Пример #1
0
        protected async Task <IActionResult> Authenticate(string returnUrl, string currentAmr, OAuthUser user, CancellationToken token, bool rememberLogin = false)
        {
            var unprotectedUrl  = Unprotect(returnUrl);
            var query           = unprotectedUrl.GetQueries().ToJObj();
            var acrValues       = query.GetAcrValuesFromAuthorizationRequest();
            var clientId        = query.GetClientIdFromAuthorizationRequest();
            var requestedClaims = query.GetClaimsFromAuthorizationRequest();
            var client          = (OpenIdClient)await _oauthClientRepository.FindOAuthClientById(clientId, token);

            var acr = await _amrHelper.FetchDefaultAcr(acrValues, requestedClaims, client, token);

            string amr;

            if (acr == null || string.IsNullOrWhiteSpace(amr = _amrHelper.FetchNextAmr(acr, currentAmr)))
            {
                var currentDateTime    = DateTime.UtcNow;
                var expirationDateTime = currentDateTime.AddSeconds(_options.CookieAuthExpirationTimeInSeconds);
                var offset             = DateTimeOffset.UtcNow.AddSeconds(_options.CookieAuthExpirationTimeInSeconds);
                var claims             = user.ToClaims();
                var claimsIdentity     = new ClaimsIdentity(claims, currentAmr);
                var claimsPrincipal    = new ClaimsPrincipal(claimsIdentity);
                user.AddSession(expirationDateTime);
                await _oauthUserCommandRepository.Update(user, token);

                await _oauthUserCommandRepository.SaveChanges(token);

                Response.Cookies.Append(_options.SessionCookieName, user.GetActiveSession().SessionId, new CookieOptions
                {
                    Secure   = true,
                    HttpOnly = false,
                    SameSite = SameSiteMode.None
                });
                if (rememberLogin)
                {
                    await HttpContext.SignInAsync(claimsPrincipal, new AuthenticationProperties
                    {
                        IsPersistent = true
                    });
                }
                else
                {
                    await HttpContext.SignInAsync(claimsPrincipal, new AuthenticationProperties
                    {
                        IsPersistent = true,
                        ExpiresUtc   = offset
                    });
                }

                return(Redirect(unprotectedUrl));
            }

            return(RedirectToAction("Index", "Authenticate", new { area = amr, ReturnUrl = returnUrl }));
        }
Пример #2
0
        protected async Task <IActionResult> Sign(string returnUrl, string currentAmr, OAuthUser user, CancellationToken token, bool rememberLogin = false)
        {
            var currentDateTime    = DateTime.UtcNow;
            var expirationDateTime = currentDateTime.AddSeconds(_options.CookieAuthExpirationTimeInSeconds);
            var offset             = DateTimeOffset.UtcNow.AddSeconds(_options.CookieAuthExpirationTimeInSeconds);
            var claims             = user.ToClaims();
            var claimsIdentity     = new ClaimsIdentity(claims, currentAmr);
            var claimsPrincipal    = new ClaimsPrincipal(claimsIdentity);

            user.AddSession(expirationDateTime);
            await _oauthUserCommandRepository.Update(user, token);

            await _oauthUserCommandRepository.SaveChanges(token);

            Response.Cookies.Append(_options.SessionCookieName, user.GetActiveSession().SessionId, new CookieOptions
            {
                Secure   = true,
                HttpOnly = false,
                SameSite = SameSiteMode.None
            });
            if (rememberLogin)
            {
                await HttpContext.SignInAsync(claimsPrincipal, new AuthenticationProperties
                {
                    IsPersistent = true
                });
            }
            else
            {
                await HttpContext.SignInAsync(claimsPrincipal, new AuthenticationProperties
                {
                    IsPersistent = true,
                    ExpiresUtc   = offset
                });
            }

            return(Redirect(returnUrl));
        }