public override IHttpResult OnAuthenticated(IServiceBase authService, IAuthSession session, IAuthTokens tokens, Dictionary <string, string> authInfo) { authService.Request.RemoveSession(); // Override session options authService.Request.AddSessionOptions(SessionOptions.Temporary); // Create new session cookies session.Id = authService.Request.Response.CreateSessionIds(authService.Request); // authInfo = new Dictionary<string, string>(); // authInfo.Add("Security", (authService.GetSession() as CustomUserSession).SecurityLevel.ToString()); try { session.IsAuthenticated = true; session.OnAuthenticated(authService, session, tokens, authInfo); AuthEvents.OnAuthenticated(authService.Request, session, authService, tokens, authInfo); } finally { authService.SaveSession(session, SessionExpiry); } return(null); // return base.OnAuthenticated(authService, session, tokens, authInfo); }
public override IHttpResult OnAuthenticated(IServiceBase authService, IAuthSession session, IAuthTokens tokens, Dictionary <string, string> authInfo) { session.AuthProvider = Name; if (session is AuthUserSession userSession) { LoadUserAuthInfo(userSession, tokens, authInfo); HostContext.TryResolve <IAuthMetadataProvider>().SafeAddMetadata(tokens, authInfo); } if (session is IAuthSessionExtended authSession) { var failed = authSession.Validate(authService, session, tokens, authInfo); if (failed != null) { authService.RemoveSession(); return(failed); } } var authRepo = HostContext.AppHost.GetAuthRepository(authService.Request); using (authRepo as IDisposable) { if (authRepo != null) { if (tokens != null) { authInfo.ForEach((x, y) => tokens.Items[x] = y); session.UserAuthId = authRepo.CreateOrMergeAuthSession(session, tokens).UserAuthId.ToString(); } foreach (var oAuthToken in session.GetAuthTokens()) { var authProvider = AuthenticateService.GetAuthProvider(oAuthToken.Provider); var userAuthProvider = authProvider as OAuthProvider; userAuthProvider?.LoadUserOAuthProvider(session, oAuthToken); } var failed = ValidateAccount(authService, authRepo, session, tokens); if (failed != null) { return(failed); } } } try { session.OnAuthenticated(authService, session, tokens, authInfo); AuthEvents.OnAuthenticated(authService.Request, session, authService, tokens, authInfo); } finally { this.SaveSession(authService, session, SessionExpiry); authService.Request.Items[Keywords.DidAuthenticate] = true; } return(null); }
public override IHttpResult OnAuthenticated(IServiceBase authService, IAuthSession session, IAuthTokens tokens, Dictionary <string, string> authInfo) { var userSession = session as AuthUserSession; if (userSession != null) { LoadUserAuthInfo(userSession, tokens, authInfo); HostContext.TryResolve <IAuthMetadataProvider>().SafeAddMetadata(tokens, authInfo); } var authRepo = authService.TryResolve <IAuthRepository>(); if (authRepo != null) { if (tokens != null) { authInfo.ForEach((x, y) => tokens.Items[x] = y); session.UserAuthId = authRepo.CreateOrMergeAuthSession(session, tokens).UserAuthId.ToString(); } foreach (var oAuthToken in session.ProviderOAuthAccess) { var authProvider = AuthenticateService.GetAuthProvider(oAuthToken.Provider); if (authProvider == null) { continue; } var userAuthProvider = authProvider as OAuthProvider; if (userAuthProvider != null) { userAuthProvider.LoadUserOAuthProvider(session, oAuthToken); } } var httpRes = authService.Request.Response as IHttpResponse; if (httpRes != null) { httpRes.Cookies.AddPermanentCookie(HttpHeaders.XUserAuthId, session.UserAuthId); } var failed = ValidateAccount(authService, authRepo, session, tokens); if (failed != null) { return(failed); } } try { session.IsAuthenticated = true; session.OnAuthenticated(authService, session, tokens, authInfo); AuthEvents.OnAuthenticated(authService.Request, session, authService, tokens, authInfo); } finally { authService.SaveSession(session, SessionExpiry); } return(null); }
