/// <summary>
/// Process Authentication Request
/// </summary>
/// <returns></returns>
protected override Task <AuthenticateResult> HandleAuthenticateAsync()
{
// get SiteMinder headers
_logger.LogDebug("Parsing the HTTP headers for SiteMinder authentication credential");
SiteMinderAuthOptions options = new SiteMinderAuthOptions();
try
{
HttpContext context = Request.HttpContext;
DbAppContext dbAppContext = (DbAppContext)context.RequestServices.GetService(typeof(DbAppContext));
IHostingEnvironment hostingEnv = (IHostingEnvironment)context.RequestServices.GetService(typeof(IHostingEnvironment));
UserSettings userSettings = new UserSettings();
string userId = "";
string siteMinderGuid = "";
string businessGuid = "";
string url = context.Request.GetDisplayUrl().ToLower();
_logger.LogWarning("Timestamp: {0:dd-MM-yyyy HH:mm:ss.FFFF} | Url: {1} | Remote Ip: {0}",
DateTime.Now, url, context.Connection.RemoteIpAddress.ToString());
// ********************************************************
// if this is an Error or Authentication API - Ignore
// ********************************************************
if (url.Contains("/authentication/dev") ||
url.Contains("/error") ||
url.Contains("/hangfire") ||
url.Contains("/swagger"))
{
_logger.LogInformation("Bypassing authentication process ({0})", url);
return(Task.FromResult(AuthenticateResult.NoResult()));
}
// **************************************************
// check if we have a Dev Environment Cookie
// **************************************************
string tempToken = context.Request.Cookies[options.DevAuthenticationTokenKey];
if (hostingEnv.IsDevelopment() && !string.IsNullOrEmpty(tempToken))
{
_logger.LogInformation("Dev Authentication token found ({0})", tempToken);
userId = tempToken;
}
else if ((context.Connection.RemoteIpAddress.ToString().StartsWith("::1") ||
context.Connection.RemoteIpAddress.ToString().StartsWith("::ffff:127.0.0.1")) &&
url.StartsWith("http://*****:*****@"LOCK TABLE ""HET_USER"" IN EXCLUSIVE MODE;");
HetUser user = dbAppContext.HetUser.First(x => x.UserId == updUserId);
user.DistrictId = districtId;
dbAppContext.HetUser.Update(user);
// update user record
dbAppContext.SaveChanges();
// commit
transaction.Commit();
}
}
}
userSettings.SiteMinderGuid = siteMinderGuid;
userSettings.UserAuthenticated = true;
userSettings.BusinessUser = false;
}
// **************************************************
// validate / check user permissions
// **************************************************
_logger.LogInformation("Validating user permissions");
ClaimsPrincipal userPrincipal;
if (userSettings.BusinessUser &&
userSettings.UserAuthenticated &&
userSettings.HetsBusinessUser != null)
{
userPrincipal = userSettings.HetsBusinessUser.ToClaimsPrincipal(options.Scheme);
if (!userPrincipal.HasClaim(HetUser.PermissionClaim, HetPermission.BusinessLogin))
{
_logger.LogWarning(options.MissingDbUserIdError + " (" + userId + ")");
return(Task.FromResult(AuthenticateResult.Fail(options.InvalidPermissions)));
}
}
else
{
userPrincipal = userSettings.HetsUser.ToClaimsPrincipal(options.Scheme);
if (!userPrincipal.HasClaim(HetUser.PermissionClaim, HetPermission.Login) &&
!userPrincipal.HasClaim(HetUser.PermissionClaim, HetPermission.BusinessLogin))
{
_logger.LogWarning(options.MissingDbUserIdError + " (" + userId + ")");
return(Task.FromResult(AuthenticateResult.Fail(options.InvalidPermissions)));
}
}
// **************************************************
// create authenticated user
// **************************************************
_logger.LogInformation("Authentication successful: " + userId);
_logger.LogInformation("Setting identity and creating session for: " + userId);
// **************************************************
// done!
// **************************************************
ClaimsPrincipal principal = userPrincipal;
return(Task.FromResult(AuthenticateResult.Success(new AuthenticationTicket(principal, null, Options.Scheme))));
}
catch (Exception exception)
{
_logger.LogError(exception.Message);
Console.WriteLine(exception);
throw;
}
}