/// <summary>
/// Attempts to authorize the user for the request.
/// </summary>
/// <param name="actionContext">
/// The action context.
/// </param>
public void AuthorizeUser(HttpActionContext actionContext)
{
//TODO: This implements enough mock functionality to populate the security context. Add support for more scenarios as needed.
if (actionContext.Request.Headers != null && actionContext.Request.Headers.Authorization != null)
{
string scheme = actionContext.Request.Headers.Authorization.Scheme;
string parameter = actionContext.Request.Headers.Authorization.Parameter;
Tuple <string, string> key = new Tuple <string, string>(scheme, parameter);
if (users.ContainsKey(key) == false)
{
Guid userId;
if (scheme.Equals("usertoken", StringComparison.OrdinalIgnoreCase) == true)
{
LomoUserIdSecurityToken token = new LomoUserIdSecurityToken(
parameter,
ConfigurationManager.AppSettings[AppSettingsKeys.SecureTokenSigningKey],
ConfigurationManager.AppSettings[AppSettingsKeys.SecureTokenPassword],
ConfigurationManager.AppSettings[AppSettingsKeys.SecureTokenSalt],
Convert.ToUInt64(ConfigurationManager.AppSettings[AppSettingsKeys.SecureTokenClockSkew]));
userId = new Guid(token.UserId);
}
else
{
userId = Guid.NewGuid();
}
users[key] = new MockUser {
Id = userId, Name = String.Concat("test", userId)
};
}
MockUser user = users[key];
Thread.CurrentPrincipal = new CustomPrincipal(new CustomIdentity(user.Id, user.Name, scheme), null);
}
}
/// <summary>
/// Executes the get user token for card operation invocation.
/// </summary>
/// <remarks>
/// Authenticated user is automatically created within the system if necessary when obtaining a token for Create operations.
/// </remarks>
public void Execute()
{
ResultSummary resultSummary = (ResultSummary)Context[Key.ResultSummary];
Crud crud;
if (Enum.TryParse <Crud>((string)Context[Key.RequestedCrudOperation], true, out crud) == true)
{
// Validate the user ID in the context.
ResultCode validateUserIdResult = ValidateUserId(crud);
if (validateUserIdResult == ResultCode.Success || validateUserIdResult == ResultCode.Created)
{
Guid userId = (Guid)Context[Key.GlobalUserId];
LomoUserIdSecurityToken token = new LomoUserIdSecurityToken(
userId.ToString(),
CommerceServiceConfig.Instance.Environment,
Resource.Cards.ToString(),
crud.ToString(),
Convert.ToInt64(ConfigurationManager.AppSettings[AppSettingsKeys.SecureTokenLifetime]),
ConfigurationManager.AppSettings[AppSettingsKeys.SecureTokenSigningKey],
ConfigurationManager.AppSettings[AppSettingsKeys.SecureTokenPassword],
ConfigurationManager.AppSettings[AppSettingsKeys.SecureTokenSalt]);
((GetSecureCardOperationTokenResponse)Context[Key.Response]).Token = token.ToString();
resultSummary.SetResultCode(ResultCode.Success);
}
else
{
resultSummary.SetResultCode(validateUserIdResult);
}
}
else
{
resultSummary.SetResultCode(ResultCode.InvalidParameter);
}
}
private string WriteAuthDataToAuthCookie(string puid, string profileName, string email)
{
try
{
LomoUserIdSecurityToken token = new LomoUserIdSecurityToken(puid.ToLower(), Constants.TokenIssuer, Constants.TokenResource, Constants.TokenAction, 86400, Constants.TokenSigningKey, Constants.TokenEncryptionKey, Constants.TokenEcryptionSalt);
if (!string.IsNullOrWhiteSpace(profileName))
{
token.AddClaim(LomoClaimTypes.NameClaimType, profileName);
}
if (!string.IsNullOrWhiteSpace(email))
{
token.AddClaim(LomoClaimTypes.EmailClaimType, email);
}
string data = Constants.CustomMSAPrefix + token.ToString();
string authCookieName = ConfigurationManager.AppSettings["AuthCookieName"];
HttpCookie authCookie = new HttpCookie(authCookieName, HttpUtility.UrlEncode(data));
authCookie.Domain = ConfigurationManager.AppSettings["RootDomain"];
authCookie.Expires = DateTime.UtcNow.Add(TimeSpan.FromDays(1));
HttpContext.Current.Response.Cookies.Add(authCookie);
return(data);
}
catch (Exception)
{
}
return(string.Empty);
}
/// <summary>
/// The authenticate.
/// </summary>
/// <param name="credentials">
/// The credentials.
/// </param>
/// <param name="flags">
/// A general purpose flags set
/// </param>
/// <returns>
/// The <see cref="AuthPayload"/>.
/// </returns>
public AuthPayload Authenticate(SecurityCredentials credentials, HashSet <string> flags = null)
{
AuthPayload result = null;
if (credentials.Token != null)
{
LomoUserIdSecurityToken token = new LomoUserIdSecurityToken(
credentials.Token,
ConfigurationManager.AppSettings[AppSettingsKeys.SecureTokenSigningKey],
ConfigurationManager.AppSettings[AppSettingsKeys.SecureTokenPassword],
ConfigurationManager.AppSettings[AppSettingsKeys.SecureTokenSalt],
Convert.ToUInt64(ConfigurationManager.AppSettings[AppSettingsKeys.SecureTokenClockSkew]));
var identity = new CustomIdentity(new Guid(token.UserId), null, credentials.SecurityProviderName);
result = new AuthPayload(identity);
result.CredentialAuthorizationParameters[Resource] = token.Resource;
result.CredentialAuthorizationParameters[Action] = token.Action;
}
return(result);
}