DocSpace-client/common/ASC.Api.Core/Auth/CookieAuthHandler.cs

using System.Net;
using System.Security.Authentication;
using System.Text.Encodings.Web;
using System.Threading.Tasks;

using ASC.Common;
using ASC.Core;
using ASC.Web.Core;
using ASC.Web.Core.Helpers;

using Microsoft.AspNetCore.Authentication;
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Options;

namespace ASC.Api.Core.Auth
{
    [Scope]
    public class CookieAuthHandler : AuthenticationHandler<AuthenticationSchemeOptions>
    {
        private AuthorizationHelper AuthorizationHelper { get; }
        private SecurityContext SecurityContext { get; }
        private CookiesManager CookiesManager { get; }

        public CookieAuthHandler(IOptionsMonitor<AuthenticationSchemeOptions> options, ILoggerFactory logger, UrlEncoder encoder, ISystemClock clock) : base(options, logger, encoder, clock)
        {
        }
        //
        public CookieAuthHandler(IOptionsMonitor<AuthenticationSchemeOptions> options, ILoggerFactory logger, UrlEncoder encoder, ISystemClock clock,
            AuthorizationHelper authorizationHelper,
            SecurityContext securityContext,
            CookiesManager cookiesManager)
            : this(options, logger, encoder, clock)
        {
            AuthorizationHelper = authorizationHelper;
            SecurityContext = securityContext;
            CookiesManager = cookiesManager;
        }

        protected override Task<AuthenticateResult> HandleAuthenticateAsync()
        {
            var result = AuthorizationHelper.ProcessBasicAuthorization(out _);

            if (!result)
            {
                SecurityContext.Logout();
                CookiesManager.ClearCookies(CookiesType.AuthKey);
                CookiesManager.ClearCookies(CookiesType.SocketIO);
            }

            return Task.FromResult(
                     result ?
                     AuthenticateResult.Success(new AuthenticationTicket(Context.User, new AuthenticationProperties(), Scheme.Name)) :
                     AuthenticateResult.Fail(new AuthenticationException(nameof(HttpStatusCode.Unauthorized)))
                     );
        }
    }
}
-												Api: refactoring

											
										
										
											2019-05-30 14:57:15 +00:00
+								using System.Net;
 								using System.Security.Authentication;
-												Replace Singletons with DI.
Added support for working with db.
Added first version of CookieAuthHandler.
Added PeopleController for test auth.

											
										
										
											2019-05-17 08:32:23 +00:00
+								using System.Text.Encodings.Web;
 								using System.Threading.Tasks;
-												Added DIHelper

											
										
										
											2020-02-17 08:58:14 +00:00
-												fix CookieAuthHandler

											
										
										
											2021-09-08 10:16:58 +00:00
+								using ASC.Common;
-												Replace Singletons with DI.
Added support for working with db.
Added first version of CookieAuthHandler.
Added PeopleController for test auth.

											
										
										
											2019-05-17 08:32:23 +00:00
+								using ASC.Core;
-												Cookie: logout after failed auth

											
										
										
											2021-09-07 19:58:01 +00:00
+								using ASC.Web.Core;
-												fixed bearer

											
										
										
											2021-09-24 09:08:10 +00:00
+								using ASC.Web.Core.Helpers;
-												Added DIHelper

											
										
										
											2020-02-17 08:58:14 +00:00
-												Replace Singletons with DI.
Added support for working with db.
Added first version of CookieAuthHandler.
Added PeopleController for test auth.

											
										
										
											2019-05-17 08:32:23 +00:00
+								using Microsoft.AspNetCore.Authentication;
 								using Microsoft.Extensions.Logging;
 								using Microsoft.Extensions.Options;
-												Api: added confirm auth scheme

											
										
										
											2019-09-10 12:42:15 +00:00
+								namespace ASC.Api.Core.Auth
-												Replace Singletons with DI.
Added support for working with db.
Added first version of CookieAuthHandler.
Added PeopleController for test auth.

											
										
										
											2019-05-17 08:32:23 +00:00
+								{
-												fix CookieAuthHandler

											
										
										
											2021-09-08 10:16:58 +00:00
+								    [Scope]
-												Replace Singletons with DI.
Added support for working with db.
Added first version of CookieAuthHandler.
Added PeopleController for test auth.

