public void CreatesCorrectPolicy(string url)
{
var basePolicy = new OpenIdConfig(url);
var xml = basePolicy.GetXml().ToString();
xml.Should().Be($"<openid-config url=\"{ url }\" />");
}
public BaseProvider(OpenIdConfig config, TokenCache tokenCache)
{
Config = config;
TokenCache = tokenCache;
AuthorizationCode = new AuthorizationCode
{
OpenIdConfig = Config,
TokenCache = TokenCache
};
ClientCredentials = new ClientCredentials
{
OpenIdConfig = Config,
TokenCache = TokenCache
};
}
public OpenIdConnect(OpenIdConfig openIdConfig, TokenCache tokenCache)
{
if (openIdConfig is MicrosoftOnlineConfig)
{
_currentProviderType = Providers.MicrosoftOnline;
}
switch (_currentProviderType)
{
case Providers.Custom:
_currentProvider = new CustomProvider(openIdConfig, tokenCache);
break;
case Providers.MicrosoftOnline:
_currentProvider = new MicrosoftOnline((MicrosoftOnlineConfig)openIdConfig, tokenCache);
break;
default:
_currentProvider = new CustomProvider(openIdConfig, tokenCache);
break;
}
}
public ActionResult LogOff()
{
var openIdSettings = OpenIdSettings;
if (!String.IsNullOrEmpty(openIdSettings))
{
var config = OpenIdConfig.FromString(openIdSettings);
HttpContext.GetOwinContext().Authentication.SignOut(
new AuthenticationProperties {
RedirectUri = config.redirectUri
},
OpenIdConnectAuthenticationDefaults.AuthenticationType, CookieAuthenticationDefaults.AuthenticationType);
return(new EmptyResult());
}
else
{
AuthenticationManager.SignOut(DefaultAuthenticationTypes.ApplicationCookie);
Session.Abandon();
ClearAllCookies();
Response.Cookies.Add(new HttpCookie(LOCALE_COOKIE, _userLocale.Locale));
return(Redirect("~/"));
}
}
public JwtValidationPolicy(IDictionary <string, string> attributes, string openIdConfigUrl = null, IEnumerable <string> issuers = null, ISectionPolicy requiredClaims = null) : base("validate-jwt", attributes)
{
_openIdConfig = openIdConfigUrl != null ? new OpenIdConfig(openIdConfigUrl) : null;
_issuers = issuers != null ? new Issuers(issuers) : null;
_requiredClaims = requiredClaims as SectionPolicy;
}
private static void ConfigureOpenApiAuth(IAppBuilder app, String strConfig)
{
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
app.UseCookieAuthentication(new CookieAuthenticationOptions());
var openIdConfig = OpenIdConfig.FromString(strConfig);
var opts = new OpenIdConnectAuthenticationOptions()
{
ClientId = openIdConfig.clientId,
Authority = openIdConfig.aadInstance + openIdConfig.tenantId + "/v2.0",
PostLogoutRedirectUri = openIdConfig.redirectUri,
RedirectUri = openIdConfig.redirectUri,
Scope = OpenIdConnectScope.OpenIdProfile,
ResponseType = OpenIdConnectResponseType.CodeIdToken,
Notifications = new OpenIdConnectAuthenticationNotifications()
{
RedirectToIdentityProvider = (context) =>
{
return(Task.FromResult(0));
},
MessageReceived = (context) =>
{
return(Task.FromResult(0));
},
SecurityTokenReceived = (context) =>
{
return(Task.FromResult(0));
},
SecurityTokenValidated = async(context) =>
{
var identity = context.AuthenticationTicket.Identity;
var userManager = context.OwinContext.GetUserManager <AppUserManager>();
var userName = identity.FindFirstValue("preferred_username");
var appUser = await userManager.FindByNameAsync(userName);
if (appUser == null)
{
appUser = new AppUser()
{
UserName = userName,
PersonName = identity.FindFirstValue("name")
};
await userManager.CreateAsync(appUser);
appUser = await userManager.FindByNameAsync(userName);
}
var claims = await userManager.GetClaimsAsync(appUser.Id);
var openIdId = identity.FindFirst("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier");
if (openIdId != null)
{
identity.TryRemoveClaim(openIdId);
identity.AddClaim(new Claim("OpenIdIdentifier", openIdId.Value));
}
identity.AddClaim(new Claim("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier", "99"));
identity.AddClaim(new Claim(ClaimsIdentity.DefaultNameClaimType, appUser.UserName));
foreach (var c in claims)
{
identity.AddClaim(new Claim(c.Type, c.Value));
}
//"OpenIdIdentifier"
},
AuthorizationCodeReceived = (context) =>
{
return(Task.FromResult(0));
},
AuthenticationFailed = (context) =>
{
return(Task.FromResult(0));
},
}
};
app.UseOpenIdConnectAuthentication(opts);
}
public CustomProvider(OpenIdConfig config, TokenCache tokenCache) : base(config, tokenCache)
{
}