnn.Query <byte[]>( "SELECT \"Value\" FROM \"RefreshTokenDictionary\" WHERE \"Key\" = :Key", new { Key = context.Token }); list = values.AsList(); if (list.Count != 0) { ticket = serializer.Deserialize(values.AsList()[0]); context.SetTicket(ticket); cnn.Execute( "DELETE FROM \"RefreshTokenDictionary\" WHERE \"Key\" = :Key", new { Key = context.Token }); } break; case EnumUserStoreType.PostgreSQL: values = cnn.Query <byte[]>( "SELECT \"value\" FROM \"refreshtokendictionary\" WHERE \"key\" = @Key", new { Key = context.Token }); list = values.AsList(); if (list.Count != 0) { ticket = serializer.Deserialize(values.AsList()[0]); context.SetTicket(ticket); cnn.Execute( "DELETE FROM \"refreshtokendictionary\" WHERE \"key\" = @Key", new { Key = context.Token }); } break; } } break; } } else { // EnableRefreshToken == false } }
private TicketResult Remove(AuthenticationTokenReceiveContext context) { TicketResult result = new TicketResult(); StoreKeyFunc = StoreKeyFunc ?? ((ctx, token) => token); string key = StoreKeyFunc(context.Ticket, context.Token); IDatabase database = _redis.GetDatabase(_configuration.Db); byte[] ticket = database.StringGet(key); if (ticket.Length > default(int)) { TicketSerializer serializer = new TicketSerializer(); result.Ticket = serializer.Deserialize(ticket); result.Deleted = database.KeyDelete(key); } return result; }
private async Task<TicketResult> RemoveAsync(AuthenticationTokenReceiveContext context) { TicketResult result = new TicketResult(); StoreKeyFunc = StoreKeyFunc ?? ((ctx, token) => token); string key = StoreKeyFunc(context.Ticket, context.Token); IDatabase database = _redis.GetDatabase(_configuration.Db); byte[] ticket = await database.StringGetAsync(key); if (ticket != null) { TicketSerializer serializer = new TicketSerializer(); result.Ticket = serializer.Deserialize(ticket); result.Deleted = await database.KeyDeleteAsync(key); } else { await database.KeyDeleteAsync(context.Token); } return result; }
public async Task <AuthenticationTicket> RetrieveAsync(string key) { byte[] ticket = await _cache.GetAsync(key); return(_ticketSerializer.Deserialize(ticket)); }
public async Task ReceiveAsync(AuthenticationTokenReceiveContext context) { // define o cabecalho da resposta do contexto do Owin com a permição de origem var allowedOrigin = context.OwinContext.Get<string>("as:clientAllowedOrigin"); context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] {allowedOrigin}); // pega o Id do token pelo na requisição var hashedTokenId = HashHelper.GetHash(context.Token); // Identifica o Browser var userAgent = HttpContext.Current.Request.UserAgent; var userBrowser = new HttpBrowserCapabilities {Capabilities = new Hashtable {{string.Empty, userAgent}}}; var factory = new BrowserCapabilitiesFactory(); factory.ConfigureBrowserCapabilities(new NameValueCollection(), userBrowser); var browser = userBrowser.Browser; var refreshTokenDomain = new RefreshTokenDomain(); // busca o token na base de dados pelo id var refreshToken = await refreshTokenDomain.ReadAsync(hashedTokenId, browser); // se o token for encontrado if (refreshToken != null) { // pega os dados do ticket para deserializar e gerar um novo ticket com // as informações mapeadas do usuário que utiliza este token var ticketSerializer = new TicketSerializer(); var ticket = ticketSerializer.Deserialize(refreshToken.ProtectedTicket); context.SetTicket(ticket); // remove o token da base de dados pois em nossa lógica, permitimos apenas // um RefreshToken por usuário e aplicação cliente await refreshTokenDomain.DeleteAsync(hashedTokenId, browser); } }