public virtual void OnAuthenticated(IServiceBase authService, IAuthSession session, IAuthTokens tokens, Dictionary <string, string> authInfo) { var userSession = session as AuthUserSession; if (userSession != null) { LoadUserAuthInfo(userSession, tokens, authInfo); } var authRepo = authService.TryResolve <IAuthRepository>(); if (authRepo != null) { if (tokens != null) { authInfo.ForEach((x, y) => tokens.Items[x] = y); session.UserAuthId = authRepo.CreateOrMergeAuthSession(session, tokens); } //SaveUserAuth(authService, userSession, authRepo, tokens); authRepo.LoadUserAuth(session, tokens); foreach (var oAuthToken in session.ProviderOAuthAccess) { var authProvider = AuthenticateService.GetAuthProvider(oAuthToken.Provider); if (authProvider == null) { continue; } var userAuthProvider = authProvider as OAuthProvider; if (userAuthProvider != null) { userAuthProvider.LoadUserOAuthProvider(session, oAuthToken); } } var httpRes = authService.Request.Response as IHttpResponse; if (httpRes != null) { httpRes.Cookies.AddPermanentCookie(HttpHeaders.XUserAuthId, session.UserAuthId); } } try { session.IsAuthenticated = true; session.OnAuthenticated(authService, session, tokens, authInfo); } finally { authService.SaveSession(session, SessionExpiry); } }
public override IHttpResult OnAuthenticated(IServiceBase authService, IAuthSession session, IAuthTokens tokens, Dictionary <string, string> authInfo) { var userSession = session as AuthUserSession; if (userSession != null) { LoadUserAuthInfo(userSession, tokens, authInfo); } var authRepo = authService.TryResolve <IAuthRepository>(); if (authRepo != null) { if (tokens != null) { authInfo.ForEach((x, y) => tokens.Items[x] = y); session.UserAuthId = authRepo.CreateOrMergeAuthSession(session, tokens); } foreach (var oAuthToken in session.ProviderOAuthAccess) { var authProvider = AuthenticateService.GetAuthProvider(oAuthToken.Provider); if (authProvider == null) { continue; } var userAuthProvider = authProvider as OAuthProvider; if (userAuthProvider != null) { userAuthProvider.LoadUserOAuthProvider(session, oAuthToken); } } var failed = ValidateAccount(authService, authRepo, session, tokens); if (failed != null) { return(failed); } } try { session.OnAuthenticated(authService, session, tokens, authInfo); } finally { authService.SaveSession(session, SessionExpiry); } return(null); }
public override void OnAuthenticated(IServiceBase authService, IAuthSession session, IOAuthTokens tokens, Dictionary <string, string> authInfo) { var userSession = session as AuthUserSession; if (userSession != null) { LoadUserAuthInfo(userSession, tokens, authInfo); } var authRepo = authService.TryResolve <IUserAuthRepository>(); if (authRepo != null) { if (tokens != null) { authInfo.ForEach((x, y) => tokens.Items[x] = y); session.UserAuthId = authRepo.CreateOrMergeAuthSession(session, tokens); } foreach (var oAuthToken in session.ProviderOAuthAccess) { var authProvider = AuthService.GetAuthProvider(oAuthToken.Provider); if (authProvider == null) { continue; } var userAuthProvider = authProvider as OAuthProvider; if (userAuthProvider != null) { userAuthProvider.LoadUserOAuthProvider(session, oAuthToken); } } //var httpRes = authService.RequestContext.Get<IHttpResponse>(); //if (httpRes != null) //{ // httpRes.Cookies.AddPermanentCookie(HttpHeaders.XUserAuthId, session.UserAuthId); //} } authService.SaveSession(session, SessionExpiry); session.OnAuthenticated(authService, session, tokens, authInfo); }
public virtual object Authenticate(IServiceBase service, Auth request, IAuthSession session, IOAuthTokens tokens, OAuthAuthorizer oAuth) { //Default oAuth logic based on Twitter's oAuth workflow if (!tokens.RequestToken.IsNullOrEmpty() && !request.oauth_token.IsNullOrEmpty()) { oAuth.RequestToken = tokens.RequestToken; oAuth.RequestTokenSecret = tokens.RequestTokenSecret; oAuth.AuthorizationToken = request.oauth_token; oAuth.AuthorizationVerifier = request.oauth_verifier; if (oAuth.AcquireAccessToken()) { tokens.AccessToken = oAuth.AccessToken; tokens.AccessTokenSecret = oAuth.AccessTokenSecret; session.OnAuthenticated(service, tokens, oAuth.AuthInfo); service.SaveSession(session); //Haz access! return(service.Redirect(session.ReferrerUrl.AddHashParam("s", "1"))); } //No Joy :( tokens.RequestToken = null; tokens.RequestTokenSecret = null; service.SaveSession(session); return(service.Redirect(session.ReferrerUrl.AddHashParam("f", "AccessTokenFailed"))); } if (oAuth.AcquireRequestToken()) { tokens.RequestToken = oAuth.RequestToken; tokens.RequestTokenSecret = oAuth.RequestTokenSecret; service.SaveSession(session); //Redirect to OAuth provider to approve access return(service.Redirect(this.AuthorizeUrl .AddQueryParam("oauth_token", tokens.RequestToken) .AddQueryParam("oauth_callback", session.ReferrerUrl))); } return(service.Redirect(session.ReferrerUrl.AddHashParam("f", "RequestTokenFailed"))); }
