public async Task CreateAsync(AuthenticationTokenCreateContext context) { try { Durados.Web.Mvc.Map map = Durados.Web.Mvc.Maps.Instance.GetMap(); if (map.Database.UseRefreshToken || map.Equals(Durados.Web.Mvc.Maps.Instance.DuradosMap)) { //var guid = Guid.NewGuid().ToString(); //// maybe only create a handle the first time, then re-use for same client //var refreshToken = System.Web.Helpers.Crypto.HashPassword(guid); //_refreshTokens.TryAdd(refreshToken, context.Ticket); // consider storing only the hash of the handle string username = map.Database.GetCurrentUsername(); string refreshToken = Durados.Web.Mvc.UI.Helpers.RefreshToken.Get(map.Equals(Durados.Web.Mvc.Maps.Instance.DuradosMap) ? Durados.Web.Mvc.Maps.DuradosAppName : map.AppName, username); if (refreshToken != null) { context.SetToken(refreshToken); } } } catch { } }
private string GetApprovalParametersToken(string appName, string username, string redirect) { Durados.Web.Mvc.Map map = Durados.Web.Mvc.Maps.Instance.GetMap(appName); string userToken = Durados.Web.Mvc.UI.Helpers.SecurityHelper.GetTmpUserGuidFromGuid(map.Database.GetGuidByUsername(username)); return(EncryptApprovalParameters(appName, userToken, redirect)); }
protected virtual string AssignPendingAppsCallback(Dictionary <string, object> paraemeters) { string appName = paraemeters["@appName"].ToString(); Durados.Web.Mvc.Map map = Durados.Web.Mvc.Maps.Instance.GetMap(appName); string username = paraemeters["@newUser"].ToString(); System.Web.Security.MembershipUser user = map.GetMembershipProvider().GetUser(username, true); if (user != null) { if (!user.IsApproved && Durados.Web.Mvc.Maps.MultiTenancy) { user.IsApproved = true; System.Web.Security.Membership.UpdateUser(user); } } //string appName = paraemeters["@appName"].ToString(); //Durados.Web.Mvc.Map map = Durados.Web.Mvc.Maps.Instance.GetMap(appName); //if (!map.Database.BackandSSO) //{ // Durados.Web.Mvc.UI.Helpers.AccountService.UpdateIsApproved(username, true, map); //} return("success"); }
private void ValidateById(OAuthGrantResourceOwnerCredentialsContext context) { if (System.Web.HttpContext.Current.Request.Form["appid"] == null || System.Web.HttpContext.Current.Request.Form["userid"] == null) { context.SetError(UserValidationErrorMessages.MissingUserIdOrAppId, UserValidationErrorMessages.MissingUserIdOrAppId); return; } string appName = GetAppName(System.Web.HttpContext.Current.Request.Form["appid"]); if (appName == null) { context.SetError(UserValidationErrorMessages.WrongUserIdOrAppId, UserValidationErrorMessages.WrongUserIdOrAppId); return; } Durados.Web.Mvc.Map map = Durados.Web.Mvc.Maps.Instance.GetMap(appName); if (map == Durados.Web.Mvc.Maps.Instance.DuradosMap) { context.SetError(UserValidationErrorMessages.WrongUserIdOrAppId, UserValidationErrorMessages.WrongUserIdOrAppId); return; } if (!map.Database.EnableSecretKeyAccess) { context.SetError(UserValidationErrorMessages.EnableKeysAccess, UserValidationErrorMessages.EnableKeysAccess); return; } string username = GetUserName(System.Web.HttpContext.Current.Request.Form["userid"], appName); if (username == null) { context.SetError(UserValidationErrorMessages.WrongUserIdOrAppId, UserValidationErrorMessages.WrongUserIdOrAppId); return; } var identity = new ClaimsIdentity(context.Options.AuthenticationType); identity.AddClaim(new Claim(Database.Username, username)); identity.AddClaim(new Claim(Database.AppName, appName)); context.Validated(identity); Durados.Web.Mvc.Maps.Instance.DuradosMap.Logger.Log("auth-end", appName, username, null, 3, string.Empty); }
