public async Task <List <Claim> > GetDeviceInfo(string token)
{
Dictionary <string, object> deviceInfo;
try
{
deviceInfo = await openAmIntegration.ValidateDevice(token);
}
catch (Exception)
{
throw PrincipalExceptionFactory.Create(PrincipalExceptionType.OpenAm,
LocalizationKeys.SystemUnavailable, null);
}
var camsClaims = ClaimsManager.ParseClaims(deviceInfo);
var codedClaims = new List <Claim>()
.TryAddClaim(ClaimsNames.Language, "en-us") // set language to en-us...it is not provided
.TryAddClaim(ClaimsNames.Roles, MgiAwRole.Dt4Device) // set role to Dt4Device
.TryAddClaim(ClaimsNames.DSL, DeviceSecurityLevel.Fifty); // set DSL to fifty
var claims = camsClaims.Concat(codedClaims).ToList();
var missingClaims = ClaimsInventoryHelper.CheckCamsDeviceClaims(claims);
if (missingClaims.Any())
{
// Throw exception
throw PrincipalExceptionFactory.Create(PrincipalExceptionType.OpenAm,
LocalizationKeys.InvalidUserProfile, missingClaims);
}
return(claims);
}
public async Task <List <Claim> > GetUserInfo(string token)
{
var camsClaimsKey = string.Format(AuthCacheKeys.CAMSCLAIMS, token);
var cachedCamsClaims = cacheManager.Contains <CachedObjectResponseContainer <List <Tuple <string, string> > > >(camsClaimsKey,
CacheRegion.Global);
// Check if claims are missing first
if (cachedCamsClaims.Exists)
{
var missingClaimsInCache = ClaimsInventoryHelper.CheckCamsClaims(cachedCamsClaims.CachedObj.DataObject.ToClaims());
if (missingClaimsInCache.Any())
{
// We have incomplete data. Invalidate cache
cachedCamsClaims.Exists = false;
cacheManager.Remove(camsClaimsKey, CacheRegion.Global);
}
else
{
return(cachedCamsClaims.CachedObj.DataObject.ToClaims());
}
}
Dictionary <string, object> userInfo = null;
try
{
userInfo = await openAmIntegration.GetUserInfo(token);
}
catch (Exception)
{
throw PrincipalExceptionFactory.Create(PrincipalExceptionType.OpenAm,
LocalizationKeys.SystemUnavailable, null);
}
var camsClaims = ClaimsManager.ParseClaims(userInfo);
var missingClaims = ClaimsInventoryHelper.CheckCamsClaims(camsClaims);
if (missingClaims.Any())
{
// Throw exception
throw PrincipalExceptionFactory.Create(PrincipalExceptionType.OpenAm,
LocalizationKeys.InvalidUserProfile, missingClaims);
}
var camsClaimsCacheContainer = CacheAheadHelper.PopulateCacheMetadata <List <Tuple <string, string> > >(camsClaims.ToTupleList(), CachePolicies.FourHours);
cacheManager.Save(camsClaimsKey, camsClaimsCacheContainer, CacheRegion.Global,
CachePolicies.FourHours);
return(camsClaims);
}
protected override bool IsAuthorized(HttpActionContext actionContext)
{
var deviceSecurityLevel = ClaimsManager.GetClaimValue(ClaimsNames.DSL);
var authenticated = AuthHelper.IsUserAuthenticated();
var isDeviceAuthorized = (string.IsNullOrEmpty(Roles) ? true : Roles.Split(',').Contains(deviceSecurityLevel));
if (!authenticated)
{
AuthHelper.SetUnauthenticatedResponse();
}
if (!isDeviceAuthorized)
{
AuthHelper.SetNonTransactionalDeviceInUse();
}
return(authenticated && isDeviceAuthorized);
}