public override object Authenticate(IServiceBase service, Auth request, IAuthSession session, IOAuthTokens tokens, OAuthAuthorizer oAuth) { var code = service.RequestContext.Get <IHttpRequest>().QueryString["code"]; var isPreAuthCallback = !code.IsNullOrEmpty(); if (!isPreAuthCallback) { var preAuthUrl = PreAuthUrl + "?client_id={0}&redirect_uri={1}&scope={2}" .Fmt(AppId, this.CallbackUrl.UrlEncode(), string.Join(",", Permissions)); return(service.Redirect(preAuthUrl)); } var accessTokenUrl = this.AccessTokenUrl + "?client_id={0}&redirect_uri={1}&client_secret={2}&code={3}" .Fmt(AppId, this.CallbackUrl.UrlEncode(), AppSecret, code); try { var contents = accessTokenUrl.DownloadUrl(); var authInfo = HttpUtility.ParseQueryString(contents); tokens.AccessTokenSecret = authInfo["access_token"]; service.SaveSession(session); session.OnAuthenticated(service, tokens, authInfo.ToDictionary()); //Haz access! return(service.Redirect(session.ReferrerUrl.AddHashParam("s", "1"))); } catch (WebException we) { var statusCode = ((HttpWebResponse)we.Response).StatusCode; if (statusCode == HttpStatusCode.BadRequest) { return(service.Redirect(session.ReferrerUrl.AddHashParam("f", "AccessTokenFailed"))); } } //Shouldn't get here return(service.Redirect(session.ReferrerUrl.AddHashParam("f", "Unknown"))); }
public virtual void OnAuthenticated(IServiceBase authService, IAuthSession session, IOAuthTokens tokens, Dictionary <string, string> authInfo) { var userSession = session as AuthUserSession; if (userSession != null) { LoadUserAuthInfo(userSession, tokens, authInfo); } var authRepo = authService.TryResolve <IUserAuthRepository>(); if (authRepo != null) { if (tokens != null) { authInfo.ForEach((x, y) => tokens.Items[x] = y); } SaveUserAuth(authService, userSession, authRepo, tokens); } OnSaveUserAuth(authService, session); authService.SaveSession(session, SessionExpiry); session.OnAuthenticated(authService, session, tokens, authInfo); }
public override void OnAuthenticated(IServiceBase authService, IAuthSession session, IAuthTokens tokens, Dictionary<string, string> authInfo) { var userSession = session as AuthUserSession; if (userSession != null) { LoadUserAuthInfo(userSession, tokens, authInfo); } var authRepo = authService.TryResolve<IAuthRepository>(); if (authRepo != null) { if (tokens != null) { authInfo.ForEach((x, y) => tokens.Items[x] = y); session.UserAuthId = authRepo.CreateOrMergeAuthSession(session, tokens); } foreach (var oAuthToken in session.ProviderOAuthAccess) { var authProvider = AuthenticateService.GetAuthProvider(oAuthToken.Provider); if (authProvider == null) { continue; } var userAuthProvider = authProvider as OAuthProvider; if (userAuthProvider != null) { userAuthProvider.LoadUserOAuthProvider(session, oAuthToken); } } } try { session.OnAuthenticated(authService, session, tokens, authInfo); } finally { authService.SaveSession(session, SessionExpiry); } }
public override IHttpResult OnAuthenticated(IServiceBase authService, IAuthSession session, IAuthTokens tokens, Dictionary<string, string> authInfo) { var userSession = session as AuthUserSession; if (userSession != null) { LoadUserAuthInfo(userSession, tokens, authInfo); HostContext.TryResolve<IAuthMetadataProvider>().SafeAddMetadata(tokens, authInfo); } var authRepo = authService.TryResolve<IAuthRepository>(); if (authRepo != null) { if (tokens != null) { authInfo.ForEach((x, y) => tokens.Items[x] = y); session.UserAuthId = authRepo.CreateOrMergeAuthSession(session, tokens); } foreach (var oAuthToken in session.ProviderOAuthAccess) { var authProvider = AuthenticateService.GetAuthProvider(oAuthToken.Provider); if (authProvider == null) { continue; } var userAuthProvider = authProvider as OAuthProvider; if (userAuthProvider != null) { userAuthProvider.LoadUserOAuthProvider(session, oAuthToken); } } var failed = ValidateAccount(authService, authRepo, session, tokens); if (failed != null) return failed; } try { session.OnAuthenticated(authService, session, tokens, authInfo); AuthEvents.OnAuthenticated(authService.Request, session, authService, tokens, authInfo); } finally { authService.SaveSession(session, SessionExpiry); } return null; }
