private void LogError(string message, SignInValidationResult result) { //var log = new SignInValidationLog(result); //Logger.ErrorFormat("{0}\n{1}", message, log.ToString()); }
private void LogSuccess(SignInValidationResult result) { //var log = new SignInValidationLog(result); //Logger.InfoFormat("End WS-Federation signin request validation\n{0}", log.ToString()); }
public async Task <SignInValidationResult> ValidateAsync(WsFederationMessage message, ClaimsPrincipal user) { //Logger.Info("Start WS-Federation signin request validation"); var result = new SignInValidationResult { WsFederationMessage = message }; // check client var client = await _clients.FindEnabledClientByIdAsync(message.Wtrealm); if (client == null) { LogError("Client not found: " + message.Wtrealm, result); return(new SignInValidationResult { Error = "invalid_relying_party" }); } if (client.ProtocolType != IdentityServerConstants.ProtocolTypes.WsFederation) { LogError("Client is not configured for WS-Federation", result); return(new SignInValidationResult { Error = "invalid_relying_party" }); } result.Client = client; result.ReplyUrl = client.RedirectUris.First(); // check if additional relying party settings exist var rp = await _relyingParties.FindRelyingPartyByRealm(message.Wtrealm); if (rp == null) { rp = new RelyingParty { TokenType = _options.DefaultTokenType, SignatureAlgorithm = _options.DefaultSignatureAlgorithm, DigestAlgorithm = _options.DefaultDigestAlgorithm, SamlNameIdentifierFormat = _options.DefaultSamlNameIdentifierFormat, ClaimMapping = _options.DefaultClaimMapping }; } result.RelyingParty = rp; if (user == null || user.Identity.IsAuthenticated == false) { result.SignInRequired = true; } result.User = user; LogSuccess(result); return(result); }
public async Task <SignInValidationResult> ValidateAsync(WsFederationMessage message, ClaimsPrincipal user) { _logger.LogInformation("Start WS-Federation signin request validation"); var result = new SignInValidationResult { WsFederationMessage = message }; // check client var client = await _clients.FindEnabledClientByIdAsync(message.Wtrealm); if (client == null) { LogError("Client not found: " + message.Wtrealm, result); return(new SignInValidationResult { Error = "invalid_relying_party" }); } if (client.Enabled == false) { LogError("Client is disabled: " + message.Wtrealm, result); return(new SignInValidationResult { Error = "invalid_relying_party" }); } if (client.ProtocolType != IdentityServerConstants.ProtocolTypes.WsFederation) { LogError("Client is not configured for WS-Federation", result); return(new SignInValidationResult { Error = "invalid_relying_party" }); } result.Client = client; result.ReplyUrl = client.RedirectUris.First(); // check if additional relying party settings exist var rp = await _relyingParties.FindRelyingPartyByRealm(message.Wtrealm); if (rp == null) { rp = new RelyingParty { TokenType = _options.DefaultTokenType, SignatureAlgorithm = _options.DefaultSignatureAlgorithm, DigestAlgorithm = _options.DefaultDigestAlgorithm, SamlNameIdentifierFormat = _options.DefaultSamlNameIdentifierFormat, ClaimMapping = _options.DefaultClaimMapping }; } result.RelyingParty = rp; if (user == null || user.Identity.IsAuthenticated == false) { result.SignInRequired = true; return(result); } result.User = user; if (!string.IsNullOrEmpty(message.Wfresh)) { if (int.TryParse(message.Wfresh, out int maxAgeInMinutes)) { if (maxAgeInMinutes == 0) { _logger.LogInformation("Showing login: Requested wfresh=0."); message.Wfresh = null; result.SignInRequired = true; return(result); } var authTime = user.GetAuthenticationTime(); if (_clock.UtcNow.UtcDateTime > authTime.AddMinutes(maxAgeInMinutes)) { _logger.LogInformation("Showing login: Requested wfresh time exceeded."); result.SignInRequired = true; return(result); } } } LogSuccess(result); return(result); }
private void LogError(string message, SignInValidationResult result) { // var log = JsonConvert.SerializeObject(result, Formatting.Indented); // _logger.LogError("{0}\n{1}", message, log.ToString()); }
private void LogSuccess(SignInValidationResult result) { // var log = JsonConvert.SerializeObject(result, Formatting.Indented); // _logger.LogInformation("End WS-Federation signin request validation\n{0}", log.ToString()); }