public async Task <IAuthenticationResponse> Refresh( IRefreshCred refreshCred, TokenValidationParameters tokenValidationParameters) { var jwtRefreshCred = refreshCred as JwtRefreshCred; SecurityToken validatedToken; var principal = new JwtSecurityTokenHandler().ValidateToken( jwtRefreshCred.JwtToken, tokenValidationParameters, out validatedToken); if (!IsValidToken(validatedToken as JwtSecurityToken)) { throw new SecurityTokenException("Invalid token passed!"); } var userLogin = principal.Claims.ToList().Where(claim => claim.Type == "Login").FirstOrDefault().Value; if (jwtRefreshCred.JwtRefreshToken != await _JwtAuthenticationManager.RefreshTokensDictionary.GetStringAsync(userLogin)) { throw new SecurityTokenException("Invalid token passed!"); } return(await _JwtAuthenticationManager.AuthenticateAsync(principal.Claims.ToList())); }
/// <summary> /// /// </summary> /// <returns></returns> public ActionResult Authorize() { //验证是否登录,如果没有, IAuthenticationManager authentication = HttpContext.GetOwinContext().Authentication; AuthenticateResult ticket = authentication.AuthenticateAsync(DefaultAuthenticationTypes.ApplicationCookie).Result; ClaimsIdentity identity = ticket == null ? null : ticket.Identity; if (identity == null) { //如果没有验证通过,则必须先通过身份验证,跳转到验证方法 authentication.Challenge(); return(new HttpUnauthorizedResult()); } identity = new ClaimsIdentity(); List <Claim> claims = new List <Claim>(); claims.Add(new Claim(ClaimTypes.Name, "admin")); claims.Add(new Claim(ClaimTypes.NameIdentifier, "admin")); identity = new ClaimsIdentity(identity.Claims, "Bearer"); //hardcode添加一些Claim,正常是从数据库中根据用户ID来查找添加 identity.AddClaim(new Claim(ClaimTypes.Role, "Admin")); identity.AddClaim(new Claim("MyType", "MyValue")); authentication.SignIn(new AuthenticationProperties() { IsPersistent = true, RedirectUri = Request.QueryString["redirect_uri"] }, identity); return(new EmptyResult()); }
/// <summary> /// /// </summary> /// <returns></returns> public ActionResult Index() { //验证是否登录,如果没有, IAuthenticationManager authentication = HttpContext.GetOwinContext().Authentication; AuthenticateResult ticket = authentication.AuthenticateAsync("client_credentials").Result; ClaimsIdentity identity = ticket == null ? null : ticket.Identity; //if (identity == null) //{ // //如果没有验证通过,则必须先通过身份验证,跳转到验证方法 // authentication.Challenge(); // return new HttpUnauthorizedResult(); //} identity = new ClaimsIdentity(); List <Claim> claims = new List <Claim>(); claims.Add(new Claim(ClaimTypes.Name, "admin")); claims.Add(new Claim(ClaimTypes.NameIdentifier, "admin")); identity = new ClaimsIdentity(identity.Claims, "Bearer"); //hardcode添加一些Claim,正常是从数据库中根据用户ID来查找添加 identity.AddClaim(new Claim(ClaimTypes.Role, "Admin")); identity.AddClaim(new Claim("MyType", "MyValue")); authentication.SignIn(new AuthenticationProperties() { IsPersistent = true }, identity); return(new EmptyResult()); }
/// <inheritdoc /> public async Task AuthenticateAsync(HttpAuthenticationContext context, CancellationToken cancellationToken) { if (context == null) { throw new ArgumentNullException("context"); } HttpRequestMessage request = context.Request; if (request == null) { throw new InvalidOperationException(OwinResources.HttpAuthenticationContext_RequestMustNotBeNull); } IAuthenticationManager authenticationManager = GetAuthenticationManagerOrThrow(request); cancellationToken.ThrowIfCancellationRequested(); AuthenticateResult result = await authenticationManager.AuthenticateAsync(_authenticationType); if (result != null) { IIdentity identity = result.Identity; if (identity != null) { context.Principal = new ClaimsPrincipal(identity); } } }
public static async Task <Dictionary <string, string> > GetWeChatLoginInfoAsync(this IAuthenticationManager manager, string authenticationType) { if (manager == null) { throw new ArgumentNullException("manager"); } var result = await manager.AuthenticateAsync(authenticationType); if (result != null && result.Identity != null && result.Identity.FindFirst(Constants.ClaimType) != null) { var value = result.Identity.FindFirst(Constants.ClaimType).Value; if (!string.IsNullOrEmpty(value)) { var jObject = JObject.Parse(value); Dictionary <string, string> dict = new Dictionary <string, string>(); foreach (var item in jObject) { dict[item.Key] = item.Value == null ? null : item.Value.ToString(); } return(await Task.FromResult(dict)); } } return(null); }