public virtual IHttpResult OnAuthenticated(IServiceBase authService, IAuthSession session, IAuthTokens tokens, Dictionary <string, string> authInfo) { session.AuthProvider = Provider; if (session is AuthUserSession userSession) { LoadUserAuthInfo(userSession, tokens, authInfo); HostContext.TryResolve <IAuthMetadataProvider>().SafeAddMetadata(tokens, authInfo); LoadUserAuthFilter?.Invoke(userSession, tokens, authInfo); } var hasTokens = tokens != null && authInfo != null; if (hasTokens && SaveExtendedUserInfo) { if (tokens.Items == null) { tokens.Items = new Dictionary <string, string>(); } authInfo.ForEach((x, y) => tokens.Items[x] = y); } var authRepo = GetAuthRepository(authService.Request); using (authRepo as IDisposable) { if (CustomValidationFilter != null) { var ctx = new AuthContext { Request = authService.Request, Service = authService, AuthProvider = this, Session = session, AuthTokens = tokens, AuthInfo = authInfo, AuthRepository = authRepo, }; var response = CustomValidationFilter(ctx); if (response != null) { authService.RemoveSession(); return(response); } } if (authRepo != null) { var failed = ValidateAccount(authService, authRepo, session, tokens); if (failed != null) { authService.RemoveSession(); return(failed); } if (hasTokens) { var authDetails = authRepo.CreateOrMergeAuthSession(session, tokens); session.UserAuthId = authDetails.UserAuthId.ToString(); var firstTimeAuthenticated = authDetails.CreatedDate == authDetails.ModifiedDate; if (firstTimeAuthenticated) { session.OnRegistered(authService.Request, session, authService); AuthEvents.OnRegistered(authService.Request, session, authService); } } authRepo.LoadUserAuth(session, tokens); foreach (var oAuthToken in session.GetAuthTokens()) { var authProvider = AuthenticateService.GetAuthProvider(oAuthToken.Provider); var userAuthProvider = authProvider as OAuthProvider; userAuthProvider?.LoadUserOAuthProvider(session, oAuthToken); } var httpRes = authService.Request.Response as IHttpResponse; if (session.UserAuthId != null) { httpRes?.Cookies.AddPermanentCookie(HttpHeaders.XUserAuthId, session.UserAuthId); } } else { if (hasTokens) { session.UserAuthId = CreateOrMergeAuthSession(session, tokens); } } } try { session.IsAuthenticated = true; session.OnAuthenticated(authService, session, tokens, authInfo); AuthEvents.OnAuthenticated(authService.Request, session, authService, tokens, authInfo); } finally { this.SaveSession(authService, session, SessionExpiry); authService.Request.Items[Keywords.DidAuthenticate] = true; } return(null); }
public virtual IHttpResult OnAuthenticated(IServiceBase authService, IAuthSession session, IAuthTokens tokens, Dictionary<string, string> authInfo) { var userSession = session as AuthUserSession; if (userSession != null) { LoadUserAuthInfo(userSession, tokens, authInfo); HostContext.TryResolve<IAuthMetadataProvider>().SafeAddMetadata(tokens, authInfo); if (LoadUserAuthFilter != null) { LoadUserAuthFilter(userSession, tokens, authInfo); } } var hasTokens = tokens != null && authInfo != null; if (hasTokens) { authInfo.ForEach((x, y) => tokens.Items[x] = y); } var authRepo = authService.TryResolve<IAuthRepository>(); if (authRepo != null) { var failed = ValidateAccount(authService, authRepo, session, tokens); if (failed != null) return failed; if (hasTokens) { session.UserAuthId = authRepo.CreateOrMergeAuthSession(session, tokens); } authRepo.LoadUserAuth(session, tokens); foreach (var oAuthToken in session.ProviderOAuthAccess) { var authProvider = AuthenticateService.GetAuthProvider(oAuthToken.Provider); if (authProvider == null) continue; var userAuthProvider = authProvider as OAuthProvider; if (userAuthProvider != null) { userAuthProvider.LoadUserOAuthProvider(session, oAuthToken); } } var httpRes = authService.Request.Response as IHttpResponse; if (session.UserAuthId != null && httpRes != null) { httpRes.Cookies.AddPermanentCookie(HttpHeaders.XUserAuthId, session.UserAuthId); } } else { if (hasTokens) { session.UserAuthId = CreateOrMergeAuthSession(session, tokens); } } try { session.IsAuthenticated = true; session.OnAuthenticated(authService, session, tokens, authInfo); } finally { authService.SaveSession(session, SessionExpiry); } return null; }
