public async Task <IActionResult> LoginWithAD()
{
var loggedInUsername = User.Identity.Name;
var user = await authenticationModule.FindUserAsync(loggedInUsername);
var authenticationResult = user != null
? authenticationModule.BuildSecurityTokenForUser(user)
: AuthenticationResult.Failed(AuthenticationErrorType.UserNotFound);
if (authenticationResult.IsAuthenticated)
{
apiEventLogger.Log(LogLevel.Info, $"User '{loggedInUsername}' successfully logged in");
}
else
{
apiEventLogger.Log(LogLevel.Warning, $"User '{loggedInUsername}' was rejected");
}
return(new ContentResult
{
ContentType = Conventions.JsonContentType,
Content = JsonConvert.SerializeObject(authenticationResult),
StatusCode = authenticationResult.IsAuthenticated ? (int)HttpStatusCode.OK : (int)HttpStatusCode.Unauthorized
});
}
/// <summary>
/// Authenticate on the server
/// </summary>
/// <param name="userName">user name for authentication</param>
/// <returns><c>true</c> - authentication success</returns>
public AuthenticationResult Authenticate(string userName)
{
if (ConnectedUsers.Exists(u =>
String.Compare(u.Context.UserName, userName, StringComparison.OrdinalIgnoreCase) == 0))
{
return(AuthenticationResult.Failed());
}
IConsoleCallback callback = OperationContext.Current.GetCallbackChannel <IConsoleCallback>();
_currentUser = new ConnectedUser(ServerConsole.Authenticate(userName), callback);
ConnectedUsers.Add(_currentUser);
return(AuthenticationResult.Success(ConnectedUsers.Count - 1));
}
public static AuthenticationResult LoginWithActiveDirectory(ApiConfiguration configuration, HttpClient httpClient)
{
var requestUri = RequestUriBuilder.Build(configuration, "api/account/loginwithad");
var response = httpClient.GetAsync(requestUri).Result;
if (response.StatusCode == HttpStatusCode.Unauthorized)
{
return(AuthenticationResult.Failed(AuthenticationErrorType.UserNotFound));
}
if (response.StatusCode != HttpStatusCode.OK)
{
var errorText = response.Content.ReadAsStringAsync().Result;
throw new ApiException(response.StatusCode, errorText);
}
var json = response.Content.ReadAsStringAsync().Result;
var authenticationResult = ConfiguredJsonSerializer.Deserialize <AuthenticationResult>(json);
return(authenticationResult);
}
public async Task <AuthenticationResult> AuthenticateAsync(LoginInformation loginInformation)
{
var existingUser = await FindUserAsync(loginInformation.Username);
if (existingUser == null)
{
return(AuthenticationResult.Failed(AuthenticationErrorType.UserNotFound));
}
if (string.IsNullOrEmpty(loginInformation.Password))
{
return(AuthenticationResult.Failed(AuthenticationErrorType.InvalidPassword));
}
var salt = Convert.FromBase64String(existingUser.Salt);
var storedPasswordHash = Convert.FromBase64String(existingUser.PasswordHash);
var providedPasswordHash = PasswordHasher.Hash(loginInformation.Password, salt, 8 * storedPasswordHash.Length);
var isMatch = HashComparer.Compare(providedPasswordHash, storedPasswordHash);
if (!isMatch)
{
return(AuthenticationResult.Failed(AuthenticationErrorType.InvalidPassword));
}
return(BuildSecurityTokenForUser(existingUser));
}