public async Task <IActionResult> CreateToken( [FromBody] LoginModel model) { var result = await _authenticationManager.AuthenticateAsync(model); return(Created("", result)); }
public async Task<ExternalAuthenticationResult> GetAuthenticationResult(IAuthenticationManager authenticationManager) { var authResult = await authenticationManager.AuthenticateAsync(ExternalCookieName); if (authResult == null) return null; if (!authResult.Identity.IsAuthenticated) return null; var externalIdentity = authResult.Identity; var providerKeyClaim = externalIdentity.FindFirst(ClaimTypes.NameIdentifier); var issuer = providerKeyClaim.Issuer; var providerKey = providerKeyClaim.Value; var name = externalIdentity.FindFirstValue(ClaimTypes.Name); var email = externalIdentity.FindFirstValue(ClaimTypes.Email); if (String.IsNullOrEmpty(issuer)) throw new NullReferenceException("The identity claims contain no issuer."); if (String.IsNullOrEmpty(providerKey)) throw new NullReferenceException("The identity claims contain no provider key"); var result = new ExternalAuthenticationResult { Issuer = issuer, ProviderKey = providerKey, Name = name, Email = email }; return result; }
/// <summary> /// Extracts login info out of an external identity /// </summary> /// <param name="manager"></param> /// <returns></returns> public static async Task <ExternalLoginInfo> GetExternalLoginInfoAsync(this IAuthenticationManager manager) { if (manager == null) { throw new ArgumentNullException("manager"); } return(GetExternalLoginInfo(await manager.AuthenticateAsync(DefaultAuthenticationTypes.ExternalCookie).WithCurrentCulture())); }
/// <summary> /// Extracts login info out of an external identity /// </summary> /// <param name="manager"></param> /// <param name="authenticationType"></param> /// <returns></returns> public static async Task <ExternalLoginInfo> GetExternalLoginInfoAsync(this IAuthenticationManager manager, string authenticationType) { if (manager == null) { throw new ArgumentNullException("manager"); } return(GetExternalLoginInfo(await manager.AuthenticateAsync(authenticationType))); }
public async static Task <bool> TwoFactorBrowserRememberedAsync(this IAuthenticationManager manager, int userId) { if (manager == null) { throw new ArgumentNullException("manager"); } var result = await manager.AuthenticateAsync(DefaultAuthenticationTypes.TwoFactorRememberBrowserCookie); return(result != null && result.Identity != null && result.Identity.GetUserId <int>() == userId); }
public virtual async Task <int?> GetVerifiedUserIdAsync() { var result = await _authenticationManager.AuthenticateAsync(DefaultAuthenticationTypes.TwoFactorCookie).ConfigureAwait(false); if (result != null && result.Identity != null && !String.IsNullOrEmpty(result.Identity.GetUserId())) { return(int.Parse(result.Identity.GetUserId())); } return(null); }
public override void OnAuthorization(AuthorizationContext filterContext) { IAuthenticationManager authentication = filterContext.HttpContext.GetOwinContext().Authentication; AuthenticateResult ticket = authentication.AuthenticateAsync("PCM").Result; if (!ticket?.Identity.IsAuthenticated ?? true) { base.OnAuthorization(filterContext); } }
private static async Task<bool> TwoFactorBrowserRememberedAsync(IAuthenticationManager manager, long userId) { if (manager == null) { throw new ArgumentNullException("manager"); } AuthenticateResult authenticateResult = await manager .AuthenticateAsync("TwoFactorRememberBrowser"); return authenticateResult != null && authenticateResult.Identity != null && authenticateResult.Identity.GetUserId<long>() == userId; }
public async Task <bool> SignUpUser(IAuthenticationManager authenticationManager, ISecureDataFormat <AuthenticationTicket> df, AuthenticationTicket at) { List <ClaimsIdentity> claims = new List <ClaimsIdentity>() { new ClaimsIdentity() }; AuthenticationProperties authProp = new AuthenticationProperties(); var authResult = await authenticationManager.AuthenticateAsync(""); authenticationManager.Challenge(new string[] { "" }); var authResults = await authenticationManager.AuthenticateAsync(new string[] { "", "" }); authenticationManager.Challenge(authProp, new string[] { "" }); authenticationManager.SignOut(authProp, new string[] { "" }); string prot = df.Protect(at); AuthenticationTicket unProtectedAT = df.Unprotect(prot); return(at.Equals(unProtectedAT)); }