public virtual void OnAuthenticated(IServiceBase authService, IAuthSession session, IOAuthTokens tokens, Dictionary<string, string> authInfo) { var userSession = session as AuthUserSession; if (userSession != null) { LoadUserAuthInfo(userSession, tokens, authInfo); } var authRepo = authService.TryResolve<IUserAuthRepository>(); if (authRepo != null) { if (tokens != null) { authInfo.ForEach((x, y) => tokens.Items[x] = y); } SaveUserAuth(authService, userSession, authRepo, tokens); } OnSaveUserAuth(authService, session); authService.SaveSession(session, SessionExpiry); session.OnAuthenticated(authService, session, tokens, authInfo); }
public virtual void OnAuthenticated(IServiceBase authService, IAuthSession session, IOAuthTokens tokens, Dictionary<string, string> authInfo) { var userSession = session as AuthUserSession; if (userSession != null) { LoadUserAuthInfo(userSession, tokens, authInfo); } var authRepo = authService.TryResolve<IUserAuthRepository>(); if (authRepo != null) { if (tokens != null) { authInfo.ForEach((x, y) => tokens.Items[x] = y); session.UserAuthId = authRepo.CreateOrMergeAuthSession(session, tokens); } //SaveUserAuth(authService, userSession, authRepo, tokens); authRepo.LoadUserAuth(session, tokens); foreach (var oAuthToken in session.ProviderOAuthAccess) { var authProvider = AuthService.GetAuthProvider(oAuthToken.Provider); if (authProvider == null) continue; var userAuthProvider = authProvider as OAuthProvider; if (userAuthProvider != null) { userAuthProvider.LoadUserOAuthProvider(session, oAuthToken); } } var httpRes = authService.RequestContext.Get<IHttpResponse>(); if (httpRes != null) { httpRes.Cookies.AddPermanentCookie(HttpHeaders.XUserAuthId, session.UserAuthId); } } //OnSaveUserAuth(authService, session); authService.SaveSession(session, SessionExpiry); session.OnAuthenticated(authService, session, tokens, authInfo); }
public override IHttpResult OnAuthenticated(IServiceBase authService, IAuthSession session, IAuthTokens tokens, Dictionary <string, string> authInfo) { session.AuthProvider = Provider; var userSession = session as AuthUserSession; if (userSession != null) { LoadUserAuthInfo(userSession, tokens, authInfo); HostContext.TryResolve <IAuthMetadataProvider>().SafeAddMetadata(tokens, authInfo); LoadUserAuthFilter?.Invoke(userSession, tokens, authInfo); } var authRepo = HostContext.AppHost.GetAuthRepository(authService.Request); using (authRepo as IDisposable) { if (CustomValidationFilter != null) { var ctx = new AuthContext { Request = authService.Request, Service = authService, AuthProvider = this, Session = session, AuthTokens = tokens, AuthInfo = authInfo, AuthRepository = authRepo, }; var response = CustomValidationFilter(ctx); if (response != null) { authService.RemoveSession(); return(response); } } if (authRepo != null) { if (tokens != null) { authInfo.ForEach((x, y) => tokens.Items[x] = y); session.UserAuthId = authRepo.CreateOrMergeAuthSession(session, tokens).UserAuthId.ToString(); } foreach (var oAuthToken in session.GetAuthTokens()) { var authProvider = AuthenticateService.GetAuthProvider(oAuthToken.Provider); var userAuthProvider = authProvider as OAuthProvider; userAuthProvider?.LoadUserOAuthProvider(session, oAuthToken); } var httpRes = authService.Request.Response as IHttpResponse; httpRes?.Cookies.AddPermanentCookie(HttpHeaders.XUserAuthId, session.UserAuthId); var failed = ValidateAccount(authService, authRepo, session, tokens); if (failed != null) { return(failed); } } } try { session.IsAuthenticated = true; session.OnAuthenticated(authService, session, tokens, authInfo); AuthEvents.OnAuthenticated(authService.Request, session, authService, tokens, authInfo); } finally { this.SaveSession(authService, session, SessionExpiry); } return(null); }
