private bool TryGetTransformedUser(out string claimRetrievalError, HttpContext currentContext, ref ApiUserLogin currentUser)
{
var profileManager = currentContext.RequestServices.GetService <IProfileManager>();
claimRetrievalError = "The encoded claims principal does not contain a profile code claim.";
var profileCode = currentUser.GetClaimValue(ClaimTypes.Role);
if (string.IsNullOrWhiteSpace(profileCode))
{
return(false);
}
claimRetrievalError = "The cache value for the security rights of the current profile code doesn't exist.";
var rightsDictionary = _cacheService.Get($"ProfileRights_{currentUser.Domain}_{profileCode}_{ClaimCategories.Clients}",
60, () => profileManager.GetSecurityRights(profileCode, ClaimCategories.Clients));
var claimsList = rightsDictionary.Select(r => new Claim(r, "")).ToList();
if (claimsList == default(List <Claim>))
{
return(false);
}
var transformedPrincipal =
profileManager.TransformClaimsPrincipal(currentUser.ClaimsPrincipal, claimsList);
currentUser = new ApiUserLogin(transformedPrincipal);
return(true);
}
private bool TryGetUser(string tokenString, out string error, HttpContext currentContext, out ApiUserLogin currentUser)
{
error = "";
try
{
var principal = _tokenManager.ValidateToken(tokenString, _authenticationOptions.CurrentApplication);
currentUser = new ApiUserLogin(principal);
currentContext.Items["CurrentUser"] = currentUser;
return(true);
}
catch (Exception ex)
{
error = ex.Message;
}
currentUser = null;
return(false);
}
private bool CanAuthenticateUser(out string userValidationError, HttpContext currentContext, ApiUserLogin currentUser)
{
userValidationError = string.Empty;
var authResult = currentContext.RequestServices.GetService <IAuthenticationManager>()
.AuthenticateUser(currentUser);
if (((ApiAuthenticationResult)authResult).LoginStatus != UserLoginStatus.ValidUser)
{
return(false);
}
userValidationError = authResult.ErrorMessage;
return(true);
}
