private IdentityContainer GetIdentityContainer(string userName, string domainName, string environmentName, string applicationName) { if (!MarkelConfiguration.EnvironmentName.Equals(environmentName)) { throw new NotAllowedAPIException($"Invalid Request! User '{userName}' is attempting to log into '{environmentName}'. Server is configured for '{MarkelConfiguration.EnvironmentName}' only!"); } string cacheKey = _cacheStoreManager.BuildKey("UserIdentity", userName); IdentityContainer cachedIdentityContainer = _cacheStoreManager.GetItem <IdentityContainer>(cacheKey, (action) => { try { IAuthorizationManager authorizationManager = new ERMSAuthorizationManager(); UserIdentity userIdentity = authorizationManager.GetUserIdentity(userName, domainName, environmentName, applicationName); if (userIdentity != null) { // Auth Token expires in one year, or when API is restarted return(new CacheItem(MarkelConfiguration.AccessTokenLifetime, null, new IdentityContainer(userIdentity))); } return(new CacheItem()); } catch (Exception) { string message = string.Format("Authentication failed for: Application: {0}, User: {1}, Domain: {2}, Environment: {3}", applicationName, userName, domainName, environmentName); throw new UnauthorizedAPIException(message); } }, false); return(cachedIdentityContainer); }
public ServiceToken GetServiceToken(string serviceName) { IAuthorizationManager authorizationManager = new ERMSAuthorizationManager(); // Initialize or Validate Token. If expired, refresh. IdentityContainer identityContainer = IdentityContainer; UserIdentity user = identityContainer.UserIdentity; ServiceToken serviceToken = identityContainer.GetToken(serviceName); if (string.Equals(serviceName, "ERMS") && !authorizationManager.ValidateToken(serviceToken?.AuthenticationToken, user.EnvironmentName)) { serviceToken = authorizationManager.GetServiceToken(user.UserName, user.DomainName, user.EnvironmentName, user.ApplicationName); identityContainer.SetToken(serviceName, serviceToken); UpdateIdentityContainer(identityContainer); } return(serviceToken); }