public virtual async Task <IHttpResult> OnAuthenticatedAsync(IServiceBase authService, IAuthSession session, IAuthTokens tokens, Dictionary <string, string> authInfo, CancellationToken token = default) { session.AuthProvider = Provider; if (session is AuthUserSession userSession) { await LoadUserAuthInfoAsync(userSession, tokens, authInfo, token).ConfigAwait(); HostContext.TryResolve <IAuthMetadataProvider>().SafeAddMetadata(tokens, authInfo); LoadUserAuthFilter?.Invoke(userSession, tokens, authInfo); } var hasTokens = tokens != null && authInfo != null; if (hasTokens && SaveExtendedUserInfo) { if (tokens.Items == null) { tokens.Items = new Dictionary <string, string>(); } foreach (var entry in authInfo) { if (ExcludeAuthInfoItems.Contains(entry.Key)) { continue; } tokens.Items[entry.Key] = entry.Value; } } if (session is IAuthSessionExtended authSession) { var failed = authSession.Validate(authService, session, tokens, authInfo) ?? AuthEvents.Validate(authService, session, tokens, authInfo); if (failed != null) { await authService.RemoveSessionAsync(token).ConfigAwait(); return(failed); } } var authRepo = GetAuthRepositoryAsync(authService.Request); #if NET472 || NETSTANDARD2_0 await using (authRepo as IAsyncDisposable) #else using (authRepo as IDisposable) #endif { if (CustomValidationFilter != null) { var ctx = new AuthContext { Request = authService.Request, Service = authService, AuthProvider = this, Session = session, AuthTokens = tokens, AuthInfo = authInfo, AuthRepositoryAsync = authRepo, AuthRepository = authRepo as IAuthRepository, }; var response = CustomValidationFilter(ctx); if (response != null) { await authService.RemoveSessionAsync(token).ConfigAwait(); return(response); } } if (authRepo != null) { var failed = await ValidateAccountAsync(authService, authRepo, session, tokens, token).ConfigAwait(); if (failed != null) { await authService.RemoveSessionAsync(token).ConfigAwait(); return(failed); } if (hasTokens) { var authDetails = await authRepo.CreateOrMergeAuthSessionAsync(session, tokens, token).ConfigAwait(); session.UserAuthId = authDetails.UserAuthId.ToString(); var firstTimeAuthenticated = authDetails.CreatedDate == authDetails.ModifiedDate; if (firstTimeAuthenticated) { session.OnRegistered(authService.Request, session, authService); AuthEvents.OnRegistered(authService.Request, session, authService); } } await authRepo.LoadUserAuthAsync(session, tokens, token).ConfigAwait(); foreach (var oAuthToken in session.GetAuthTokens()) { var authProvider = AuthenticateService.GetAuthProvider(oAuthToken.Provider); var userAuthProvider = authProvider as OAuthProvider; userAuthProvider?.LoadUserOAuthProvider(session, oAuthToken); } var httpRes = authService.Request.Response as IHttpResponse; if (session.UserAuthId != null) { httpRes?.Cookies.AddPermanentCookie(HttpHeaders.XUserAuthId, session.UserAuthId); } } else { if (hasTokens) { session.UserAuthId = CreateOrMergeAuthSession(session, tokens); } } } try { session.IsAuthenticated = true; session.OnAuthenticated(authService, session, tokens, authInfo); AuthEvents.OnAuthenticated(authService.Request, session, authService, tokens, authInfo); } finally { await this.SaveSessionAsync(authService, session, SessionExpiry, token).ConfigAwait(); authService.Request.Items[Keywords.DidAuthenticate] = true; } return(null); }
public override async Task <IHttpResult> OnAuthenticatedAsync(IServiceBase authService, IAuthSession session, IAuthTokens tokens, Dictionary <string, string> authInfo, CancellationToken token = default) { session.AuthProvider = Name; if (session is AuthUserSession userSession) { await LoadUserAuthInfoAsync(userSession, tokens, authInfo, token).ConfigAwait(); HostContext.TryResolve <IAuthMetadataProvider>().SafeAddMetadata(tokens, authInfo); } if (session is IAuthSessionExtended authSession) { var failed = authSession.Validate(authService, session, tokens, authInfo) ?? await authSession.ValidateAsync(authService, session, tokens, authInfo, token) ?? AuthEvents.Validate(authService, session, tokens, authInfo) ?? (AuthEvents is IAuthEventsAsync asyncEvents ? await asyncEvents.ValidateAsync(authService, session, tokens, authInfo, token) : null); if (failed != null) { await authService.RemoveSessionAsync(token).ConfigAwait(); return(failed); } } var authRepo = GetUserAuthRepositoryAsync(authService.Request); #if NET472 || NETSTANDARD2_0 await using (authRepo as IAsyncDisposable) #else using (authRepo as IDisposable) #endif { if (authRepo != null) { if (tokens != null) { authInfo.ForEach((x, y) => tokens.Items[x] = y); session.UserAuthId = (await authRepo.CreateOrMergeAuthSessionAsync(session, tokens, token)).UserAuthId.ToString(); } foreach (var oAuthToken in session.GetAuthTokens()) { var authProvider = AuthenticateService.GetAuthProvider(oAuthToken.Provider); var userAuthProvider = authProvider as OAuthProvider; userAuthProvider?.LoadUserOAuthProvider(session, oAuthToken); } var failed = await ValidateAccountAsync(authService, authRepo, session, tokens, token).ConfigAwait(); if (failed != null) { return(failed); } } } try { session.IsAuthenticated = true; session.OnAuthenticated(authService, session, tokens, authInfo); if (session is IAuthSessionExtended sessionExt) { await sessionExt.OnAuthenticatedAsync(authService, session, tokens, authInfo, token).ConfigAwait(); } AuthEvents.OnAuthenticated(authService.Request, session, authService, tokens, authInfo); if (AuthEvents is IAuthEventsAsync asyncEvents) { await asyncEvents.OnAuthenticatedAsync(authService.Request, session, authService, tokens, authInfo, token).ConfigAwait(); } } finally { await this.SaveSessionAsync(authService, session, SessionExpiry, token).ConfigAwait(); authService.Request.Items[Keywords.DidAuthenticate] = true; } return(null); }
public virtual object Authenticate(IServiceBase service, Auth request, IAuthSession session, IOAuthTokens tokens, OAuthAuthorizer oAuth) { //Default oAuth logic based on Twitter's oAuth workflow if (!tokens.RequestToken.IsNullOrEmpty() && !request.oauth_token.IsNullOrEmpty()) { oAuth.RequestToken = tokens.RequestToken; oAuth.RequestTokenSecret = tokens.RequestTokenSecret; oAuth.AuthorizationToken = request.oauth_token; oAuth.AuthorizationVerifier = request.oauth_verifier; if (oAuth.AcquireAccessToken()) { tokens.AccessToken = oAuth.AccessToken; tokens.AccessTokenSecret = oAuth.AccessTokenSecret; session.OnAuthenticated(service, tokens, oAuth.AuthInfo); service.SaveSession(session); //Haz access! return service.Redirect(session.ReferrerUrl.AddHashParam("s", "1")); } //No Joy :( tokens.RequestToken = null; tokens.RequestTokenSecret = null; service.SaveSession(session); return service.Redirect(session.ReferrerUrl.AddHashParam("f", "AccessTokenFailed")); } if (oAuth.AcquireRequestToken()) { tokens.RequestToken = oAuth.RequestToken; tokens.RequestTokenSecret = oAuth.RequestTokenSecret; service.SaveSession(session); //Redirect to OAuth provider to approve access return service.Redirect(this.AuthorizeUrl .AddQueryParam("oauth_token", tokens.RequestToken) .AddQueryParam("oauth_callback", session.ReferrerUrl)); } return service.Redirect(session.ReferrerUrl.AddHashParam("f", "RequestTokenFailed")); }
public override object Authenticate(IServiceBase service, Auth request, IAuthSession session, IOAuthTokens tokens, OAuthAuthorizer oAuth) { var code = service.RequestContext.Get<IHttpRequest>().QueryString["code"]; var isPreAuthCallback = !code.IsNullOrEmpty(); if (!isPreAuthCallback) { var preAuthUrl = PreAuthUrl + "?client_id={0}&redirect_uri={1}&scope={2}" .Fmt(AppId, this.CallbackUrl.UrlEncode(), string.Join(",", Permissions)); return service.Redirect(preAuthUrl); } var accessTokenUrl = this.AccessTokenUrl + "?client_id={0}&redirect_uri={1}&client_secret={2}&code={3}" .Fmt(AppId, this.CallbackUrl.UrlEncode(), AppSecret, code); try { var contents = accessTokenUrl.DownloadUrl(); var authInfo = HttpUtility.ParseQueryString(contents); tokens.AccessTokenSecret = authInfo["access_token"]; service.SaveSession(session); session.OnAuthenticated(service, tokens, authInfo.ToDictionary()); //Haz access! return service.Redirect(session.ReferrerUrl.AddHashParam("s", "1")); } catch (WebException we) { var statusCode = ((HttpWebResponse)we.Response).StatusCode; if (statusCode == HttpStatusCode.BadRequest) { return service.Redirect(session.ReferrerUrl.AddHashParam("f", "AccessTokenFailed")); } } //Shouldn't get here return service.Redirect(session.ReferrerUrl.AddHashParam("f", "Unknown")); }