protected virtual HttpResponseMessage Approve(string userToken, string appName, string redirect) { try { if (string.IsNullOrEmpty(appName)) { string message = "Could not find app"; return(Request.CreateResponse(HttpStatusCode.Unauthorized, message)); } Durados.Web.Mvc.Map map = Durados.Web.Mvc.Maps.Instance.GetMap(appName); if (map == null) { string message = "Could not find app"; return(Request.CreateResponse(HttpStatusCode.Unauthorized, message)); } bool allowRegistration = IsRegisreationAllowed(map); if (!allowRegistration) { string message = "To enable Sign Up, please Enable User Registration"; return(Request.CreateResponse(HttpStatusCode.Unauthorized, message)); } string userGuid = Durados.Web.Mvc.UI.Helpers.SecurityHelper.GetUserGuidFromTmpGuid(userToken); string username = map.Database.GetUsernameByGuid(userGuid); ApproveUser(appName, username); var response = Request.CreateResponse(HttpStatusCode.Moved); response.Headers.Location = new Uri(redirect); return(response); } catch (Exception exception) { throw new BackAndApiUnexpectedResponseException(exception, this); } }
//[Durados.Web.Mvc.Controllers.Attributes.RequiresSSL] public ActionResult Home() { bool hostByUs = Convert.ToBoolean(System.Configuration.ConfigurationManager.AppSettings["hostByUs"] ?? "true"); //for the main app (www), when routing back to the website, first redirect to / (e.g. www.backand.com) //and only when coming iwth url= '/' load the index page and return it Durados.Web.Mvc.Map map = Durados.Web.Mvc.Maps.Instance.GetMap(); if (map.IsMainMap && hostByUs) { if (Request.Url.AbsoluteUri != map.Url && Request.Url.AbsoluteUri != map.Url + "/") { return(RedirectPermanent(map.Url)); } else { return(File(Server.MapPath("/ws/index.html"), "text/html")); } } else { return(RedirectToAction("Default", "Home")); } }
private void ApproveUser(string appName, string username) { Durados.Web.Mvc.Map map = Durados.Web.Mvc.Maps.Instance.GetMap(appName); string mapId = map.Id; if (string.IsNullOrEmpty(mapId)) { System.Data.DataRow appRow = Durados.Web.Mvc.Maps.Instance.GetAppRow(appName); mapId = appRow != null ? appRow["Id"].ToString() : string.Empty; } string userId = map.Database.GetUserID(username).ToString(); Dictionary <string, object> parameters2 = new Dictionary <string, object>(); parameters2.Add("@UserId", userId); parameters2.Add("@AppId", mapId); Durados.DataAccess.SqlAccess sql = new Durados.DataAccess.SqlAccess(); if (string.IsNullOrEmpty(sql.ExecuteScalar(Durados.Web.Mvc.Maps.Instance.DuradosMap.connectionString, "SELECT TOP 1 [ID] FROM [durados_UserApp] WHERE [UserId]=@UserId AND [AppId]=@AppId", parameters2))) { parameters2.Add("@newUser", username); parameters2.Add("@appName", appName); sql.ExecuteNonQuery(Durados.Web.Mvc.Maps.Instance.DuradosMap.Database.ConnectionString, "durados_AssignPendingApps @newUser,@appName", parameters2, AssignPendingAppsCallback); } }
public void EditPreview(string configViewName, string property, string value, string pk, string guid, out Durados.Web.Mvc.View view) { Durados.Web.Mvc.Map previewMap = Maps.Instance.GetMap(); Durados.DataAccess.ConfigAccess configAccess = new DataAccess.ConfigAccess(); view = null; if (configViewName == "Page" && guid == PageGuid) { try { view = null; Page page = Maps.Instance.GetMap().Database.Pages[Convert.ToInt32(pk)]; System.Reflection.PropertyInfo propertyInfo = page.GetType().GetProperty(property); object value2; if (propertyInfo.PropertyType.BaseType.FullName == "System.Enum") { value2 = Enum.Parse(propertyInfo.PropertyType, value); } else { value2 = Convert.ChangeType(value, propertyInfo.PropertyType); } propertyInfo.SetValue(page, value2, null); Save((View)previewMap.GetConfigDatabase().Views["Page"], property, value2, pk); } catch (Exception ex) { throw new DuradosException("Failed to set value to field property.", ex); } } else if (configViewName == "View") { string viewName = configAccess.GetViewNameByPK(pk, previewMap.GetConfigDatabase().ConnectionString); if (string.IsNullOrEmpty(viewName)) { // previewMap.Logger.Log("Admmin", "PreviewEdit", "EditPreview", null, 15, "viewName are null or empty."); throw new DuradosException("viewName are null or empty or not exists."); } if (!previewMap.Database.Views.ContainsKey(viewName)) { //previewMap.Logger.Log("Admmin", "PreviewEdit", "EditPreview", null, 15, "viewName are not contained in Views."); throw new DuradosException("viewName are not contained in Views."); } view = (Durados.Web.Mvc.View)previewMap.Database.Views[viewName]; try { System.Reflection.PropertyInfo propertyInfo = view.GetType().GetProperty(property); object value2; if (propertyInfo.PropertyType.BaseType.FullName == "System.Enum") { value2 = Enum.Parse(propertyInfo.PropertyType, value); } else { value2 = Convert.ChangeType(value, propertyInfo.PropertyType); } propertyInfo.SetValue(view, value2, null); if (guid == PageGuid) { Save((View)previewMap.GetConfigDatabase().Views["View"], property, value2, pk); } } catch (Exception ex) { throw new DuradosException("Failed to set value to field property.", ex); } } else if (configViewName == "Field") { string fieldName = configAccess.GetFieldNameByPK(pk, previewMap.GetConfigDatabase().ConnectionString); string viewPK = configAccess.GetViewPKByFieldPK(pk, previewMap.GetConfigDatabase().ConnectionString); string viewName = configAccess.GetViewNameByPK(viewPK, previewMap.GetConfigDatabase().ConnectionString); if (string.IsNullOrEmpty(viewName) || string.IsNullOrEmpty(fieldName)) { throw new DuradosException("fieldName or viewName are null or empty."); //previewMap.Logger.Log("Admmin","PreviewEdit","EditPreview",null,15,"fieldName or viewName are null or empty."); } if (!previewMap.Database.Views.ContainsKey(viewName) || !previewMap.Database.Views[viewName].Fields.ContainsKey(fieldName)) { throw new DuradosException("fieldName or viewName are not contained in file."); //previewMap.Logger.Log("Admmin", "PreviewEdit", "EditPreview", null, 15, "fieldName or viewName are not contained in file."); } Durados.Field field = previewMap.Database.Views[viewName].Fields[fieldName]; try { System.Reflection.PropertyInfo propertyInfo = field.GetType().GetProperty(property); object value2; if (propertyInfo.PropertyType.BaseType.FullName == "System.Enum") { value2 = Enum.Parse(propertyInfo.PropertyType, value); } else { value2 = Convert.ChangeType(value, propertyInfo.PropertyType); } propertyInfo.SetValue(field, value2, null); } catch (Exception ex) { throw new DuradosException("Failed to set value to field property.", ex); } } }
