protected override async Task <AuthenticationTicket> AuthenticateCoreAsync() { AuthenticationProperties properties = null; try { var query = Request.Query; var state = query.GetValues("state")?.FirstOrDefault(); if (!string.IsNullOrWhiteSpace(state)) { properties = Options.StateDataFormat.Unprotect(state); } if (properties == null) { _logger.WriteWarning("Invalid return state"); return(null); } // Anti-CSRF if (!ValidateCorrelationId(properties, _logger)) { return(new AuthenticationTicket(null, properties)); } var ticket = query.GetValues("ticket")?.FirstOrDefault(); if (string.IsNullOrEmpty(ticket)) { _logger.WriteWarning("Missing ticket parameter"); return(new AuthenticationTicket(null, properties)); } var service = BuildReturnTo(state); var principal = await Options.ServiceTicketValidator.ValidateAsync(ticket, service, Request.CallCancelled).ConfigureAwait(false); if (principal == null) { _logger.WriteError($"Principal missing in [{Options.ServiceTicketValidator.GetType().FullName}]"); return(new AuthenticationTicket(null, properties)); } if (Options.UseAuthenticationSessionStore) { // store serviceTicket for single sign out properties.SetServiceTicket(ticket); } var context = new CasCreatingTicketContext( Context, principal.Identity as ClaimsIdentity ?? new ClaimsIdentity(principal.Identity), properties); await Options.Provider.CreatingTicket(context).ConfigureAwait(false); return(new AuthenticationTicket(context.Identity, context.Properties)); } catch (Exception ex) { _logger.WriteError("Authentication failed", ex); return(new AuthenticationTicket(null, properties)); } }
public virtual Task CreatingTicket(CasCreatingTicketContext context) => OnCreatingTicket(context);