protected override void Initialize(HttpControllerContext context) { this.Tenant = TenantConvention.GetTenant(); string clientToken = context.Request.GetBearerToken(); var provider = new Provider(); var token = provider.GetToken(clientToken); if(token != null) { AppUsers.SetCurrentLoginAsync(this.Tenant, token.LoginId).Wait(); var loginView = AppUsers.GetCurrentAsync(this.Tenant, token.LoginId).Result; this.AppUser = new AppUser { Tenant = this.Tenant, ClientToken = token.ClientToken, LoginId = token.LoginId, UserId = loginView.UserId, Name = loginView.Name, OfficeId = loginView.OfficeId, OfficeName = loginView.OfficeName, Email = loginView.Email, RoleId = loginView.RoleId, RoleName = loginView.RoleName, IsAdministrator = loginView.IsAdministrator }; var identity = new ClaimsIdentity(token.GetClaims()); identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, token.LoginId.ToString(CultureInfo.InvariantCulture))); if(this.AppUser.RoleName != null) { identity.AddClaim(new Claim(ClaimTypes.Role, this.AppUser.RoleName)); } if(this.AppUser.Email != null) { identity.AddClaim(new Claim(ClaimTypes.Email, this.AppUser.Email)); } context.RequestContext.Principal = new ClaimsPrincipal(identity); } base.Initialize(context); }
protected override void Initialize(RequestContext context) { string clientToken = context.HttpContext.Request.GetClientToken(); var provider = new Provider(DbConvention.GetCatalog()); var token = provider.GetToken(clientToken); string catalog = DbConvention.GetCatalog(); if (token != null) { bool isValid = AccessTokens.IsValid(token.ClientToken, context.HttpContext.GetClientIpAddress(), context.HttpContext.GetUserAgent()); if (isValid) { AppUsers.SetCurrentLogin(catalog, token.LoginId); var loginView = AppUsers.GetCurrent(catalog, token.LoginId); this.MetaUser = new MetaUser { Catalog = catalog, ClientToken = token.ClientToken, LoginId = token.LoginId, UserId = token.UserId, OfficeId = token.OfficeId }; var identity = new ClaimsIdentity(token.Claims, DefaultAuthenticationTypes.ApplicationCookie, ClaimTypes.NameIdentifier, ClaimTypes.Role); identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, token.LoginId.ToString(CultureInfo.InvariantCulture))); if (loginView.RoleName != null) { identity.AddClaim(new Claim(ClaimTypes.Role, loginView.RoleName)); } if (loginView.Email != null) { identity.AddClaim(new Claim(ClaimTypes.Email, loginView.Email)); } context.HttpContext.User = new ClaimsPrincipal(identity); } } base.Initialize(context); }
private static async Task<Token> GetTokenAsync(string tenant, HubCallerContext context) { string clientToken = context.Request.GetClientToken(); var provider = new Provider(); var token = provider.GetToken(clientToken); if (token != null) { bool isValid = await AccessTokens.IsValidAsync(tenant, token.ClientToken, context.Request.GetClientIpAddress(), context.Headers["User-Agent"]).ConfigureAwait(false); if (isValid) { return token; } } return null; }
protected async Task<ActionResult> OnAuthenticatedAsync(LoginResult result, SignInInfo model = null) { if (!result.Status) { await Task.Delay(new Random().Next(1, 5)*1000).ConfigureAwait(false); return new HttpStatusCodeResult(HttpStatusCode.Forbidden, JsonConvert.SerializeObject(result)); } Guid? applicationId = null; if (model != null) { applicationId = model.ApplicationId; } var loginView = await AppUsers.GetCurrentAsync(this.Tenant, result.LoginId).ConfigureAwait(false); var manager = new Provider(this.Tenant, applicationId, result.LoginId, loginView.UserId, loginView.OfficeId); var token = manager.GetToken(); string domain = TenantConvention.GetDomain(); await AccessTokens.SaveAsync(this.Tenant, token, this.RemoteUser.IpAddress, this.RemoteUser.UserAgent) .ConfigureAwait(true); var cookie = new HttpCookie("access_token") { Value = token.ClientToken, HttpOnly = true, Expires = token.ExpiresOn.DateTime }; //localhost cookie is not supported by most browsers. if (domain.ToLower() != "localhost") { cookie.Domain = domain; } this.Response.Cookies.Add(cookie); return this.Ok(token.ClientToken); }
