public async Task <Account> AuthenticateWithValidatedSubjectAsync(string subject, string location)
{
var detail = new CertificateSubjectDetail(subject);
Data.Account account = await _store.LoadByToken(detail.ExternalId);
if (account == null)
{
if (detail.DeprecatedExternalId.HasValue())
{
account = await _store.LoadByToken(detail.DeprecatedExternalId);
if (account != null)
{
var token = account.Tokens.Where(t => t.Hash == detail.DeprecatedExternalId.ToNormalizedSha256()).Single();
account.Tokens.Remove(token);
account.Tokens.Add(new Data.AccountToken
{
Type = AccountTokenType.Certificate,
Hash = detail.ExternalId.ToNormalizedSha256(),
WhenCreated = DateTime.UtcNow,
});
await _store.Update(account);
}
}
if (account == null)
{
account = await Register(detail.ExternalId, detail.DisplayName, AccountTokenType.Certificate, detail.IsAffiliate);
}
}
return(await CompleteAuthentication(account, location));
}
public async Task <bool> IsCertificateUniqueAsync(X509Certificate2 cert)
{
_certStore.Validate(cert); // throws on error
var subject = new CertificateSubjectDetail(cert.Subject);
return(await IsTokenUniqueAsync(subject.ExternalId));
}
public async Task <Account> RegisterWithValidatedSubjectAsync(string subject)
{
var detail = new CertificateSubjectDetail(subject);
Data.Account account = await Register(
detail.ExternalId,
detail.DisplayName,
AccountTokenType.Certificate,
detail.IsAffiliate
);
return(Mapper.Map <Account>(account, opts => {
opts.Items["serviceUrl"] = _serviceUrl;
opts.Items["profileOptions"] = _options.Profile;
}));
}
public async Task <Account> AddAccountValidatedSubject(string accountId, string subject)
{
var detail = new CertificateSubjectDetail(subject);
return(await AddCertificateToken(accountId, detail.ExternalId));
}
public async Task <bool> IsCertificateUniqueAsync(string subjectDN)
{
var subject = new CertificateSubjectDetail(subjectDN);
return(await IsTokenUniqueAsync(subject.ExternalId));
}
// [InlineData("O=ORG,OU=TEST,CN=FIRST M LAST-TWO", "first.last-two")]
// [InlineData("O=ORG,OU=TEST,CN=FIRST M LAST TWO", "first.last.two")]
// [InlineData("O=ORG,OU=TEST,CN=FIRST MIDDLE LAST TWO", "first.middle.last.two")]
// [InlineData("O=ORG,OU=ORG,OU=TEST,CN=FIRST MIDDLE LAST (meta)+UID=12345", "first.middle.last")]
// [InlineData("O=ORG,CN=FIRST M L'AST,OU=TEST", "first.last")]
// [InlineData("O=ORG,CN=FIRST M 'LAS'T,OU=TEST", "first.last")]
// [InlineData("O=ORG,CN=FIRST M ORG'PO,OU=TEST", "first.orgpo")]
// [InlineData("O=ORG,CN=FIRST M ORG'PO'DO,OU=TEST", "first.orgpodo")]
public void Subjects_Parse(string subject, string result)
{
var r = new CertificateSubjectDetail(subject);
Assert.True(r.UserName == result);
}
