/// <summary> /// Constructs an authenicated user. /// </summary> /// <param name="id">The permanent ID of the authenticated user.</param> /// <param name="authenticationProvider">The <see cref="AuthenticationProvider"/> which authenticated this user.</param> public UserState(Guid id, AuthenticationProvider authenticationProvider) { // validate arguments if (id == Guid.Empty) throw new ArgumentNullException("id"); if (authenticationProvider == null) throw new ArgumentNullException("authenticationProvider"); // set values this.id = id; isAuthenticated = true; authenticationProviderName = authenticationProvider.Name; }
/// <summary> /// Authenticates the user. /// </summary> /// <param name="context">The <see cref="IMansionContext"/>.</param> /// <param name="authenicationProvider">The authentication provider which to use.</param> /// <param name="parameters">The parameters used for authentication.</param> /// <returns>Returns the <see cref="AuthenticationResult"/>.</returns> protected override AuthenticationResult DoAuthenticate(IMansionContext context, AuthenticationProvider authenicationProvider, IPropertyBag parameters) { // authenticate var result = authenicationProvider.Authenticate(context, parameters); if (!result.WasSuccesful) return result; var user = result.UserState; // get the web request context var webContext = context.Cast<IMansionWebContext>(); // check session if (!webContext.Session.IsWritable) throw new InvalidOperationException("Could not authenticate user because the session is not writeable"); // store this user in the session webContext.Session[GetRevivalCookieName(context)] = user; // check if the authentication provider support user revival and the rememberMe flag was set var revivalCookieName = GetRevivalCookieName(context); if (authenicationProvider.SupportsRevival && parameters.Get(context, "allowRevival", false)) { // get the revival data for this user var revivalData = authenicationProvider.GetRevivalProperties(context, user, parameters); if (revivalData != null) { // add additional revival properties revivalData.Set("authenticationProviderName", authenicationProvider.Name); revivalData.Set("userSignature", GetUserSignatureHash(webContext)); // encrypt it var serializedRevivalData = conversionService.Convert<byte[]>(context, revivalData); var encryptedRevivalData = encryptionService.Encrypt(context, cookieSalt, serializedRevivalData); var revivalDataString = conversionService.Convert<string>(context, encryptedRevivalData); // store it in a cookie var revivalCookie = new WebCookie { Name = revivalCookieName, Value = revivalDataString, Expires = DateTime.Now.AddDays(14), HttpOnly = true }; context.SetCookie(revivalCookie); } } else context.DeleteCookie(revivalCookieName); // authentication was successful return result; }
/// <summary> /// Resolves <paramref name="authenticationProviderName"/> to an actual implementation of <see cref="AuthenticationProvider" />. /// </summary> /// <param name="context">The <see cref="IMansionContext"/>.</param> /// <param name="authenticationProviderName">The name of the desired authentication provider.</param> /// <param name="provider">The <see cref="AuthenticationProvider"/> found.</param> /// <returns>Returns true when the provider was found, otherwise false.</returns> protected bool TryResolveAuthenticationProvider(IMansionContext context, string authenticationProviderName, out AuthenticationProvider provider) { // validate arguments if (context == null) throw new ArgumentNullException("context"); if (string.IsNullOrEmpty(authenticationProviderName)) throw new ArgumentNullException("authenticationProviderName"); return providers.TryGetValue(authenticationProviderName, out provider); }
/// <summary> /// Logs the user of from the current <see cref="IMansionContext"/>. /// </summary> /// <param name="securityContext">The security context.</param> /// <param name="authenicationProvider">The authentication provider which to use.</param> protected abstract void DoLogoff(IMansionContext securityContext, AuthenticationProvider authenicationProvider);
/// <summary> /// Authenticates the user. /// </summary> /// <param name="securityContext">The security context.</param> /// <param name="authenicationProvider">The authentication provider which to use.</param> /// <param name="parameters">The parameters used for authentication.</param> /// <returns>Returns the <see cref="AuthenticationResult"/>.</returns> protected abstract AuthenticationResult DoAuthenticate(IMansionContext securityContext, AuthenticationProvider authenicationProvider, IPropertyBag parameters);
/// <summary> /// Logs the user of from the current request context. /// </summary> /// <param name="context">The <see cref="IMansionContext"/>.</param> /// <param name="authenicationProvider">The authentication provider which to use.</param> protected override void DoLogoff(IMansionContext context, AuthenticationProvider authenicationProvider) { // authenticate authenicationProvider.Logoff(context); // get the web request context var webContext = context.Cast<IMansionWebContext>(); // check session if (!webContext.Session.IsWritable) throw new InvalidOperationException("Could not log off user because the session is not writeable"); // clear the user from the session webContext.Session.Remove(GetRevivalCookieName(context)); // delete any revival cookies context.DeleteCookie(GetRevivalCookieName(context)); }