public UserIdentity ShowDialog(IWin32Window owner, string caption, UserIdentity identity) { if (!String.IsNullOrEmpty(caption)) { InstructuctionsLabel.Text = caption; InstructuctionsLabel.Visible = true; } UserNameTextBox.Text = null; PasswordTextBox.Text = null; if (identity != null) { UserNameIdentityToken token = identity.GetIdentityToken() as UserNameIdentityToken; if (token != null) { UserNameTextBox.Text = token.UserName; PasswordTextBox.Text = token.DecryptedPassword; } } if (base.ShowDialog(owner) != DialogResult.OK) { return(null); } return(new UserIdentity(UserNameTextBox.Text.Trim(), PasswordTextBox.Text.Trim())); }
/// <summary> /// Called when a client tries to change its user identity. /// </summary> private void SessionManager_ImpersonateUser(Session session, ImpersonateEventArgs args) { // check for an issued token. IssuedIdentityToken issuedToken = args.NewIdentity as IssuedIdentityToken; if (issuedToken != null) { if (args.UserTokenPolicy.IssuedTokenType == "http://opcfoundation.org/UA/UserTokenPolicy#JWT") { JwtEndpointParameters parameters = new JwtEndpointParameters(); parameters.FromJson(args.UserTokenPolicy.IssuerEndpointUrl); var jwt = new UTF8Encoding().GetString(issuedToken.DecryptedTokenData); var identity = ValidateJwt(parameters, jwt); Utils.Trace("JSON Web Token Accepted: {0}", identity.DisplayName); args.Identity = identity; return; } } // check for a user name token. UserNameIdentityToken userNameToken = args.NewIdentity as UserNameIdentityToken; if (userNameToken != null) { var identity = new UserIdentity(userNameToken); var token = (UserNameIdentityToken)identity.GetIdentityToken(); switch (token.UserName) { case "gdsadmin": { if (token.DecryptedPassword == "demo") { Utils.Trace("GdsAdmin Token Accepted: {0}", args.Identity.DisplayName); return; } break; } case "appadmin": { if (token.DecryptedPassword == "demo") { args.Identity = new RoleBasedIdentity(identity, GdsRole.ApplicationAdmin); Utils.Trace("ApplicationAdmin Token Accepted: {0}", args.Identity.DisplayName); return; } break; } case "appuser": { if (token.DecryptedPassword == "demo") { args.Identity = new RoleBasedIdentity(identity, GdsRole.ApplicationUser); Utils.Trace("ApplicationUser Token Accepted: {0}", args.Identity.DisplayName); return; } break; } } args.Identity = identity; Utils.Trace("UserName Token Accepted: {0}", args.Identity.DisplayName); return; } // check for x509 user token. X509IdentityToken x509Token = args.NewIdentity as X509IdentityToken; if (x509Token != null) { VerifyCertificate(x509Token.Certificate); args.Identity = new UserIdentity(x509Token); Utils.Trace("X509 Token Accepted: {0}", args.Identity.DisplayName); return; } }