public AuthenticationMiddleware( RequestDelegate next, IOptions <TOptions> options, IAuthenticationManager authenticationManager) { if (next == null) { throw new ArgumentNullException(nameof(next)); } if (options == null) { throw new ArgumentNullException(nameof(options)); } if (options.Value.ConfigurationEdp == null) { throw new ArgumentNullException(nameof(options.Value.ConfigurationEdp)); } if (options.Value.IdServer == null) { throw new ArgumentNullException(nameof(options.Value.IdServer)); } if (authenticationManager == null) { throw new ArgumentNullException(nameof(authenticationManager)); } _next = next; _options = options.Value; _authenticationManager = authenticationManager; }
public async Task <bool> Initialize(HttpContext httpContext, AuthenticationMiddlewareOptions authenticationOptions) { if (httpContext == null) { throw new ArgumentNullException(nameof(httpContext)); } if (authenticationOptions == null) { throw new ArgumentNullException(nameof(authenticationOptions)); } if (authenticationOptions.ConfigurationEdp == null) { throw new ArgumentNullException(nameof(authenticationOptions.ConfigurationEdp)); } if (authenticationOptions.IdServer == null) { throw new ArgumentNullException(nameof(authenticationOptions.IdServer)); } var url = httpContext.Request.GetAbsoluteUriWithVirtualPath(); Func <GrantedToken, Task <List <AuthenticationProviderResponse> > > getAuthProvidersCb = (t) => { return(_simpleIdServerConfigurationClientFactory.GetAuthProviderClient() .GetAuthProvidersByResolving(authenticationOptions.ConfigurationEdp.ConfigurationUrl, t.AccessToken)); }; Func <Task <GrantedToken> > getAccessTokenCb = () => _identityServerClientFactory.CreateAuthSelector() .UseClientSecretPostAuth(authenticationOptions.ConfigurationEdp.ClientId, authenticationOptions.ConfigurationEdp.ClientSecret) .UseClientCredentials(authenticationOptions.ConfigurationEdp.Scopes.ToArray()) .ResolveAsync(url + "/.well-known/openid-configuration"); var datedRecord = await _storageHelper.GetAsync <GrantedToken>(StorageKey); bool generateToken = datedRecord == null || datedRecord.Obj == null; if (!generateToken) { var expirationDateTime = datedRecord.CreateDate.AddSeconds(datedRecord.Obj.ExpiresIn); generateToken = DateTime.UtcNow > expirationDateTime; } GrantedToken grantedToken = null; if (generateToken) { grantedToken = await getAccessTokenCb(); await _storageHelper.SetAsync(StorageKey, grantedToken); } else { grantedToken = datedRecord.Obj; } var authProviders = new List <AuthenticationProviderResponse>(); try { authProviders = await getAuthProvidersCb(grantedToken); } catch { _logger.LogError("An error occured while trying to retrieve the authentication providers. Retry ..."); grantedToken = await getAccessTokenCb(); await _storageHelper.SetAsync(StorageKey, grantedToken); authProviders = await getAuthProvidersCb(grantedToken); } foreach (var authProvider in authProviders) { if (!authProvider.IsEnabled) { continue; } var result = false; switch (authProvider.Type) { case AuthenticationProviderResponseTypes.OAUTH2: result = await EnableOauth2IdentityProvider(authProvider, httpContext); break; case AuthenticationProviderResponseTypes.OPENID: result = await EnableOpenIdIdentityProvider(authProvider, httpContext); break; case AuthenticationProviderResponseTypes.WSFED: result = await EnableWsFederationAuthentication(authProvider, httpContext, authenticationOptions.IdServer.ExternalLoginCallback); break; } if (result) { return(true); } } return(false); }