This repository has been archived by the owner. It is now read-only.
Permalink
Browse files

move user service result values to context objects

  • Loading branch information...
brockallen committed Jun 1, 2015
1 parent a513bcd commit e30d4b60f0d21e06ea6a8076c8303d3453efa596
@@ -116,7 +116,10 @@ public async Task<IHttpActionResult> Login(string signin = null)
Logger.DebugFormat("signin message passed to login: {0}", JsonConvert.SerializeObject(signInMessage, Formatting.Indented));
var authResult = await userService.PreAuthenticateAsync(new PreAuthenticationContext { SignInMessage = signInMessage });
var preAuthContext = new PreAuthenticationContext { SignInMessage = signInMessage };
await userService.PreAuthenticateAsync(preAuthContext);
var authResult = preAuthContext.AuthenticateResult;
if (authResult != null)
{
if (authResult.IsError)
@@ -219,7 +222,9 @@ public async Task<IHttpActionResult> LoginLocal(string signin, LoginCredentials
SignInMessage = signInMessage
};
var authResult = await userService.AuthenticateLocalAsync(authenticationContext);
await userService.AuthenticateLocalAsync(authenticationContext);
var authResult = authenticationContext.AuthenticateResult;
if (authResult == null)
{
Logger.WarnFormat("user service indicated incorrect username or password for username: {0}", model.Username);
@@ -368,7 +373,9 @@ public async Task<IHttpActionResult> LoginExternalCallback(string error = null)
SignInMessage = signInMessage
};
var authResult = await userService.AuthenticateExternalAsync(externalContext);
await userService.AuthenticateExternalAsync(externalContext);
var authResult = externalContext.AuthenticateResult;
if (authResult == null)
{
Logger.Warn("user service failed to authenticate external identity");
@@ -518,8 +525,9 @@ public async Task<IHttpActionResult> ResumeLoginFromRedirect(string resume)
SignInMessage = signInMessage
};
result = await userService.AuthenticateExternalAsync(externalContext);
await userService.AuthenticateExternalAsync(externalContext);
result = externalContext.AuthenticateResult;
if (result == null)
{
Logger.Warn("user service failed to authenticate external identity");
@@ -36,5 +36,13 @@ public class ExternalAuthenticationContext
/// The sign in message.
/// </value>
public SignInMessage SignInMessage { get; set; }
/// <summary>
/// Gets or sets the authenticate result.
/// </summary>
/// <value>
/// The authenticate result.
/// </value>
public AuthenticateResult AuthenticateResult { get; set; }
}
}
@@ -23,12 +23,28 @@ namespace IdentityServer3.Core.Models
/// </summary>
public class IsActiveContext
{
/// <summary>
/// Initializes a new instance of the <see cref="IsActiveContext"/> class.
/// </summary>
public IsActiveContext()
{
IsActive = false;
}
/// <summary>
/// Gets or sets the subject.
/// </summary>
/// <value>
/// The subject.
/// </value>
public ClaimsPrincipal Subject { get; set; }
/// <summary>
/// Gets or sets a value indicating whether the subject is active and can recieve tokens.
/// </summary>
/// <value>
/// <c>true</c> if the subject is active; otherwise, <c>false</c>.
/// </value>
public bool IsActive { get; set; }
}
}
@@ -44,5 +44,13 @@ public class LocalAuthenticationContext
/// The sign in message.
/// </value>
public SignInMessage SignInMessage { get; set; }
/// <summary>
/// Gets or sets the authenticate result.
/// </summary>
/// <value>
/// The authenticate result.
/// </value>
public AuthenticateResult AuthenticateResult { get; set; }
}
}
@@ -28,5 +28,13 @@ public class PreAuthenticationContext
/// The sign in message.
/// </value>
public SignInMessage SignInMessage { get; set; }
/// <summary>
/// Gets or sets the authenticate result.
/// </summary>
/// <value>
/// The authenticate result.
/// </value>
public AuthenticateResult AuthenticateResult { get; set; }
}
}
@@ -15,6 +15,7 @@
*/
using System.Collections.Generic;
using System.Linq;
using System.Security.Claims;
namespace IdentityServer3.Core.Models
@@ -24,6 +25,14 @@ namespace IdentityServer3.Core.Models
/// </summary>
public class ProfileDataRequestContext
{
/// <summary>
/// Initializes a new instance of the <see cref="ProfileDataRequestContext"/> class.
