protected override void Initialize(RequestContext requestContext) { base.Initialize(requestContext); if (Request.Cookies["lang"] != null) { var value = Request.Cookies["lang"].Value; Thread.CurrentThread.CurrentCulture = new CultureInfo(value); Thread.CurrentThread.CurrentUICulture = new CultureInfo(value); } if (Request.Cookies["access_token"] != null) { var value = Request.Cookies["access_token"].Value; if (!string.IsNullOrEmpty(value)) { var jwtToken = new JwtSecurityToken(value); var claims = jwtToken.Claims; ClaimsIdentity claim = new ClaimsIdentity(claims); var cp = new ClaimsPrincipal(claim); var transformer = new ClaimsAuthenticationManager(); var newPrincipal = transformer.Authenticate(string.Empty, cp); Thread.CurrentPrincipal = newPrincipal; HttpContext.User = newPrincipal; } } }
/// <summary> /// Create a Claims Principal and a Federated Authentication Session for the authenticated user. /// </summary> /// <param name="lifetime">The period from the current time during which the token is valid. Default use the security token valid to time.</param> /// <param name="isReferenceMode">In reference mode, a simple artifact is produced during serialization and the token material is stored in the token cache that is associated with the token handler. The token cache is an instance of a class that derives from SessionSecurityTokenCache. For Web Farm scenarios, the token cache must operate across all nodes in the farm.</param> /// <param name="isPersistent">If the IsPersistent property is true, the cookie is written as a persistent cookie. Persistent cookies remain valid after the browser is closed until they expire.</param> /// <param name="claimsAuthenticationManager">Possible to add a custom ClaimsAuthenticationManager for handling claims transformation.</param> public static ClaimsPrincipal CreateSession(this Saml2AuthnResponse saml2AuthnResponse, TimeSpan?lifetime = null, bool isReferenceMode = false, bool isPersistent = false, ClaimsAuthenticationManager claimsAuthenticationManager = null) { if (Thread.CurrentPrincipal.Identity.IsAuthenticated) { throw new InvalidOperationException("There already exist an Authenticated user."); } if (saml2AuthnResponse.Status != Saml2StatusCodes.Success) { throw new InvalidOperationException($"The SAML2 Response Status is not Success, the Response Status is: {saml2AuthnResponse.Status}."); } var principal = new ClaimsPrincipal(saml2AuthnResponse.ClaimsIdentity); if (principal.Identity == null || !principal.Identity.IsAuthenticated) { throw new InvalidOperationException("No Claims Identity created from SAML2 Response."); } var transformedPrincipal = claimsAuthenticationManager != null?claimsAuthenticationManager.Authenticate(null, principal) : principal; var sessionSecurityToken = lifetime.HasValue ? new SessionSecurityToken(transformedPrincipal, lifetime.Value) : new SessionSecurityToken(transformedPrincipal, null, saml2AuthnResponse.Saml2SecurityToken.ValidFrom, saml2AuthnResponse.Saml2SecurityToken.ValidTo); sessionSecurityToken.IsReferenceMode = isReferenceMode; sessionSecurityToken.IsPersistent = isPersistent; FederatedAuthentication.SessionAuthenticationModule.AuthenticateSessionSecurityToken(sessionSecurityToken, true); return(transformedPrincipal); }
protected override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) { var principal = _transfomer.Authenticate(request.RequestUri.AbsoluteUri, Thread.CurrentPrincipal as IClaimsPrincipal); Thread.CurrentPrincipal = principal; if (HttpContext.Current != null) { HttpContext.Current.User = principal; } return(base.SendAsync(request, cancellationToken)); }
public ActionResult Login(LoginModel model, string returnUrl) { if (ModelState.IsValid) { List <Claim> initialClaims = new List <Claim>(); initialClaims.Add(new Claim(ClaimTypes.Name, model.UserName)); ClaimsPrincipal claimsPrincipal = new ClaimsPrincipal(new ClaimsIdentity(initialClaims, "Forms")); ClaimsAuthenticationManager authManager = FederatedAuthentication.FederationConfiguration.IdentityConfiguration.ClaimsAuthenticationManager; authManager.Authenticate(string.Empty, claimsPrincipal); return(RedirectToLocal(returnUrl)); } // If we got this far, something failed, redisplay form ModelState.AddModelError("", "The user name or password provided is incorrect."); return(View(model)); }
public virtual void OnPostAuthenticateRequest(object sender, EventArgs args) { // TODO add the claimsPrincipal creation logic here var principal = HttpContext.Current.User as IClaimsPrincipal; if (principal == null) { principal = ClaimsPrincipal.CreateFromHttpContext(HttpContext.Current); ClaimsAuthenticationManager authenticationManager = ServiceConfiguration.ClaimsAuthenticationManager; if (authenticationManager != null && principal != null && principal.Identity != null) { principal = authenticationManager.Authenticate(HttpContext.Current.Request.Url.AbsoluteUri, principal); } HttpContext.Current.User = principal; Thread.CurrentPrincipal = principal; } }
/// <summary> /// Event handler for Application.PostAuthenticateRequest. Runs any <see cref="ClaimsAuthenticationManager"/> if one is configured. /// Tries to create a <see cref="ClaimsPrincipal"/> if none is already set. /// </summary> /// <param name="sender">Sender of this event.</param> /// <param name="args">Event arguments.</param> void OnPostAuthenticateRequest(object sender, EventArgs args) { IClaimsPrincipal icp = HttpContext.Current.User as IClaimsPrincipal; if (icp == null) { icp = ClaimsPrincipal.CreateFromHttpContext(HttpContext.Current); // // Run the Claims Authentication Manager if one is configured // ClaimsAuthenticationManager authenticationManager = ServiceConfiguration.ClaimsAuthenticationManager; if (authenticationManager != null && icp != null && icp.Identity != null) { icp = authenticationManager.Authenticate(HttpContext.Current.Request.Url.AbsoluteUri, icp); } SetPrincipal(icp); } }