Exemplo n.º 1
0
        public static FirmaSession FirmaSessionFromClaimsIdentity(IAuthenticationManager authenticationManager, Tenant currentTenant)
        {
            try
            {
                // Get the Person from Claims Identity
                // Other RPs use an actual "anonymous" user, but we are trying to have CurrentPerson be null, so, we are trying this. -- SLG & SG
                const Person anonymousSitkaUser = null;
                Person       personFromClaimsIdentity;

                switch (FirmaWebConfiguration.AuthenticationType)
                {
                case AuthenticationType.KeystoneAuth:
                    personFromClaimsIdentity = KeystoneClaimsHelpers.GetOpenIDUserFromPrincipal(
                        authenticationManager.User, anonymousSitkaUser,
                        HttpRequestStorage.DatabaseEntities.People.GetPersonByPersonGuid);
                    break;

                case AuthenticationType.LocalAuth:
                    personFromClaimsIdentity = GetPersonFromLocalClaims(authenticationManager.User);
                    break;

                default:
                    throw new ArgumentOutOfRangeException();
                }

                // Actual real person
                if (personFromClaimsIdentity != null)
                {
                    // Sanity check
                    Check.Ensure(currentTenant.TenantID == personFromClaimsIdentity.TenantID);

                    // Try to find existing Session for this Person.
                    // ** This seems potentially flawed, and may not work for multiple logins -- SLG & SG **
                    var firmaSessionForRealPerson = HttpRequestStorage.DatabaseEntities.FirmaSessions.GetFirmaSessionsByPersonID(personFromClaimsIdentity.PersonID, false);
                    if (firmaSessionForRealPerson.Any())
                    {
                        // For now, we just give them the last session. This is NOT a long term solution. -- SLG
                        return(firmaSessionForRealPerson.Last());
                    }
                    // Otherwise, we could not find a FirmaSession for this person. Create one.
                    var firmaSessionFromClaimsIdentity = new FirmaSession(HttpRequestStorage.DatabaseEntities, personFromClaimsIdentity);

                    // Only save if the Session if it being newly created
                    HttpRequestStorage.DatabaseEntities.AllFirmaSessions.Add(firmaSessionFromClaimsIdentity);
                    HttpRequestStorage.DatabaseEntities.SaveChangesWithNoAuditing(currentTenant.TenantID);

                    return(firmaSessionFromClaimsIdentity);
                }
                // Otherwise, anonymous user. We make a new session each time, which seems flawed - but not sure how else to handle yet. -- SLG
                var firmaSessionForAnonymousPerson = FirmaSession.MakeEmptyFirmaSession(HttpRequestStorage.DatabaseEntities, HttpRequestStorage.Tenant);
                return(firmaSessionForAnonymousPerson);
            }
            catch (Exception ex)
            {
                IdentitySignOut(authenticationManager);
                throw new SitkaDisplayErrorException("Something went wrong with your session or credentials. Please try logging in again. If this does not resolve the issue, please contact support.", ex);
            }
        }
        public bool Authorize(DashboardContext context)
        {
            var owinContext = new OwinContext(context.GetOwinEnvironment());
            var person      = KeystoneClaimsHelpers.GetOpenIDUserFromPrincipal(owinContext.Authentication.User,
                                                                               null,
                                                                               HttpRequestStorage.DatabaseEntities.People.GetPersonByPersonGuid);

            return(person.IsAdministrator());
        }