/// </summary>
public ProfileDataRequestContext()
{
IssuedClaims = Enumerable.Empty<Claim>();
}
/// <summary>
/// Gets or sets the subject.
/// </summary>
@@ -64,6 +73,14 @@ public class ProfileDataRequestContext
/// </value>
public string Caller { get; set; }
/// <summary>
/// Gets or sets the issued claims.
/// </summary>
/// <value>
/// The issued claims.
/// </value>
public IEnumerable<Claim> IssuedClaims { get; set; }
/// <summary>
/// Initializes a new instance of the <see cref="ProfileDataRequestContext" /> class.
/// </summary>
@@ -123,7 +123,10 @@ public async Task<LoginInteractionResponse> ProcessLoginAsync(ValidatedAuthorize
if (isAuthenticated)
{
isActive = await _users.IsActiveAsync(new IsActiveContext { Subject = user });
var isActiveCtx = new IsActiveContext { Subject = user };
await _users.IsActiveAsync(isActiveCtx);
isActive = isActiveCtx.IsActive;
if (!isActive) Logger.Info("User is not active. Redirecting to login.");
}
@@ -56,7 +56,8 @@ public UserInfoResponseGenerator(IUserService users, IScopeStore scopes)
client,
Constants.ProfileDataCallers.UserInfoEndpoint);
profileClaims = await _users.GetProfileDataAsync(context);
await _users.GetProfileDataAsync(context);
profileClaims = context.IssuedClaims;
}
else
{
@@ -68,7 +69,8 @@ public UserInfoResponseGenerator(IUserService users, IScopeStore scopes)
Constants.ProfileDataCallers.UserInfoEndpoint,
requestedClaimTypes.ClaimTypes);
profileClaims = await _users.GetProfileDataAsync(context);
await _users.GetProfileDataAsync(context);
profileClaims = context.IssuedClaims;
}
if (profileClaims != null)
@@ -56,10 +56,8 @@ public CachingUserService(IUserService inner, ICache<IEnumerable<Claim>> cache)
/// user somehow based on data coming from the host (e.g. client certificates or trusted headers)
/// </summary>
/// <param name="context">The context.</param>
/// <returns>
/// The authentication result or null to continue the flow.
/// </returns>
public Task<AuthenticateResult> PreAuthenticateAsync(PreAuthenticationContext context)
/// <returns></returns>
public Task PreAuthenticateAsync(PreAuthenticationContext context)
{
return inner.PreAuthenticateAsync(context);
}
@@ -68,10 +66,8 @@ public Task<AuthenticateResult> PreAuthenticateAsync(PreAuthenticationContext co
/// This method gets called for local authentication (whenever the user uses the username and password dialog).
/// </summary>
/// <param name="context">The context.</param>
/// <returns>
/// The authentication result.
/// </returns>
public Task<AuthenticateResult> AuthenticateLocalAsync(LocalAuthenticationContext context)
/// <returns></returns>
public Task AuthenticateLocalAsync(LocalAuthenticationContext context)
{
return inner.AuthenticateLocalAsync(context);
}
@@ -80,10 +76,8 @@ public Task<AuthenticateResult> AuthenticateLocalAsync(LocalAuthenticationContex
/// This method gets called when the user uses an external identity provider to authenticate.
/// </summary>
/// <param name="context">The context.</param>
/// <returns>
/// The authentication result.
/// </returns>
public Task<AuthenticateResult> AuthenticateExternalAsync(ExternalAuthenticationContext context)
/// <returns></returns>
public Task AuthenticateExternalAsync(ExternalAuthenticationContext context)
{
return inner.AuthenticateExternalAsync(context);
}
@@ -102,24 +96,24 @@ public Task SignOutAsync(SignOutContext context)
/// This method is called whenever claims about the user are requested (e.g. during token creation or via the userinfo endpoint)
/// </summary>
/// <param name="context">The context.</param>
/// <returns>
/// Claims for the subject
/// </returns>
public Task<IEnumerable<Claim>> GetProfileDataAsync(ProfileDataRequestContext context)
/// <returns></returns>
public async Task GetProfileDataAsync(ProfileDataRequestContext context)
{
var key = GetKey(context.Subject, context.RequestedClaimTypes);
return cache.GetAsync(key, ()=>inner.GetProfileDataAsync(context));
context.IssuedClaims = await cache.GetAsync(key, async () =>
{
await inner.GetProfileDataAsync(context);
return context.IssuedClaims;
});
}
/// <summary>
/// This method gets called whenever identity server needs to determine if the user is valid or active
/// (e.g. during token issuance or validation).