/// <summary> /// Returns true if there is a TwoFactorRememberBrowser cookie for a user /// </summary> /// <param name="manager"></param> /// <param name="userId"></param> /// <returns></returns> public static async Task <bool> InspurTwoFactorBrowserRememberedAsync(this IAuthenticationManager manager, string userId) { if (manager == null) { throw new ArgumentNullException("manager"); } var result = await manager.AuthenticateAsync(InspurDefaultAuthenticationTypes.TwoFactorRememberBrowserCookie).WithCurrentCulture(); return(result != null && result.Identity != null && result.Identity.GetUserId() == userId); }
public async Task <bool> SignUpUser(IAuthenticationManager authenticationManager, ISecureDataFormat <AuthenticationTicket> df) { List <ClaimsIdentity> claims = new List <ClaimsIdentity>() { new ClaimsIdentity() }; AuthenticationProperties authProp = new AuthenticationProperties(); var authResult = await authenticationManager.AuthenticateAsync(""); authenticationManager.Challenge(new string[] { "" }); var authResults = await authenticationManager.AuthenticateAsync(new string[] { "", "" }); authenticationManager.Challenge(authProp, new string[] { "" }); var authTypes = authenticationManager.GetAuthenticationTypes(); authenticationManager.SignIn(claims.ToArray()); authenticationManager.SignOut(authProp, new string[] { "" }); ExternalLoginInfo info = authenticationManager.GetExternalLoginInfo(); ExternalLoginInfo infoAsync1 = await authenticationManager.GetExternalLoginInfoAsync(); ExternalLoginInfo infoAsync2 = await authenticationManager.GetExternalLoginInfoAsync("key_here", "expected"); List <AuthenticationDescription> desc = authenticationManager.GetExternalAuthenticationTypes().ToList(); bool rem = authenticationManager.TwoFactorBrowserRemembered("userID"); bool remAsync = await authenticationManager.TwoFactorBrowserRememberedAsync("userID"); AuthenticationTicket at = new AuthenticationTicket(claims.First(), authProp); string prot = df.Protect(at); AuthenticationTicket unProtectedAT = df.Unprotect(prot); OAuthAuthorizationServerOptions auth = new OAuthAuthorizationServerOptions() { AccessTokenExpireTimeSpan = new TimeSpan(), AllowInsecureHttp = true, }; return(at.Equals(unProtectedAT)); }
public async Task <IActionResult> Login(User user) { var requireUser = await _repository.GetOneAsync(user.Login); if (requireUser is null) { return(Unauthorized()); } var resp = (JwtAuthenticationResponse)await _authentication.AuthenticateAsync(user); AddTokensToCache(resp); return(RedirectToAction("Index")); }
public async Task <string> GetNonceAsync(IAuthenticationManager authenticationManager) { var data = await authenticationManager.AuthenticateAsync("TempState"); if (data == null) { return(null); } var nonce = data.Identity.FindFirst("nonce").Value; authenticationManager.SignOut("TempState"); return(nonce); }
/// <summary> /// Return the identity associated with the default external authentication type /// </summary> /// <returns></returns> public static async Task <ClaimsIdentity> GetExternalIdentityAsync(this IAuthenticationManager manager, string externalAuthenticationType) { if (manager == null) { throw new ArgumentNullException("manager"); } var result = await manager.AuthenticateAsync(externalAuthenticationType).WithCurrentCulture(); if (result != null && result.Identity != null && result.Identity.FindFirst(ClaimTypes.NameIdentifier) != null) { return(result.Identity); } return(null); }
public async Task AuthenticateAsync(HttpAuthenticationContext context, CancellationToken cancellationToken) { HttpRequestMessage request = context.Request; IAuthenticationManager authenticationManager = GetAuthenticationManagerOrThrow(request); AuthenticateResult result = await authenticationManager.AuthenticateAsync(_authenticationType); if (result != null) { IIdentity identity = result.Identity; if (identity != null) { context.Principal = new ClaimsPrincipal(identity); } } }
