public async Task When_Passing_No_Authentication_Instruction_Then_Exception_Is_Thrown() { await Assert .ThrowsAsync <NullReferenceException>( () => _authenticateClient.Authenticate(null, null, CancellationToken.None)) .ConfigureAwait(false); }
public async Task <Option <GrantedToken> > GetTokenByClientCredentialsGrantType( ClientCredentialsGrantTypeParameter clientCredentialsGrantTypeParameter, AuthenticationHeaderValue?authenticationHeaderValue, X509Certificate2?certificate, string issuerName, CancellationToken cancellationToken) { if (string.IsNullOrWhiteSpace(clientCredentialsGrantTypeParameter.Scope)) { return(new ErrorDetails { Status = HttpStatusCode.BadRequest, Title = ErrorCodes.InvalidRequest, Detail = string.Format(Strings.MissingParameter, StandardTokenRequestParameterNames.ScopeName) }); } // 1. Authenticate the client var instruction = authenticationHeaderValue.GetAuthenticateInstruction( clientCredentialsGrantTypeParameter, certificate); var authResult = await _authenticateClient.Authenticate(instruction, issuerName, cancellationToken) .ConfigureAwait(false); var client = authResult.Client; if (client == null) { return(new ErrorDetails { Status = HttpStatusCode.BadRequest, Title = ErrorCodes.InvalidClient, Detail = authResult.ErrorMessage ! });
public async Task <Option <GrantedToken> > GetTokenByTicketId( GetTokenViaTicketIdParameter parameter, AuthenticationHeaderValue?authenticationHeaderValue, X509Certificate2?certificate, string issuerName, CancellationToken cancellationToken) { if (string.IsNullOrWhiteSpace(parameter.Ticket)) { _logger.LogError("Ticket is null or empty"); return(new ErrorDetails { Status = HttpStatusCode.BadRequest, Title = ErrorCodes.InvalidRequest, Detail = string.Format(Strings.MissingParameter, UmaConstants.RptClaims.Ticket) }); } var instruction = authenticationHeaderValue.GetAuthenticateInstruction(parameter, certificate); var authResult = await _authenticateClient.Authenticate(instruction, issuerName, cancellationToken) .ConfigureAwait(false); var client = authResult.Client; if (client == null) { _logger.LogError("Client not found."); return(new ErrorDetails { Status = HttpStatusCode.BadRequest, Title = ErrorCodes.InvalidClient, Detail = authResult.ErrorMessage ! });
public async Task <Option> Execute( RevokeTokenParameter revokeTokenParameter, AuthenticationHeaderValue?authenticationHeaderValue, X509Certificate2?certificate, string issuerName, CancellationToken cancellationToken) { var refreshToken = revokeTokenParameter.Token; if (refreshToken == null) { _logger.LogError(Strings.TheRefreshTokenIsNotValid); return(new ErrorDetails { Detail = Strings.TheRefreshTokenIsNotValid, Status = HttpStatusCode.BadRequest, Title = ErrorCodes.InvalidToken }); } // 1. Check the client credentials var instruction = authenticationHeaderValue.GetAuthenticateInstruction(revokeTokenParameter, certificate); var authResult = await _authenticateClient.Authenticate(instruction, issuerName, cancellationToken) .ConfigureAwait(false); var client = authResult.Client; if (client == null) { _logger.LogError(authResult.ErrorMessage); return(new ErrorDetails { Detail = authResult.ErrorMessage !, Status = HttpStatusCode.BadRequest, Title = ErrorCodes.InvalidClient });
/// <summary> /// Check the parameters based on the RFC : http://openid.net/specs/openid-connect-core-1_0.html#TokenRequestValidation /// </summary> /// <param name="authorizationCodeGrantTypeParameter"></param> /// <param name="authenticationHeaderValue"></param> /// <param name="certificate"></param> /// <param name="issuerName"></param> /// <param name="cancellationToken">The <see cref="CancellationToken"/> for the async operation.</param> /// <returns></returns> private async Task <Option <ValidationResult> > ValidateParameter( AuthorizationCodeGrantTypeParameter authorizationCodeGrantTypeParameter, AuthenticationHeaderValue?authenticationHeaderValue, X509Certificate2?certificate, string issuerName, CancellationToken cancellationToken) { if (authorizationCodeGrantTypeParameter.Code == null) { return(new ErrorDetails { Status = HttpStatusCode.BadRequest, Title = ErrorCodes.InvalidGrant, Detail = Strings.TheAuthorizationCodeIsNotCorrect }); } // 1. Authenticate the client var instruction = authenticationHeaderValue.GetAuthenticateInstruction( authorizationCodeGrantTypeParameter, certificate); var authResult = await _authenticateClient.Authenticate(instruction, issuerName, cancellationToken) .ConfigureAwait(false); var client = authResult.Client; if (client == null) { return(new ErrorDetails { Status = HttpStatusCode.BadRequest, Title = ErrorCodes.InvalidClient, Detail = authResult.ErrorMessage ! });
