API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 23rd, 2017
109
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.94 KB | None | 0 0
raw download clone embed print report
  1. using iBoris.IRonline;
  2. using iBoris.IRonline.Security;
  3. using iBoris.IRonline.Services.Security;
  4. using iBoris.Unicorn;
  5. using iBoris.Unicorn.Security;
  6. using Microsoft.Owin.Security;
  7. using Microsoft.Owin.Security.Cookies;
  8. using Microsoft.Owin.Security.OAuth;
  9. using System;
  10. using System.Collections.Generic;
  11. using System.Net;
  12. using System.Security.Claims;
  13. using System.Threading;
  14. using System.Threading.Tasks;
  15. using System.Web;
  16.  
  17. namespace IRonline.WebApp.Providers
  18. {
  19. public class ApplicationOAuthProvider : OAuthAuthorizationServerProvider
  20. {
  21. public ApplicationOAuthProvider(string publicClientId)
  22. {
  23. ExceptionUtil.NotNull(publicClientId, nameof(publicClientId));
  24.  
  25. _publicClientId = publicClientId;
  26. }
  27.  
  28. public override Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
  29. {
  30. var username = context.UserName;
  31. var password = context.Password;
  32.  
  33. if (IsUserNameValid(context, username) && IsPasswordValid(context, password))
  34. {
  35. var transactionContext = new RootTransactionContext();
  36. try
  37. {
  38. transactionContext.Begin();
  39.  
  40. var principal = UnicornAuthentication.Authenticate(username, password);
  41.  
  42. var user = ((ClaimsIdentity)principal.Identity).GetUser();
  43. if (user == null || user.IsAnonymous())
  44. {
  45. SetError(context, Strings.ApplicationOAuthProvider_InvalidUserNameOrPassword, Strings.ApplicationOAuthProvider_InvalidUserNameOrPasswordDescription);
  46. }
  47. else
  48. {
  49. try
  50. {
  51. user.LastLogin = DateTime.Now;
  52. user.NeedsLogout = false;
  53.  
  54. var oAuthId = user.GetIdentity(OAuthDefaults.AuthenticationType);
  55. var cookiesId = user.GetIdentity(CookieAuthenticationDefaults.AuthenticationType);
  56.  
  57. IDictionary<string, string> data = new Dictionary<string, string>
  58. {
  59. { "userName", user.UserName },
  60. { "termsAccepted", user.TermsAccepted.ToString() },
  61. { "passwordReset", (!(user.NeedsPasswordReset)).ToString() },
  62. { "defaultUrl", "/" }
  63. };
  64.  
  65. AuthenticationProperties properties = CreateProperties(data);
  66. AuthenticationTicket ticket = new AuthenticationTicket(oAuthId, properties);
  67. context.Validated(ticket);
  68.  
  69. context.Request.Context.Authentication.SignIn(new AuthenticationProperties() { IsPersistent = true }, cookiesId);
  70. HttpContext.Current.User = principal;
  71. Thread.CurrentPrincipal = principal;
  72.  
  73. Persistence.GetPersisterForEntity(user).Save();
  74. }
  75. catch (DomainObjectAuthorizationException ex)
  76. {
  77. SetError(context, "PERMISSION", ex.Message);
  78. }
  79. }
  80. transactionContext.Commit();
  81. }
  82. catch
  83. {
  84. transactionContext.Rollback();
  85. throw;
  86. }
  87. }
  88.  
  89. return Task.FromResult(0);
  90. }
  91. public override Task TokenEndpoint(OAuthTokenEndpointContext context)
  92. {
  93. foreach (KeyValuePair<string, string> property in context.Properties.Dictionary)
  94. {
  95. context.AdditionalResponseParameters.Add(property.Key, property.Value);
  96. }
  97.  
  98. return Task.FromResult<object>(null);
  99. }
  100. public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
  101. {
  102. // Resource owner password credentials does not provide a client ID.
  103. if (context.ClientId == null)
  104. {
  105. context.Validated();
  106. }
  107.  
  108. return Task.FromResult<object>(null);
  109. }
  110.  
  111. #region Private Members
  112. private static AuthenticationProperties CreateProperties(IDictionary<string, string> data)
  113. {
  114. return new AuthenticationProperties(data);
  115. }
  116.  
  117. private static void SetError(OAuthGrantResourceOwnerCredentialsContext context, string error, string errorDescription)
  118. {
  119. context.SetError(error, errorDescription);
  120. context.Response.Headers.Add("X-Challenge", new[] { ((int)HttpStatusCode.Unauthorized).ToString() });
  121. }
  122.  
  123. private static bool IsUserNameValid(OAuthGrantResourceOwnerCredentialsContext context, string username)
  124. {
  125. var valid = true;
  126.  
  127. if (string.IsNullOrEmpty(username))
  128. {
  129. SetError(context, Strings.ApplicationOAuthProvider_InvalidUsername.ToUpperInvariant(), Strings.ApplicationOAuthProvider_UserNameIsRequired);
  130. valid = false;
  131. }
  132.  
  133. return valid;
  134. }
  135. private static bool IsPasswordValid(OAuthGrantResourceOwnerCredentialsContext context, string password)
  136. {
  137. var valid = true;
  138.  
  139. if (string.IsNullOrEmpty(password))
  140. {
  141. SetError(context, Strings.ApplicationOAuthProvider_InvalidPassword.ToUpperInvariant(), Strings.ApplicationOAuthProvider_PasswordIsRequired);
  142. valid = false;
  143. }
  144.  
  145. return valid;
  146. }
  147.  
  148. private readonly string _publicClientId;
  149. #endregion
  150. }
  151. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!