public virtual IHttpResult OnAuthenticated(IServiceBase authService, IAuthSession session, IAuthTokens tokens, Dictionary<string, string> authInfo) { var userSession = session as AuthUserSession; if (userSession != null) { LoadUserAuthInfo(userSession, tokens, authInfo); HostContext.TryResolve<IAuthMetadataProvider>().SafeAddMetadata(tokens, authInfo); if (LoadUserAuthFilter != null) { LoadUserAuthFilter(userSession, tokens, authInfo); } } var hasTokens = tokens != null && authInfo != null; if (hasTokens) { authInfo.ForEach((x, y) => tokens.Items[x] = y); } var authRepo = authService.TryResolve<IAuthRepository>(); if (CustomValidationFilter != null) { var ctx = new AuthContext { Request = authService.Request, Service = authService, AuthProvider = this, Session = session, AuthTokens = tokens, AuthInfo = authInfo, AuthRepository = authRepo, }; var response = CustomValidationFilter(ctx); if (response != null) { authService.RemoveSession(); return response; } } if (authRepo != null) { var failed = ValidateAccount(authService, authRepo, session, tokens); if (failed != null) { authService.RemoveSession(); return failed; } if (hasTokens) { var authDetails = authRepo.CreateOrMergeAuthSession(session, tokens); session.UserAuthId = authDetails.UserAuthId.ToString(); var firstTimeAuthenticated = authDetails.CreatedDate == authDetails.ModifiedDate; if (firstTimeAuthenticated) { session.OnRegistered(authService.Request, session, authService); AuthEvents.OnRegistered(authService.Request, session, authService); } } authRepo.LoadUserAuth(session, tokens); foreach (var oAuthToken in session.ProviderOAuthAccess) { var authProvider = AuthenticateService.GetAuthProvider(oAuthToken.Provider); if (authProvider == null) continue; var userAuthProvider = authProvider as OAuthProvider; if (userAuthProvider != null) { userAuthProvider.LoadUserOAuthProvider(session, oAuthToken); } } var httpRes = authService.Request.Response as IHttpResponse; if (session.UserAuthId != null && httpRes != null) { httpRes.Cookies.AddPermanentCookie(HttpHeaders.XUserAuthId, session.UserAuthId); } } else { if (hasTokens) { session.UserAuthId = CreateOrMergeAuthSession(session, tokens); } } try { session.IsAuthenticated = true; session.OnAuthenticated(authService, session, tokens, authInfo); AuthEvents.OnAuthenticated(authService.Request, session, authService, tokens, authInfo); } finally { authService.SaveSession(session, SessionExpiry); } return null; }
public virtual IHttpResult OnAuthenticated(IServiceBase authService, IAuthSession session, IAuthTokens tokens, Dictionary <string, string> authInfo) { var userSession = session as AuthUserSession; if (userSession != null) { LoadUserAuthInfo(userSession, tokens, authInfo); HostContext.TryResolve <IAuthMetadataProvider>().SafeAddMetadata(tokens, authInfo); if (LoadUserAuthFilter != null) { LoadUserAuthFilter(userSession, tokens, authInfo); } } var hasTokens = tokens != null && authInfo != null; if (hasTokens) { authInfo.ForEach((x, y) => tokens.Items[x] = y); } try { var authRepo = authService.TryResolve <IAuthRepository>(); if (CustomValidationFilter != null) { var ctx = new AuthContext { Service = authService, AuthProvider = this, Session = session, AuthTokens = tokens, AuthInfo = authInfo, AuthRepository = authRepo, }; var response = CustomValidationFilter(ctx); if (response != null) { session.IsAuthenticated = false; authService.SaveSession(session, SessionExpiry); return(response); } } if (authRepo != null) { var failed = ValidateAccount(authService, authRepo, session, tokens); if (failed != null) { session.IsAuthenticated = false; authService.SaveSession(session, SessionExpiry); return(failed); } if (hasTokens) { session.UserAuthId = authRepo.CreateOrMergeAuthSession(session, tokens); } authRepo.LoadUserAuth(session, tokens); foreach (var oAuthToken in session.ProviderOAuthAccess) { var authProvider = AuthenticateService.GetAuthProvider(oAuthToken.Provider); if (authProvider == null) { continue; } var userAuthProvider = authProvider as OAuthProvider; if (userAuthProvider != null) { userAuthProvider.LoadUserOAuthProvider(session, oAuthToken); } } var httpRes = authService.Request.Response as IHttpResponse; if (session.UserAuthId != null && httpRes != null) { httpRes.Cookies.AddPermanentCookie(HttpHeaders.XUserAuthId, session.UserAuthId); } } else { if (hasTokens) { session.UserAuthId = CreateOrMergeAuthSession(session, tokens); } } session.IsAuthenticated = true; session.OnAuthenticated(authService, session, tokens, authInfo); } finally { authService.SaveSession(session, SessionExpiry); } return(null); }