public override void Respond(IHttpContext context) { if (context.Request.Headers["Accept"] != TokenContentType) { context.Response.StatusCode = (int)HttpStatusCode.BadRequest; context.WriteJson(new { error = "invalid_request", error_description = "Accept should be: " + TokenContentType }); return; } if (context.Request.Headers["grant_type"] != TokenGrantType) { context.Response.StatusCode = (int)HttpStatusCode.BadRequest; context.WriteJson(new { error = "unsupported_grant_type", error_description = "Only supported grant_type is: " + TokenGrantType }); return; } var identity = GetUserAndPassword(context); if (identity == null) { context.Response.StatusCode = (int)HttpStatusCode.Unauthorized; context.Response.AddHeader("WWW-Authenticate", "Basic realm=\"Raven DB\""); context.WriteJson(new { error = "invalid_client", error_description = "No client authentication was provided" }); return; } List <DatabaseAccess> authorizedDatabases; if (!AuthenticateClient.Authenticate(Database, identity.Item1, identity.Item2, out authorizedDatabases)) { if ((Database == SystemDatabase || !AuthenticateClient.Authenticate(SystemDatabase, identity.Item1, identity.Item2, out authorizedDatabases))) { context.Response.StatusCode = (int)HttpStatusCode.Unauthorized; context.Response.AddHeader("WWW-Authenticate", "Basic realm=\"Raven DB\""); context.WriteJson(new { error = "unauthorized_client", error_description = "Invalid client credentials" }); return; } } Interlocked.Increment(ref numberOfTokensIssued); var userId = identity.Item1; var token = AccessToken.Create(Settings.OAuthTokenKey, new AccessTokenBody { UserId = userId, AuthorizedDatabases = authorizedDatabases }); context.Write(token.Serialize()); }
public bool Authenticate(string username, string password, string domain) { LDAPAuth.AuthenticateClient authService = new AuthenticateClient(); string ldapUrl = System.Configuration.ConfigurationManager.AppSettings["ldapUrl"]; authService.InnerChannel.OperationTimeout = System.TimeSpan.MaxValue; bool retData = authService.Authenticate(username, domain, password, ldapUrl); return(retData); }
private void btnLogIn_Click(object sender, RoutedEventArgs e) { lblError.Content = ""; byte[] cipheredKeyContainer = new byte[64]; IAuthenticate proxy = new AuthenticateClient(); LavaResult result = proxy.Authenticate(tbUserName.Text, pbPassword.Password); if (result.Result == LAVA_ERROR_CODE.NO_MASTER_KEY) { MasterKeyWindow msKeyWnd = new MasterKeyWindow(); msKeyWnd.ShowDialog(); byte[] masterKey = CryptoLibrary.generateRandom(32); byte[] keyContainer = TLVUtil.StoreTag(0x25, masterKey); cipheredKeyContainer = CryptoLibrary.encrypt28147cfb( CryptoLibrary.computeHash3411(Utility.StringToByteArray(MasterKeyWindow.Password)), keyContainer); result = proxy.StoreKeyContainer(tbUserName.Text, cipheredKeyContainer); if (result.Result != LAVA_ERROR_CODE.OK) { lblError.Content = "Error while putting container: " + result.Result.ToString(); return; } } if (result.Result == LAVA_ERROR_CODE.OK) { EnterMasterKey enterKey = new EnterMasterKey(tbUserName.Text, (AuthenticateClient)proxy); enterKey.ShowDialog(); byte[] key = EnterMasterKey.key; this.Close(); LavaUser user = new LavaUser(tbUserName.Text, pbPassword.Password); user.MasterKey = key; wnd.Show(user); } else lblError.Content = "wrong name or pword"; }
public async Task <Option <GrantedToken> > Execute( RefreshTokenGrantTypeParameter refreshTokenGrantTypeParameter, AuthenticationHeaderValue?authenticationHeaderValue, X509Certificate2?certificate, string issuerName, CancellationToken cancellationToken) { // 1. Try to authenticate the client var instruction = authenticationHeaderValue.GetAuthenticateInstruction( refreshTokenGrantTypeParameter, certificate); var authResult = await _authenticateClient.Authenticate(instruction, issuerName, cancellationToken) .ConfigureAwait(false); var client = authResult.Client; if (client == null) { return(new ErrorDetails { Status = HttpStatusCode.BadRequest, Title = ErrorCodes.InvalidClient, Detail = authResult.ErrorMessage ! });