private bool TryGetTransformedUser(out string claimRetrievalError, HttpContext currentContext, ref ApiUserLogin currentUser)
        {
            var profileManager = currentContext.RequestServices.GetService <IProfileManager>();

            claimRetrievalError = "The encoded claims principal does not contain a profile code claim.";
            var profileCode = currentUser.GetClaimValue(ClaimTypes.Role);

            if (string.IsNullOrWhiteSpace(profileCode))
            {
                return(false);
            }
            claimRetrievalError = "The cache value for the security rights of the current profile code doesn't exist.";

            var rightsDictionary = _cacheService.Get($"ProfileRights_{currentUser.Domain}_{profileCode}_{ClaimCategories.Clients}",
                                                     60, () => profileManager.GetSecurityRights(profileCode, ClaimCategories.Clients));

            var claimsList = rightsDictionary.Select(r => new Claim(r, "")).ToList();

            if (claimsList == default(List <Claim>))
            {
                return(false);
            }

            var transformedPrincipal =
                profileManager.TransformClaimsPrincipal(currentUser.ClaimsPrincipal, claimsList);

            currentUser = new ApiUserLogin(transformedPrincipal);

            return(true);
        }
        private bool TryGetUser(string tokenString, out string error, HttpContext currentContext, out ApiUserLogin currentUser)
        {
            error = "";
            try
            {
                var principal = _tokenManager.ValidateToken(tokenString, _authenticationOptions.CurrentApplication);
                currentUser = new ApiUserLogin(principal);

                currentContext.Items["CurrentUser"] = currentUser;

                return(true);
            }
            catch (Exception ex)
            {
                error = ex.Message;
            }

            currentUser = null;
            return(false);
        }
        private bool CanAuthenticateUser(out string userValidationError, HttpContext currentContext, ApiUserLogin currentUser)
        {
            userValidationError = string.Empty;
            var authResult = currentContext.RequestServices.GetService <IAuthenticationManager>()
                             .AuthenticateUser(currentUser);

            if (((ApiAuthenticationResult)authResult).LoginStatus != UserLoginStatus.ValidUser)
            {
                return(false);
            }
            userValidationError = authResult.ErrorMessage;

            return(true);
        }