// public override async Task GrantRefreshToken( //OAuthGrantRefreshTokenContext context) // { // var originalClient = context.Ticket.Properties.Dictionary["as:client_id"]; // var currentClient = context.OwinContext.Get<string>("as:client_id"); // // enforce client binding of refresh token // if (originalClient != currentClient) // { // context.Rejected(); // return; // } // // chance to change authentication ticket for refresh token requests // var newId = new ClaimsIdentity(context.Ticket.Identity); // newId.AddClaim(new Claim("newClaim", "refreshToken")); // var newTicket = new Microsoft.Owin.Security.AuthenticationTicket(newId, context.Ticket.Properties); // context.Validated(newTicket); // } public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" }); if (System.Web.HttpContext.Current.Request.Form["username"] == null && System.Web.HttpContext.Current.Request.Form["userid"] != null) { ValidateById(context); return; } else if (System.Web.HttpContext.Current.Request.Form["username"] == null && System.Web.HttpContext.Current.Request.Form["accessToken"] != null) { ValidateByOneTimeAccessToken(context); return; } else if (System.Web.HttpContext.Current.Request.Form["refreshToken"] != null) { if (System.Web.HttpContext.Current.Request.Form["username"] == null) { throw new DuradosException("username is missing."); } if (System.Web.HttpContext.Current.Request.Form[Database.AppName] == null) { throw new DuradosException(Database.AppName + " is missing."); } if (!System.Web.HttpContext.Current.Items.Contains(Database.AppName)) { System.Web.HttpContext.Current.Items.Add(Database.AppName, System.Web.HttpContext.Current.Request.Form[Database.AppName]); } if (!System.Web.HttpContext.Current.Items.Contains(Database.Username)) { System.Web.HttpContext.Current.Items.Add(Database.Username, System.Web.HttpContext.Current.Request.Form["username"]); } ValidateByRefreshToken(context, System.Web.HttpContext.Current.Request.Form["username"], System.Web.HttpContext.Current.Request.Form[Database.AppName], System.Web.HttpContext.Current.Request.Form["refreshToken"]); return; } string appname = null; appname = System.Web.HttpContext.Current.Request.Form[Database.AppName]; if (SharedMemorySingeltone.Instance.Contains(appname, Durados.Data.SharedMemoryKey.DebugMode)) { System.Web.HttpContext.Current.Items[Durados.Workflow.JavaScript.Debug] = true; } if (string.IsNullOrEmpty(appname)) { context.SetError(UserValidationErrorMessages.InvalidGrant, UserValidationErrorMessages.AppNameNotSupplied); return; } if (!IsAppExists(appname)) { context.SetError(UserValidationErrorMessages.InvalidGrant, string.Format(UserValidationErrorMessages.AppNameNotExists, appname)); return; } System.Collections.Specialized.NameValueCollection form = GetFixedForm(); string username = context.UserName; try { username = form["username"]; } catch { } string password = context.Password; try { password = form["password"]; } catch { } if (!Durados.Web.Mvc.Maps.IsDevUser(username) && IsAppLocked(appname)) { context.SetError(UserValidationErrorMessages.InvalidGrant, string.Format(UserValidationErrorMessages.AppLocked, appname)); return; } if (!System.Web.HttpContext.Current.Items.Contains(Database.AppName)) { System.Web.HttpContext.Current.Items.Add(Database.AppName, appname); } if (!System.Web.HttpContext.Current.Items.Contains(Database.Username)) { System.Web.HttpContext.Current.Items.Add(Database.Username, username); } Durados.Web.Mvc.Maps.Instance.DuradosMap.Logger.Log("auth-start", appname, username, null, 3, string.Empty); if (Durados.Web.Mvc.Maps.Instance.AppInCach(appname)) { Durados.Web.Mvc.Maps.Instance.GetMap(appname).Logger.Log("auth-start", appname, username, null, 3, string.Empty); } UserValidationError userValidationError = UserValidationError.Valid; string customError = null; bool hasCustomValidation = false; bool customValid = false; try { if (!IsValid(appname, username, password, out userValidationError, out customError, out hasCustomValidation, out