public static bool TryParseBody(byte[] key, string token, out AccessTokenBody body)
{
AccessToken accessToken;
if (TryParse(token, out accessToken) == false)
{
body = null;
return(false);
}
if (accessToken.MatchesSignature(key) == false)
{
body = null;
return(false);
}
try
{
body = JsonConvert.DeserializeObject <AccessTokenBody>(accessToken.Body);
return(true);
}
catch
{
body = null;
return(false);
}
}
public static bool TryParseBody(X509Certificate2 cert, string token, out AccessTokenBody body)
{
AccessToken accessToken;
if (TryParse(token, out accessToken) == false)
{
body = null;
return false;
}
if (accessToken.MatchesSignature(cert) == false)
{
body = null;
return false;
}
try
{
body = JsonConvert.DeserializeObject<AccessTokenBody>(accessToken.Body);
return true;
}
catch
{
body = null;
return false;
}
}
public bool Authenticate(DocumentDatabase documentDatabase, string username, string password, out AccessTokenBody.DatabaseAccess[] allowedDatabases)
{
allowedDatabases = new[]
{
new AccessTokenBody.DatabaseAccess
{
TenantId = "*"
},
};
return string.IsNullOrEmpty(password) == false;
}
public static AccessToken Create(X509Certificate2 cert, AccessTokenBody tokenBody)
{
tokenBody.Issued = (SystemTime.UtcNow - DateTime.MinValue).TotalMilliseconds;
var body = RavenJObject.FromObject(tokenBody)
.ToString(Formatting.None);
var signature = Sign(body, cert);
return new AccessToken { Body = body, Signature = signature };
}
public static AccessToken Create(byte[] key, AccessTokenBody tokenBody)
{
tokenBody.Issued = (SystemTime.UtcNow - DateTime.MinValue).TotalMilliseconds;
var body = RavenJObject.FromObject(tokenBody)
.ToString(Formatting.None);
var signature = Sign(body, key);
return(new AccessToken {
Body = body, Signature = signature
});
}
public bool Authenticate(DocumentDatabase currentStore, string username, string password, out AccessTokenBody.DatabaseAccess[] allowedDatabases)
{
allowedDatabases = new AccessTokenBody.DatabaseAccess[0];
var jsonDocument = currentStore.Get("Raven/Users/" + username, null);
if (jsonDocument == null)
{
return false;
}
var user = jsonDocument.DataAsJson.JsonDeserialization<AuthenticationUser>();
var validatePassword = user.ValidatePassword(password);
if (!validatePassword)
return false;
var dbs = Enumerable.Empty<AccessTokenBody.DatabaseAccess>();
if (user.AllowedDatabases != null)
{
var accesses = user.AllowedDatabases.Select(tenantId => new AccessTokenBody.DatabaseAccess
{
TenantId = tenantId,
Admin = user.Admin,
ReadOnly = false
});
dbs = dbs.Concat(accesses);
}
if (user.Databases != null)
{
var accesses = user.Databases.Select(x => new AccessTokenBody.DatabaseAccess
{
Admin = user.Admin | x.Admin,
ReadOnly = x.ReadOnly,
TenantId = x.Name
});
dbs = dbs.Concat(accesses);
}
allowedDatabases = dbs.ToArray();
return true;
}
public bool Authenticate(DocumentDatabase currentStore, string username, string password, out AccessTokenBody.DatabaseAccess[] allowedDatabases)
{
allowedDatabases = new AccessTokenBody.DatabaseAccess[0];
var jsonDocument = ((DocumentDatabase)currentStore).Get("Raven/Users/"+username, null);
if (jsonDocument == null)
{
return false;
}
var user = jsonDocument.DataAsJson.JsonDeserialization<AuthenticationUser>();
var validatePassword = user.ValidatePassword(password);
if (validatePassword)
{
allowedDatabases = user.AllowedDatabases.Select(tenantId=> new AccessTokenBody.DatabaseAccess
{
TenantId = tenantId,
Admin = user.Admin
}).ToArray();
}
return validatePassword;
}
public OAuthPrincipal(AccessTokenBody tokenBody, string tenantId)
{
this.tokenBody = tokenBody;
this.tenantId = tenantId;
}
public OAuthPrincipal(AccessTokenBody tokenBody)
{
this.tokenBody = tokenBody;
}
public OAuthPrincipal(AccessTokenBody tokenBody)
{
this.tokenBody = tokenBody;
}