//method below based on discussion at http://stackoverflow.com/questions/19564479/mvc-5-owin-facebook-auth-results-in-null-reference-exception private static async Task <ExternalLoginInfo> GetExternalLoginInfoAsync_Workaround(IAuthenticationManager authenticationManager) { ExternalLoginInfo loginInfo = null; var result = await authenticationManager.AuthenticateAsync(DefaultAuthenticationTypes.ExternalCookie); if (result != null && result.Identity != null) { var idClaim = result.Identity.FindFirst(ClaimTypes.NameIdentifier); if (idClaim != null) { loginInfo = new ExternalLoginInfo() { DefaultUserName = result.Identity.Name == null ? "" : result.Identity.Name.Replace(" ", ""), Login = new UserLoginInfo(idClaim.Issuer, idClaim.Value) }; } } return(loginInfo); }
/// <summary> /// Extracts login info out of an external identity /// </summary> /// <param name="manager"></param> /// <param name="xsrfKey">key that will be used to find the userId to verify</param> /// <param name="expectedValue"> /// the value expected to be found using the xsrfKey in the AuthenticationResult.Properties /// dictionary /// </param> /// <returns></returns> public static async Task <ExternalLoginInfo> GetExternalLoginInfoAsync(this IAuthenticationManager manager, string xsrfKey, string expectedValue) { if (manager == null) { throw new ArgumentNullException("manager"); } var result = await manager.AuthenticateAsync(DefaultAuthenticationTypes.ExternalCookie).WithCurrentCulture(); // Verify that the userId is the same as what we expect if requested if (result != null && result.Properties != null && result.Properties.Dictionary != null && result.Properties.Dictionary.ContainsKey(xsrfKey) && result.Properties.Dictionary[xsrfKey] == expectedValue) { return(GetExternalLoginInfo(result)); } return(null); }
protected async Task AuthenticateAsync( CancellationToken cancellationToken = default ) { // ToDo: Figure out how to sign-in without TenantId. _authConf = _configurationProvider .GetAuthenticationConfiguration( AzureEnvironment.KnownEnvironments ); _authenticationManager = AuthenticationManagerFactory .GetAuthenticationManager( _authConf.AzureEnvironment, _authConf.TenantId, _authConf.ClientId, _authConf.ClientSecret ); await _authenticationManager .AuthenticateAsync(cancellationToken); }
public async Task <ExternalAuthenticationResult> GetAuthenticationResult(IAuthenticationManager authenticationManager) { var authResult = await authenticationManager.AuthenticateAsync(ExternalCookieName); if (authResult == null) { return(null); } if (!authResult.Identity.IsAuthenticated) { return(null); } var externalIdentity = authResult.Identity; var providerKeyClaim = externalIdentity.FindFirst(ClaimTypes.NameIdentifier); var issuer = providerKeyClaim.Issuer; var providerKey = providerKeyClaim.Value; var name = externalIdentity.FindFirstValue(ClaimTypes.Name); var email = externalIdentity.FindFirstValue(ClaimTypes.Email); if (String.IsNullOrEmpty(issuer)) { throw new NullReferenceException("The identity claims contain no issuer."); } if (String.IsNullOrEmpty(providerKey)) { throw new NullReferenceException("The identity claims contain no provider key"); } var result = new ExternalAuthenticationResult { Issuer = issuer, ProviderKey = providerKey, Name = name, Email = email }; return(result); }
public async Task <JObject> Create(JObject request) { var providerName = (string)request["providerName"]; if (string.IsNullOrEmpty(providerName)) { ThrowHttpResponse(HttpStatusCode.BadRequest, "providerName is required!"); } User user = null; try { user = await _authenticationManager.AuthenticateAsync(providerName, request); } catch (AuthenticationException) { ThrowHttpResponse(HttpStatusCode.Unauthorized, "Invalid credentials or account is disabled!"); } var accessKey = CreateAccessKey(user); return(new JObject(new JProperty("id", accessKey.ID), new JProperty("key", accessKey.Key))); }
public async Task <BearerViewModel> LoginAsync(LoginViewModel loginRequest) { return(await _authenticationManager.AuthenticateAsync(loginRequest.Username, loginRequest.Password)); }