protected override Task <AuthenticateResult> HandleAuthenticateAsync()
{
var config = Context.Items.Get <StormpathConfiguration>(OwinKeys.StormpathConfiguration);
var scheme = Context.Items.Get <string>(OwinKeys.StormpathUserScheme);
var account = Context.Items.Get <IAccount>(OwinKeys.StormpathUser);
var deleteCookieAction = new Action <WebCookieConfiguration>(cookie =>
{
Response.Cookies.Delete(cookie.Name, new CookieOptions()
{
Domain = cookie.Domain,
Path = cookie.Path
});
});
var setStatusCodeAction = new Action <int>(code => Response.StatusCode = code);
var redirectAction = new Action <string>(location => Response.Redirect(location));
this.handler = new RouteProtector(
config.Web,
deleteCookieAction,
setStatusCodeAction,
redirectAction,
this.stormpathLogger);
if (!this.handler.IsAuthenticated(scheme, Options.AuthenticationScheme, account))
{
return(Task.FromResult(AuthenticateResult.Fail("Request is not properly authenticated.")));
}
var principal = AccountIdentityTransformer.CreatePrincipal(account, scheme);
var ticket = new AuthenticationTicket(principal, new AuthenticationProperties(), scheme);
return(Task.FromResult(AuthenticateResult.Success(ticket)));
}
private static void GetUserIdentity(HttpContext httpContext, ILogger logger)
{
var config = httpContext.Items.Get <StormpathConfiguration>(OwinKeys.StormpathConfiguration);
var scheme = httpContext.Items.Get <string>(OwinKeys.StormpathUserScheme);
var account = httpContext.Items.Get <IAccount>(OwinKeys.StormpathUser);
var handler = new RouteProtector(config.Web, null, null, null, logger);
var isAuthenticatedRequest = handler.IsAuthenticated(scheme, scheme, account);
if (isAuthenticatedRequest)
{
httpContext.User = AccountIdentityTransformer.CreatePrincipal(account, scheme);
}
if (httpContext.User == null)
{
httpContext.User = new GenericPrincipal(new GenericIdentity(""), new string[0]);
}
}
private static void GetUserIdentity(HttpContext httpContext, ILogger logger)
{
var client = httpContext.Items.Get<IClient>(OwinKeys.StormpathClient);
var config = httpContext.Items.Get<StormpathConfiguration>(OwinKeys.StormpathConfiguration);
var scheme = httpContext.Items.Get<string>(OwinKeys.StormpathUserScheme);
var account = httpContext.Items.Get<IAccount>(OwinKeys.StormpathUser);
var handler = new RouteProtector(client, config, null, null, null, null, logger);
var isAuthenticatedRequest = handler.IsAuthenticated(scheme, scheme, account);
if (isAuthenticatedRequest)
{
httpContext.User = AccountIdentityTransformer.CreatePrincipal(account, scheme);
}
if (httpContext.User == null)
{
httpContext.User = new GenericPrincipal(new GenericIdentity(""), new string[0]);
}
}
public void Configuration(IAppBuilder app)
{
var logger = new ConsoleLogger(LogLevel.Trace);
// Initialize the Stormpath middleware
var stormpath = StormpathMiddleware.Create(new StormpathOwinOptions()
{
LibraryUserAgent = "nowin/0.22.2",
ViewRenderer = new PrecompiledViewRenderer(logger),
Logger = logger,
PreRegistrationHandler = (ctx, ct) =>
{
ctx.Account.CustomData["source"] = "Nowin";
return(Task.FromResult(true));
},
PostRegistrationHandler = async(ctx, ct) =>
{
var customData = await ctx.Account.GetCustomDataAsync(ct);
},
PreLoginHandler = (ctx, ct) =>
{
return(Task.FromResult(true));
},
PostLoginHandler = async(ctx, ct) =>
{
var customData = await ctx.Account.GetCustomDataAsync(ct);
}
});
// Insert it into the OWIN pipeline
app.Use(stormpath);
// Add a sample middleware that responds to GET /
app.Use(new Func <AppFunc, AppFunc>(next => (async env =>
{
if (env["owin.RequestPath"] as string != "/")
{
await next.Invoke(env);
return;
}
using (var writer = new StreamWriter(env["owin.ResponseBody"] as Stream))
{
await writer.WriteAsync("<h1>Hello from OWIN!</h1>");
if (!env.ContainsKey(OwinKeys.StormpathUser))
{
await writer.WriteAsync("<a href=\"/login\">Log in</a> or <a href=\"/register\">Register</a>");
}
else
{
var user = env[OwinKeys.StormpathUser] as IAccount;
await writer.WriteAsync($"<p>Logged in as {user?.FullName} ({user?.Email})</p>");
await writer.WriteAsync(@"
<form action=""/logout"" method=""post"" id=""logout_form"">
<a onclick=""document.getElementById('logout_form').submit();"" style=""cursor: pointer;"">
Log Out
</a>
</form>");
}
await writer.FlushAsync();
}
})));
// Add a "protected" route
app.Use(new Func <AppFunc, AppFunc>(next => (async env =>
{
if (env["owin.RequestPath"] as string != "/protected")
{
await next.Invoke(env);
return;
}
if (!env.ContainsKey(OwinKeys.StormpathUser))
{
var deleteCookieAction =
new Action <Configuration.Abstractions.Immutable.WebCookieConfiguration>(_ => { }); // TODO
var setStatusCodeAction = new Action <int>(code => env["owin.ResponseStatusCode"] = code);
var setHeaderAction = new Action <string, string>((name, value) =>
(env["owin.ResponseHeaders"] as IDictionary <string, string[]>).SetString(name, value));
var redirectAction = new Action <string>(location =>
{
setStatusCodeAction(302);
setHeaderAction("Location", location);
});
var routeProtector = new RouteProtector(
stormpath.GetClient(),
stormpath.Configuration,
deleteCookieAction,
setStatusCodeAction,
setHeaderAction,
redirectAction,
null);
routeProtector.OnUnauthorized("text/html", "/protected");
}
else
{
using (var writer = new StreamWriter(env["owin.ResponseBody"] as Stream))
{
await writer.WriteAsync("<p>Zomg secret!</p>");
await writer.FlushAsync();
}
}
})));
}
