private AuthenticationMetadata AuthMetadataFor(string username)
{
AuthenticationMetadata authMeta = _authenticationData.get(username);
if (authMeta == null)
{
authMeta = new AuthenticationMetadata(this);
AuthenticationMetadata preExisting = _authenticationData.putIfAbsent(username, authMeta);
if (preExisting != null)
{
authMeta = preExisting;
}
}
return(authMeta);
}
internal SecurityToken GetSecurityTokenInternal()
{
TokenServiceMetadata gatewayMetadata = GetMetadata();
AuthenticationMetadata dSTSMetadata = new AuthenticationMetadata(TVSSerializerUtility.Deserialize(gatewayMetadata.Metadata));
if (cloudServiceName != null && cloudServiceName != gatewayMetadata.ServiceName)
{
string warning = string.Format(StringResources.Error_dSTSMismatchInMetadata, "CloudServiceName", cloudServiceName, gatewayMetadata.ServiceName);
TraceSource.WriteWarning(
TraceType,
warning);
throw new FabricException(warning);
}
if (cloudServiceDnsNames != null &&
cloudServiceDnsNames.FirstOrDefault(name => name == gatewayMetadata.ServiceDnsName) == null)
{
string warning = string.Format(StringResources.Error_dSTSMismatchInMetadata, "CloudServiceDNSNames", string.Join(",", cloudServiceDnsNames), gatewayMetadata.ServiceDnsName);
TraceSource.WriteWarning(
TraceType,
warning);
throw new FabricException(warning);
}
SecurityTokenIssuanceResponse rstr;
try
{
rstr = authenticationClient.GetSecurityToken(
gatewayMetadata.ServiceName,
gatewayMetadata.ServiceDnsName,
dSTSMetadata);
}
catch (SecurityTokenIssuanceException e)
{
TraceSource.WriteWarning(
TraceType,
"GetSecurityToken failed with exception: {0}",
e.Message);
throw new FabricException(e.Message);
}
return(rstr.SecurityToken);
}
public override AuthenticationResult Authenticate(User user, sbyte[] password)
{
AuthenticationMetadata authMetadata = AuthMetadataFor(user.Name());
if (!authMetadata.AuthenticationPermitted())
{
return(AuthenticationResult.TOO_MANY_ATTEMPTS);
}
if (user.Credentials().matchesPassword(password))
{
authMetadata.AuthSuccess();
return(AuthenticationResult.SUCCESS);
}
else
{
authMetadata.AuthFailed();
return(AuthenticationResult.FAILURE);
}
}