customValid)) { Durados.Web.Mvc.Controllers.AccountMembershipService accountMembershipService = new Durados.Web.Mvc.Controllers.AccountMembershipService(); string message = UserValidationErrorMessages.Unknown; switch (userValidationError) { case UserValidationError.IncorrectUsernameOrPassword: message = UserValidationErrorMessages.IncorrectUsernameOrPassword; break; case UserValidationError.LockedOut: message = UserValidationErrorMessages.LockedOut; break; case UserValidationError.NotApproved: message = UserValidationErrorMessages.NotApproved; break; case UserValidationError.NotRegistered: message = UserValidationErrorMessages.NotRegistered; break; case UserValidationError.UserDoesNotBelongToApp: message = UserValidationErrorMessages.UserDoesNotBelongToApp; break; case UserValidationError.Custom: if (customError != null) { message = customError; } else { message = UserValidationErrorMessages.Unknown; } break; default: message = UserValidationErrorMessages.Unknown; break; } context.SetError(UserValidationErrorMessages.InvalidGrant, message); Durados.Web.Mvc.Maps.Instance.DuradosMap.Logger.Log("auth-end-failure", appname, username, null, 3, message); if (Durados.Web.Mvc.Maps.Instance.AppInCach(appname)) { Durados.Web.Mvc.Maps.Instance.GetMap(appname).Logger.Log("auth-start", appname, username, null, 3, message); } return; } } catch (System.Exception exception) { context.SetError(UserValidationErrorMessages.InvalidGrant, exception.Message); Durados.Web.Mvc.Maps.Instance.DuradosMap.Logger.Log("auth-end-failure", appname, username, null, 1, exception.Message); if (Durados.Web.Mvc.Maps.Instance.AppInCach(appname)) { Durados.Web.Mvc.Maps.Instance.GetMap(appname).Logger.Log("auth-end-failure", appname, username, null, 1, exception.Message); } return; } Durados.Web.Mvc.Map map = Durados.Web.Mvc.Maps.Instance.GetMap(appname); Durados.Web.Mvc.Controllers.AccountMembershipService account = new Durados.Web.Mvc.Controllers.AccountMembershipService(); if (!hasCustomValidation || !customValid) { if (map.Database.SecureLevel == SecureLevel.AllUsers) { try { if (!(account.AuthenticateUser(map, username, password))) { context.SetError(UserValidationErrorMessages.InvalidGrant, UserValidationErrorMessages.IncorrectUsernameOrPassword); Durados.Web.Mvc.Maps.Instance.DuradosMap.Logger.Log("auth-end-failure", appname, username, null, 3, UserValidationErrorMessages.IncorrectUsernameOrPassword); if (Durados.Web.Mvc.Maps.Instance.AppInCach(appname)) { Durados.Web.Mvc.Maps.Instance.GetMap(appname).Logger.Log("auth-end-failure", appname, username, null, 3, UserValidationErrorMessages.IncorrectUsernameOrPassword); } return; } else if (!(account.IsApproved(username))) { if (map.HasAuthApp && account.IsApproved(username, map.AuthAppName)) { userController uc = new userController(); var userRow = map.GetAuthAppMap().Database.GetUserRow(username); var signUpResults = uc.SignUp(appname, null, null, true, GetFirstName(userRow), username, GetLastName(userRow), password, password, new Dictionary <string, object>()); } else { context.SetError(UserValidationErrorMessages.InvalidGrant, UserValidationErrorMessages.NotApproved); Durados.Web.Mvc.Maps.Instance.DuradosMap.Logger.Log("auth-end-failure", appname, username, null, 3, UserValidationErrorMessages.NotApproved); if (Durados.Web.Mvc.Maps.Instance.AppInCach(appname)) { Durados.Web.Mvc.Maps.Instance.GetMap(appname).Logger.Log("auth-end-failure", appname, username, null, 3, UserValidationErrorMessages.NotApproved); } return; } } } catch (System.Exception exception) { context.SetError(UserValidationErrorMessages.Unknown, exception.Message); return; } } } if (!string.IsNullOrEmpty(map.Database.LogOnUrlAuth) && !new DuradosAuthorizationHelper().ValidateLogOnAuthUrl(map, System.Web.HttpContext.Current.Request.Form)) { string message = "External authentication failer"; context.SetError(UserValidationErrorMessages.InvalidGrant, message); Durados.Web.Mvc.Maps.Instance.DuradosMap.Logger.Log("auth-end-failure", appname, username, null, 3, message); if (Durados.Web.Mvc.Maps.Instance.AppInCach(appname)) { Durados.Web.Mvc.Maps.Instance.GetMap(appname).Logger.Log("auth-end-failure", appname, username, null, 3, message); } return; } var identity = new ClaimsIdentity(context.Options.AuthenticationType); identity.AddClaim(new Claim(Database.Username, username)); identity.AddClaim(new Claim(Database.AppName, appname)); // create metadata to pass on to refresh token provider //var props = new Microsoft.Owin.Security.AuthenticationProperties(new Dictionary<string, string> //{ // { "as:client_id", context.ClientId } //}); //var ticket = new Microsoft.Owin.Security.AuthenticationTicket(identity, props); //context.Validated(ticket); context.Validated(identity); Durados.Web.Mvc.Maps.Instance.DuradosMap.Logger.Log("auth-end", appname, username, null, 3, string.Empty); if (Durados.Web.Mvc.Maps.Instance.AppInCach(appname)) { Durados.Web.Mvc.Maps.Instance.GetMap(appname).Logger.Log("auth-end", appname, username, null, 3, string.Empty); } }
private string GetUserName(string userId, string appName) { Durados.Web.Mvc.Map map = Durados.Web.Mvc.Maps.Instance.GetMap(appName); return(map.Database.GetUsernameByGuid(userId)); }
public override Task TokenEndpoint(OAuthTokenEndpointContext context) { var usernameObj = context.Identity.Claims.Where(c => c.Type == Database.Username).Single(); var appnameObj = context.Identity.Claims.Where(c => c.Type == Database.AppName).Single(); if (usernameObj != null && appnameObj != null) { string username = usernameObj.Value; if (System.Web.HttpContext.Current != null && System.Web.HttpContext.Current.Items.Contains(Database.Username)) { username = System.Web.HttpContext.Current.Items[Database.Username].ToString(); } string appname = appnameObj.Value; context.AdditionalResponseParameters.Add("appName", appname); context.AdditionalResponseParameters.Add("username", username); try { Durados.Web.Mvc.Map map = Durados.Web.Mvc.Maps.Instance.GetMap(appname); var currentUtc = new Microsoft.Owin.Infrastructure.SystemClock().UtcNow; int expiration = map.Database.TokenExpiration; if (expiration == 0 || expiration == 8640) { expiration = 86400; } context.Properties.IssuedUtc = currentUtc; context.Properties.ExpiresUtc = currentUtc.Add(System.TimeSpan.FromSeconds(expiration)); string role = map.Database.GetUserRole2(username); int backandUserId = map.Database.GetUserID(username); object userId = map.Database.GetCurrentUserId(); context.AdditionalResponseParameters.Add("role", role); try { string firstName = map.Database.GetUserFirstName(); context.AdditionalResponseParameters.Add("firstName", firstName); string lastName = map.Database.GetUserLastName(); context.AdditionalResponseParameters.Add("lastName", lastName); string fullName = map.Database.GetUserFullName2(username).ToString(); context.AdditionalResponseParameters.Add("fullName", fullName); } catch { } context.AdditionalResponseParameters.Add("regId", backandUserId); context.AdditionalResponseParameters.Add("userId", userId); } catch { } try { if (System.Web.HttpContext.Current.Items.Contains(Durados.Database.CustomTokenAttrKey)) { IDictionary <string, object> dic = (IDictionary <string, object>)System.Web.HttpContext.Current.Items[Durados.Database.CustomTokenAttrKey]; const string ForToken = "forToken"; if (dic.ContainsKey(ForToken)) { var additionalValuesForToken = (IDictionary <string, object>)dic[ForToken]; foreach (string key in additionalValuesForToken.Keys) { context.AdditionalResponseParameters.Add(key, additionalValuesForToken[key]); } } //else //{ // foreach (string key in dic.Keys) // { // context.AdditionalResponseParameters.Add(key, dic[key]); // } //} } } catch { } } return(Task.FromResult <object>(null)); }
private void ValidateByOneTimeAccessToken(OAuthGrantResourceOwnerCredentialsContext context) { if (System.Web.HttpContext.Current.Request.Form["accessToken"] == null) { context.SetError(UserValidationErrorMessages.MissingAccessToken, UserValidationErrorMessages.MissingAccessToken); return; } string accessToken = System.Web.HttpContext.Current.Request.Form["accessToken"]; string appName = System.Web.HttpContext.Current.Request.Form["appName"]; if (appName == null) { context.SetError(UserValidationErrorMessages.AppNameNotSupplied, UserValidationErrorMessages.AppNameNotSupplied); return; } Durados.Web.Mvc.Map map = Durados.Web.Mvc.Maps.Instance.GetMap(appName); if (map == null || (appName != Durados.Web.Mvc.Maps.DuradosAppName && map == Durados.Web.Mvc.Maps.Instance.DuradosMap)) { context.SetError(UserValidationErrorMessages.WrongAppName, UserValidationErrorMessages.WrongAppName); return; } string userGuid = Durados.Web.Mvc.UI.Helpers.SecurityHelper.GetUserGuidFromTmpGuid(accessToken); string username = Durados.Web.Mvc.Maps.Instance.DuradosMap.Database.GetUsernameByGuid(userGuid); if (username == null) { context.SetError(UserValidationErrorMessages.InvalidAccessToken, UserValidationErrorMessages.InvalidAccessToken); return; } Durados.Web.Mvc.Controllers.AccountMembershipService accountMembershipService = new Durados.Web.Mvc.Controllers.AccountMembershipService(); if (map.Database.GetUserRow(username) == null) { context.SetError(UserValidationErrorMessages.UserDoesNotBelongToApp, UserValidationErrorMessages.UserDoesNotBelongToApp); return; } if (!System.Web.HttpContext.Current.Items.Contains(Database.AppName)) { System.Web.HttpContext.Current.Items.Add(Database.AppName, appName); } if (!System.Web.HttpContext.Current.Items.Contains(Database.Username)) { System.Web.HttpContext.Current.Items.Add(Database.Username, username); } var identity = new ClaimsIdentity(context.Options.AuthenticationType); identity.AddClaim(new Claim(Database.Username, username)); identity.AddClaim(new Claim(Database.AppName, appName)); if (!System.Web.HttpContext.Current.Items.Contains(Durados.Database.CustomTokenAttrKey)) { string tokenInfo; var profile = GetProfileFromSharedMemoryToModulateInAccessToken(accessToken, out tokenInfo); if (profile != null) { if (profile.ContainsKey(AdditionalValues) && profile[AdditionalValues] is IDictionary <string, object> ) { System.Web.HttpContext.Current.Items.Add(Durados.Database.CustomTokenAttrKey, (IDictionary <string, object>)profile[AdditionalValues]); } identity.AddClaim(new Claim(Database.TokenInfo, tokenInfo)); } } context.Validated(identity); Durados.Web.Mvc.Maps.Instance.DuradosMap.Logger.Log("auth-end", appName, username, null, 3, string.Empty); }
private bool IsRegisreationAllowed(Durados.Web.Mvc.Map map) { return(map.Database.EnableUserRegistration); }