public LoginController(ILoginCookies cookies, IAuthenticationService service, ILoginSuccessHandler handler, ILoginAuditor auditor, ILockedOutRule lockedOutRule)
{
_cookies = cookies;
_service = service;
_handler = handler;
_auditor = auditor;
_lockedOutRule = lockedOutRule;
}
public LoginController(ILoginCookies cookies, IAuthenticationService service, ILoginSuccessHandler handler,
ILoginAuditor auditor, ILockedOutRule lockedOutRule)
{
_cookies = cookies;
_service = service;
_handler = handler;
_auditor = auditor;
_lockedOutRule = lockedOutRule;
}
public AuthenticationService(
ILogger logger,
IEnumerable<IAuthenticationStrategy> strategies,
ILoginAuditor auditor,
ILoginCookies cookies)
{
if (!strategies.Any())
{
throw new ArgumentOutOfRangeException("strategies", "There must be at least one IAuthenticationStrategy");
}
_logger = logger;
_strategies = strategies;
_auditor = auditor;
_cookies = cookies;
}
public AuthenticationService(
ILogger logger,
IEnumerable <IAuthenticationStrategy> strategies,
ILoginAuditor auditor,
ILoginCookies cookies)
{
if (!strategies.Any())
{
throw new ArgumentOutOfRangeException("strategies", "There must be at least one IAuthenticationStrategy");
}
_logger = logger;
_strategies = strategies;
_auditor = auditor;
_cookies = cookies;
}
public WindowsAuthentication(IAuthenticationSession session, IWindowsPrincipalHandler handler, ILoginAuditor auditor)
{
_session = session;
_handler = handler;
_auditor = auditor;
}
private async Task <bool?> QueueRequest(HttpRequest Request)
{
HttpAuthenticationScheme[] AuthenticationSchemes;
bool Result;
try
{
if (this.server.TryGetResource(Request.Header.Resource, out HttpResource Resource, out string SubPath))
{
Request.Resource = Resource;
Request.SubPath = SubPath;
#if WINDOWS_UWP
this.server.RequestReceived(Request, this.client.Client.Information.RemoteAddress.ToString() + ":" +
this.client.Client.Information.RemotePort, Resource, SubPath);
#else
this.server.RequestReceived(Request, this.client.Client.Client.RemoteEndPoint.ToString(), Resource, SubPath);
#endif
AuthenticationSchemes = Resource.GetAuthenticationSchemes(Request);
if (AuthenticationSchemes != null && AuthenticationSchemes.Length > 0)
{
ILoginAuditor Auditor = this.server.LoginAuditor;
if (!(Auditor is null))
{
DateTime?Next = await Auditor.GetEarliestLoginOpportunity(Request.RemoteEndPoint, "HTTP");
if (Next.HasValue)
{
StringBuilder sb = new StringBuilder();
DateTime TP = Next.Value;
DateTime Today = DateTime.Today;
HttpException Error;
if (Next.Value == DateTime.MaxValue)
{
sb.Append("This endpoint (");
sb.Append(Request.RemoteEndPoint);
sb.Append(") has been blocked from the system.");
Error = new ForbiddenException(sb.ToString());
}
else
{
sb.Append("Too many failed login attempts in a row registered. Try again in ");
TimeSpan Span = TP - DateTime.Now;
double d;
if ((d = Span.TotalDays) >= 1)
{
d = Math.Ceiling(d);
sb.Append(d.ToString());
sb.Append(" day");
}
else if ((d = Span.TotalHours) >= 1)
{
d = Math.Ceiling(d);
sb.Append(d.ToString());
sb.Append(" hour");
}
else
{
d = Math.Ceiling(Span.TotalMinutes);
sb.Append(d.ToString());
sb.Append(" minute");
}
if (d > 1)
{
sb.Append('s');
}
sb.Append('.');
Error = new TooManyRequestsException(sb.ToString());
}
await this.SendResponse(Request, null, Error, true);
Request.Dispose();
return(true);
}
}
foreach (HttpAuthenticationScheme Scheme in AuthenticationSchemes)
{
if (Scheme.UserSessions && Request.Session is null)
{
HttpFieldCookie Cookie = Request.Header.Cookie;
if (!(Cookie is null))
{
string HttpSessionID = Cookie["HttpSessionID"];
if (!string.IsNullOrEmpty(HttpSessionID))
{
Request.Session = this.server.GetSession(HttpSessionID);
}
}
}
IUser User = await Scheme.IsAuthenticated(Request);
if (!(User is null))
{
Request.User = User;
break;
}
}
if (Request.User is null)
{
List <KeyValuePair <string, string> > Challenges = new List <KeyValuePair <string, string> >();
foreach (HttpAuthenticationScheme Scheme in AuthenticationSchemes)
{
string Challenge = Scheme.GetChallenge();
if (!string.IsNullOrEmpty(Challenge))
{
Challenges.Add(new KeyValuePair <string, string>("WWW-Authenticate", Challenge));
}
}
await this.SendResponse(Request, null, new HttpException(401, "Unauthorized", "Unauthorized access prohibited."), false, Challenges.ToArray());
Request.Dispose();
return(true);
}
}
Resource.Validate(Request);
if (Request.Header.Expect != null)
{
if (Request.Header.Expect.Continue100)
{
if (!Request.HasData)
{
await this.SendResponse(Request, null, new HttpException(100, "Continue", null), false);
return(null);
}
}
else
{
await this.SendResponse(Request, null, new HttpException(417, "Expectation Failed", "Unable to parse Expect header."), true);
Request.Dispose();
return(false);
}
}
Task _ = Task.Run(() => this.ProcessRequest(Request, Resource));
return(true);
}
else
{
await this.SendResponse(Request, null, new NotFoundException("Resource not found: " + this.server.CheckResourceOverride(Request.Header.Resource)), false);
Result = true;
}
}
public WindowsAuthentication(IAuthenticationSession session, IWindowsPrincipalHandler handler, ILoginAuditor auditor)
{
_session = session;
_handler = handler;
_auditor = auditor;
}