protected override void Initialize(HttpControllerContext context) { string clientToken = context.Request.GetBearerToken(); var provider = new Provider(DbConvention.GetCatalog()); var token = provider.GetToken(clientToken); string catalog = DbConvention.GetCatalog(); if (token != null) { AppUsers.SetCurrentLogin(catalog, token.LoginId); var loginView = AppUsers.GetCurrent(catalog, token.LoginId); this.MetaUser = new MetaUser { Catalog = DbConvention.GetCatalog(), ClientToken = token.ClientToken, LoginId = token.LoginId, UserId = loginView.UserId.To<int>(), OfficeId = loginView.OfficeId.To<int>() }; var identity = new ClaimsIdentity(token.Claims); identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, token.LoginId.ToString(CultureInfo.InvariantCulture))); if (loginView.RoleName != null) { identity.AddClaim(new Claim(ClaimTypes.Role, loginView.RoleName)); } if (loginView.Email != null) { identity.AddClaim(new Claim(ClaimTypes.Email, loginView.Email)); } context.RequestContext.Principal = new ClaimsPrincipal(identity); } base.Initialize(context); }
protected ActionResult OnAuthenticated(LoginResult result, SignInInfo model = null) { if (!result.Status) { Thread.Sleep(new Random().Next(1, 5)*1000); return new HttpStatusCodeResult(HttpStatusCode.Forbidden, JsonConvert.SerializeObject(result)); } Guid? applicationId = null; if (model != null) { applicationId = model.ApplicationId; } var manager = new Provider(AppUsers.GetCatalog(), applicationId, result.LoginId); var token = manager.GetToken(); string domain = DbConvention.GetDomain(); AccessTokens.Save(token, this.RemoteUser.IpAddress, this.RemoteUser.UserAgent); var cookie = new HttpCookie("access_token") { Value = token.ClientToken, HttpOnly = true, Secure = true, Expires = token.ExpiresOn }; //localhost cookie is not supported by most browsers. if (domain.ToLower() != "localhost") { cookie.Domain = domain; } this.Response.Cookies.Add(cookie); return Json(token.ClientToken); }
public override bool AuthorizeHubConnection(HubDescriptor descriptor, IRequest request) { string tenant = TenantConvention.GetTenant(); string clientToken = request.GetClientToken(); var provider = new Provider(); var token = provider.GetToken(clientToken); if(token != null) { bool isValid = AccessTokens.IsValidAsync(tenant, token.ClientToken, request.GetClientIpAddress(), request.Headers["user-agent"]).Result; if(isValid) { AppUsers.SetCurrentLoginAsync(tenant, token.LoginId).Wait(); var loginView = AppUsers.GetCurrentAsync(tenant, token.LoginId).Result; var identity = new ClaimsIdentity(token.GetClaims(), DefaultAuthenticationTypes.ApplicationCookie, ClaimTypes.NameIdentifier, ClaimTypes.Role); identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, token.LoginId.ToString(CultureInfo.InvariantCulture))); if(loginView.RoleName != null) { identity.AddClaim(new Claim(ClaimTypes.Role, loginView.RoleName)); } if(loginView.Email != null) { identity.AddClaim(new Claim(ClaimTypes.Email, loginView.Email)); } request.Environment["server.User"] = new ClaimsPrincipal(identity); return true; } } return false; }
protected override void Initialize(RequestContext context) { string tenant = TenantConvention.GetTenant(); string clientToken = context.HttpContext.Request.GetClientToken(); var provider = new Provider(); var token = provider.GetToken(clientToken); if (token != null) { bool isValid = AccessTokens.IsValidAsync(tenant, token.ClientToken, context.HttpContext.GetClientIpAddress(), context.HttpContext.GetUserAgent()).Result; if (isValid) { AppUsers.SetCurrentLoginAsync(tenant, token.LoginId).Wait(); var loginView = AppUsers.GetCurrentAsync(tenant, token.LoginId).Result; this.AppUser = new AppUser { Tenant = tenant, ClientToken = token.ClientToken, LoginId = loginView.LoginId, UserId = loginView.UserId, Name = loginView.Name, OfficeId = loginView.OfficeId, OfficeName = loginView.OfficeName, Email = loginView.Email, RoleId = loginView.RoleId, RoleName = loginView.RoleName, IsAdministrator = loginView.IsAdministrator }; var identity = new ClaimsIdentity(token.GetClaims(), DefaultAuthenticationTypes.ApplicationCookie, ClaimTypes.NameIdentifier, ClaimTypes.Role); identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, token.LoginId.ToString(CultureInfo.InvariantCulture))); if (loginView.RoleName != null) { identity.AddClaim(new Claim(ClaimTypes.Role, loginView.RoleName)); } if (loginView.Email != null) { identity.AddClaim(new Claim(ClaimTypes.Email, loginView.Email)); } context.HttpContext.User = new ClaimsPrincipal(identity); } } if (this.AppUser == null) { this.AppUser = new AppUser { Tenant = tenant }; } base.Initialize(context); }