public LoginController(ILoginCookies cookies, IAuthenticationService service, ILoginSuccessHandler handler, ILoginAuditor auditor, ILockedOutRule lockedOutRule) { _cookies = cookies; _service = service; _handler = handler; _auditor = auditor; _lockedOutRule = lockedOutRule; }
public AuthenticationService( ILogger logger, IEnumerable<IAuthenticationStrategy> strategies, ILoginAuditor auditor, ILoginCookies cookies) { if (!strategies.Any()) { throw new ArgumentOutOfRangeException("strategies", "There must be at least one IAuthenticationStrategy"); } _logger = logger; _strategies = strategies; _auditor = auditor; _cookies = cookies; }
public AuthenticationService( ILogger logger, IEnumerable <IAuthenticationStrategy> strategies, ILoginAuditor auditor, ILoginCookies cookies) { if (!strategies.Any()) { throw new ArgumentOutOfRangeException("strategies", "There must be at least one IAuthenticationStrategy"); } _logger = logger; _strategies = strategies; _auditor = auditor; _cookies = cookies; }
public WindowsAuthentication(IAuthenticationSession session, IWindowsPrincipalHandler handler, ILoginAuditor auditor) { _session = session; _handler = handler; _auditor = auditor; }
private async Task <bool?> QueueRequest(HttpRequest Request) { HttpAuthenticationScheme[] AuthenticationSchemes; bool Result; try { if (this.server.TryGetResource(Request.Header.Resource, out HttpResource Resource, out string SubPath)) { Request.Resource = Resource; Request.SubPath = SubPath; #if WINDOWS_UWP this.server.RequestReceived(Request, this.client.Client.Information.RemoteAddress.ToString() + ":" + this.client.Client.Information.RemotePort, Resource, SubPath); #else this.server.RequestReceived(Request, this.client.Client.Client.RemoteEndPoint.ToString(), Resource, SubPath); #endif AuthenticationSchemes = Resource.GetAuthenticationSchemes(Request); if (AuthenticationSchemes != null && AuthenticationSchemes.Length > 0) { ILoginAuditor Auditor = this.server.LoginAuditor; if (!(Auditor is null)) { DateTime?Next = await Auditor.GetEarliestLoginOpportunity(Request.RemoteEndPoint, "HTTP"); if (Next.HasValue) { StringBuilder sb = new StringBuilder(); DateTime TP = Next.Value; DateTime Today = DateTime.Today; HttpException Error; if (Next.Value == DateTime.MaxValue) { sb.Append("This endpoint ("); sb.Append(Request.RemoteEndPoint); sb.Append(") has been blocked from the system."); Error = new ForbiddenException(sb.ToString()); } else { sb.Append("Too many failed login attempts in a row registered. Try again in "); TimeSpan Span = TP - DateTime.Now; double d; if ((d = Span.TotalDays) >= 1) { d = Math.Ceiling(d); sb.Append(d.ToString()); sb.Append(" day"); } else if ((d = Span.TotalHours) >= 1) { d = Math.Ceiling(d); sb.Append(d.ToString()); sb.Append(" hour"); } else { d = Math.Ceiling(Span.TotalMinutes); sb.Append(d.ToString()); sb.Append(" minute"); } if (d > 1) { sb.Append('s'); } sb.Append('.'); Error = new TooManyRequestsException(sb.ToString()); } await this.SendResponse(Request, null, Error, true); Request.Dispose(); return(true); } } foreach (HttpAuthenticationScheme Scheme in AuthenticationSchemes) { if (Scheme.UserSessions && Request.Session is null) { HttpFieldCookie Cookie = Request.Header.Cookie; if (!(Cookie is null)) { string HttpSessionID = Cookie["HttpSessionID"]; if (!string.IsNullOrEmpty(HttpSessionID)) { Request.Session = this.server.GetSession(HttpSessionID); } } } IUser User = await Scheme.IsAuthenticated(Request); if (!(User is null)) { Request.User = User; break; } } if (Request.User is null) { List <KeyValuePair <string, string> > Challenges = new List <KeyValuePair <string, string> >(); foreach (HttpAuthenticationScheme Scheme in AuthenticationSchemes) { string Challenge = Scheme.GetChallenge(); if (!string.IsNullOrEmpty(Challenge)) { Challenges.Add(new KeyValuePair <string, string>("WWW-Authenticate", Challenge)); } } await this.SendResponse(Request, null, new HttpException(401, "Unauthorized", "Unauthorized access prohibited."), false, Challenges.ToArray()); Request.Dispose(); return(true); } } Resource.Validate(Request); if (Request.Header.Expect != null) { if (Request.Header.Expect.Continue100) { if (!Request.HasData) { await this.SendResponse(Request, null, new HttpException(100, "Continue", null), false); return(null); } } else { await this.SendResponse(Request, null, new HttpException(417, "Expectation Failed", "Unable to parse Expect header."), true); Request.Dispose(); return(false); } } Task _ = Task.Run(() => this.ProcessRequest(Request, Resource)); return(true); } else { await this.SendResponse(Request, null, new NotFoundException("Resource not found: " + this.server.CheckResourceOverride(Request.Header.Resource)), false); Result = true; } }