/// </summary>
/// <param name="context">The context.</param>
/// <returns>
/// <c>true</c> if the user is still allowed to receive tokens; <c>false</c> otherwise.
/// </returns>
public Task<bool> IsActiveAsync(IsActiveContext context)
/// <returns></returns>
public Task IsActiveAsync(IsActiveContext context)
{
return inner.IsActiveAsync(context);
}
@@ -79,7 +79,9 @@ public virtual async Task<IEnumerable<Claim>> GetIdentityTokenClaimsAsync(Claims
client,
Constants.ProfileDataCallers.ClaimsProviderIdentityToken);
var claims = FilterProtocolClaims(await _users.GetProfileDataAsync(context));
await _users.GetProfileDataAsync(context);
var claims = FilterProtocolClaims(context.IssuedClaims);
if (claims != null)
{
outputClaims.AddRange(claims);
@@ -110,8 +112,10 @@ public virtual async Task<IEnumerable<Claim>> GetIdentityTokenClaimsAsync(Claims
client,
Constants.ProfileDataCallers.ClaimsProviderIdentityToken,
additionalClaims);
await _users.GetProfileDataAsync(context);
var claims = FilterProtocolClaims(await _users.GetProfileDataAsync(context));
var claims = FilterProtocolClaims(context.IssuedClaims);
if (claims != null)
{
outputClaims.AddRange(claims);
@@ -178,7 +182,9 @@ public virtual async Task<IEnumerable<Claim>> GetAccessTokenClaimsAsync(ClaimsPr
client,
Constants.ProfileDataCallers.ClaimsProviderAccessToken);
var claims = FilterProtocolClaims(await _users.GetProfileDataAsync(context));
await _users.GetProfileDataAsync(context);
var claims = FilterProtocolClaims(context.IssuedClaims);
if (claims != null)
{
outputClaims.AddRange(claims);
@@ -212,7 +218,9 @@ public virtual async Task<IEnumerable<Claim>> GetAccessTokenClaimsAsync(ClaimsPr
Constants.ProfileDataCallers.ClaimsProviderAccessToken,
additionalClaims.Distinct());
var claims = FilterProtocolClaims(await _users.GetProfileDataAsync(context));
await _users.GetProfileDataAsync(context);
var claims = FilterProtocolClaims(context.IssuedClaims);
if (claims != null)
{
outputClaims.AddRange(claims);
@@ -81,7 +81,10 @@ public virtual async Task<TokenValidationResult> ValidateAccessTokenAsync(TokenV
principal.Identities.First().AddClaim(new Claim(Constants.ClaimTypes.ReferenceTokenId, result.ReferenceTokenId));
}
if (await _users.IsActiveAsync(new IsActiveContext { Subject = principal }) == false)
var isActiveCtx = new IsActiveContext { Subject = principal };
await _users.IsActiveAsync(isActiveCtx);
if (isActiveCtx.IsActive == false)
{
Logger.Warn("User marked as not active: " + subClaim.Value);
@@ -128,7 +131,10 @@ public virtual async Task<TokenValidationResult> ValidateIdentityTokenAsync(Toke
{
var principal = Principal.Create("tokenvalidator", result.Claims.ToArray());
if (await _users.IsActiveAsync(new IsActiveContext { Subject = principal }) == false)
var isActiveCtx = new IsActiveContext { Subject = principal };
await _users.IsActiveAsync(isActiveCtx);
if (isActiveCtx.IsActive == false)
{
Logger.Warn("User marked as not active: " + subClaim.Value);
Oops, something went wrong.

0 comments on commit e30d4b6

Please sign in to comment.