protected override async Task <AuthenticationTicket> AuthenticateCoreAsync() { AuthenticationProperties properties = null; try { IReadableStringCollection query = Request.Query; properties = UnpackStateParameter(query); if (properties == null) { _logger.WriteWarning("Invalid return state"); return(null); } // Anti-CSRF if (!ValidateCorrelationId(properties, _logger)) { return(new AuthenticationTicket(null, properties)); } string ticket = GetTicketParameter(query); if (String.IsNullOrEmpty(ticket)) { // No ticket return(new AuthenticationTicket(null, properties)); } // Now, we need to get the ticket validated string validateUrl = Options.CasServerUrlBase + "/serviceValidate" + "?service=" + Uri.EscapeDataString(BuildReturnTo(GetStateParameter(query))) + "&ticket=" + Uri.EscapeDataString(ticket); HttpResponseMessage response = await _httpClient.GetAsync(validateUrl, Request.CallCancelled); response.EnsureSuccessStatusCode(); var responseBody = await response.Content.ReadAsStringAsync(); string validatedUserName = null; using (TextReader stringReader = new StringReader(responseBody)) { var xmlReaderSetting = new XmlReaderSettings(); xmlReaderSetting.ConformanceLevel = ConformanceLevel.Auto; xmlReaderSetting.IgnoreWhitespace = true; using (XmlReader xmlReader = XmlReader.Create(stringReader, xmlReaderSetting)) { if (xmlReader.ReadToFollowing("cas:user")) { validatedUserName = xmlReader.ReadElementString(); } } } if (String.IsNullOrEmpty(validatedUserName)) { return(new AuthenticationTicket(null, properties)); } var identity = new ClaimsIdentity(Options.AuthenticationType); identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, validatedUserName, "http://www.w3.org/2001/XMLSchema#string", Options.AuthenticationType)); identity.AddClaim(new Claim(ClaimTypes.Name, validatedUserName, "http://www.w3.org/2001/XMLSchema#string", Options.AuthenticationType)); var context = new CasAuthenticatedContext( Context, identity, properties); await Options.Provider.Authenticated(context); return(new AuthenticationTicket(context.Identity, context.Properties)); } catch (Exception ex) { _logger.WriteError("Authentication failed", ex); return(new AuthenticationTicket(null, properties)); } }
/// <summary> /// Invoked whenever CAS succesfully authenticates a user /// </summary> /// <param name="context">Contains information about the login session as well as the user <see cref="System.Security.Claims.ClaimsIdentity"/>.</param> /// <returns>A <see cref="Task"/> representing the completed operation.</returns> public virtual Task Authenticated(CasAuthenticatedContext context) { return OnAuthenticated(context); }
/// <summary> /// Invoked whenever CAS succesfully authenticates a user /// </summary> /// <param name="context">Contains information about the login session as well as the user <see cref="System.Security.Claims.ClaimsIdentity"/>.</param> /// <returns>A <see cref="Task"/> representing the completed operation.</returns> public virtual Task Authenticated(CasAuthenticatedContext context) { return(OnAuthenticated(context)); }