											
										
										
											2019-05-17 08:32:23 +00:00
+								    public class CookieAuthHandler : AuthenticationHandler<AuthenticationSchemeOptions>
 								    {
-												fixed bearer

											
										
										
											2021-09-24 09:08:10 +00:00
+								        private AuthorizationHelper AuthorizationHelper { get; }
-												Cookie: logout after failed auth

											
										
										
											2021-09-07 19:58:01 +00:00
+								        private SecurityContext SecurityContext { get; }
 								        private CookiesManager CookiesManager { get; }
-												Replace Singletons with DI.
Added support for working with db.
Added first version of CookieAuthHandler.
Added PeopleController for test auth.

											
										
										
											2019-05-17 08:32:23 +00:00
+								        public CookieAuthHandler(IOptionsMonitor<AuthenticationSchemeOptions> options, ILoggerFactory logger, UrlEncoder encoder, ISystemClock clock) : base(options, logger, encoder, clock)
 								        {
 								        }
-												Dependency injection
Packages updated

											
										
										
											2019-09-09 12:56:33 +00:00
+								        //
-												fixed bearer

											
										
										
											2021-09-24 09:08:10 +00:00
+								        public CookieAuthHandler(IOptionsMonitor<AuthenticationSchemeOptions> options, ILoggerFactory logger, UrlEncoder encoder, ISystemClock clock,
 								            AuthorizationHelper authorizationHelper,
 								            SecurityContext securityContext,
 								            CookiesManager cookiesManager)
-												Replace Singletons with DI.
Added support for working with db.
Added first version of CookieAuthHandler.
Added PeopleController for test auth.

											
										
										
											2019-05-17 08:32:23 +00:00
+								            : this(options, logger, encoder, clock)
 								        {
-												fixed bearer

											
										
										
											2021-09-24 09:08:10 +00:00
+								            AuthorizationHelper = authorizationHelper;
-												Dependency injection
Packages updated

											
										
										
											2019-09-09 12:56:33 +00:00
+								            SecurityContext = securityContext;
-												Cookie: logout after failed auth

											
										
										
											2021-09-07 19:58:01 +00:00
+								            CookiesManager = cookiesManager;
-												Replace Singletons with DI.
Added support for working with db.
Added first version of CookieAuthHandler.
Added PeopleController for test auth.

											
										
										
											2019-05-17 08:32:23 +00:00
+								        }
 								        protected override Task<AuthenticateResult> HandleAuthenticateAsync()
 								        {
-												fixed bearer

											
										
										
											2021-09-24 09:08:10 +00:00
+								            var result = AuthorizationHelper.ProcessBasicAuthorization(out _);
-												Replace Singletons with DI.
Added support for working with db.
Added first version of CookieAuthHandler.
Added PeopleController for test auth.

											
										
										
											2019-05-17 08:32:23 +00:00
-												Cookie: logout after failed auth

											
										
										
											2021-09-07 19:58:01 +00:00
+								            if (!result)
 								            {
 								                SecurityContext.Logout();
 								                CookiesManager.ClearCookies(CookiesType.AuthKey);
 								                CookiesManager.ClearCookies(CookiesType.SocketIO);
 								            }
-												fix AllowAnonymous

											
										
										
											2019-05-31 10:47:47 +00:00
+								            return Task.FromResult(
 								                     result ?
 								                     AuthenticateResult.Success(new AuthenticationTicket(Context.User, new AuthenticationProperties(), Scheme.Name)) :
-												analizators/U2U1115

											
										
										
											2022-01-17 08:22:52 +00:00
+								                     AuthenticateResult.Fail(new AuthenticationException(nameof(HttpStatusCode.Unauthorized)))
-												fix AllowAnonymous

											
										
										
											2019-05-31 10:47:47 +00:00
+								                     );
-												Replace Singletons with DI.
Added support for working with db.
Added first version of CookieAuthHandler.
Added PeopleController for test auth.

											
										
										
											2019-05-17 08:32:23 +00:00
+								        }
 								    }
 								}