DocSpace-client/common/ASC.Api.Core/Auth/ConfirmAuthHandler.cs

using System;
using System.Collections.Generic;
using System.Net;
using System.Security.Authentication;
using System.Security.Claims;
using System.Text.Encodings.Web;
using System.Threading.Tasks;

using ASC.Core;
using ASC.Security.Cryptography;
using ASC.Web.Studio.Utility;

using Microsoft.AspNetCore.Authentication;
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Options;

namespace ASC.Api.Core.Auth
{
    public class ConfirmAuthHandler : AuthenticationHandler<AuthenticationSchemeOptions>
    {
        public ConfirmAuthHandler(IOptionsMonitor<AuthenticationSchemeOptions> options, ILoggerFactory logger, UrlEncoder encoder, ISystemClock clock) : base(options, logger, encoder, clock)
        {
        }

        protected override Task<AuthenticateResult> HandleAuthenticateAsync()
        {
            var emailValidationKeyModel = EmailValidationKeyModel.FromRequest(Context.Request);

            if (SecurityContext.IsAuthenticated && emailValidationKeyModel.Type != ConfirmType.EmailChange)
            {
                return Task.FromResult(AuthenticateResult.Success(new AuthenticationTicket(Context.User, new AuthenticationProperties(), Scheme.Name)));
            }

            var checkKeyResult = emailValidationKeyModel.Validate();

            var claims = new List<Claim>()
            {
                new Claim(ClaimTypes.Role, emailValidationKeyModel.Type.ToString())
            };

            if (checkKeyResult == EmailValidationKeyProvider.ValidationResult.Ok)
            {
                if (!SecurityContext.IsAuthenticated)
                {
                    if (emailValidationKeyModel.UiD.HasValue && !emailValidationKeyModel.UiD.Equals(Guid.Empty))
                    {
                        SecurityContext.AuthenticateMe(CoreContext.TenantManager.GetCurrentTenant().TenantId, emailValidationKeyModel.UiD.Value, claims);
                    }
                    else
                    {
                        SecurityContext.AuthenticateMe(ASC.Core.Configuration.Constants.CoreSystem, claims);
                    }
                }
                else
                {
                    SecurityContext.AuthenticateMe(SecurityContext.CurrentAccount, claims);
                }
            }

            var result = checkKeyResult switch
            {
                EmailValidationKeyProvider.ValidationResult.Ok => AuthenticateResult.Success(new AuthenticationTicket(Context.User, new AuthenticationProperties(), Scheme.Name)),
                _ => AuthenticateResult.Fail(new AuthenticationException(HttpStatusCode.Unauthorized.ToString()))
            };

            return Task.FromResult(result);
        }
    }
}
-												Confirm: fixed invite link

											
										
										
											2019-09-27 12:28:51 +00:00
+								using System;
 								using System.Collections.Generic;
-												Api: added confirm auth scheme

											
										
										
											2019-09-10 12:42:15 +00:00
+								using System.Net;
 								using System.Security.Authentication;
-												Auth: added additional roles

											
										
										
											2019-09-23 15:36:22 +00:00
+								using System.Security.Claims;
-												Api: added confirm auth scheme

											
										
										
											2019-09-10 12:42:15 +00:00
+								using System.Text.Encodings.Web;
 								using System.Threading.Tasks;
-												Auth: added additional roles

											
										
										
											2019-09-23 15:36:22 +00:00
-												Api: added confirm auth scheme

											
										
										
											2019-09-10 12:42:15 +00:00
+								using ASC.Core;
 								using ASC.Security.Cryptography;
 								using ASC.Web.Studio.Utility;
-												Auth: added additional roles

											
										
										
											2019-09-23 15:36:22 +00:00
-												Api: added confirm auth scheme

											
										
										
											2019-09-10 12:42:15 +00:00
+								using Microsoft.AspNetCore.Authentication;
 								using Microsoft.Extensions.Logging;
 								using Microsoft.Extensions.Options;
 								namespace ASC.Api.Core.Auth
 								{
 								    public class ConfirmAuthHandler : AuthenticationHandler<AuthenticationSchemeOptions>
 								    {
 								        public ConfirmAuthHandler(IOptionsMonitor<AuthenticationSchemeOptions> options, ILoggerFactory logger, UrlEncoder encoder, ISystemClock clock) : base(options, logger, encoder, clock)
 								        {
 								        }
 								        protected override Task<AuthenticateResult> HandleAuthenticateAsync()
 								        {
-												Auth: added check confirm method

											
										
										
											2019-09-26 13:36:53 +00:00
+								            var emailValidationKeyModel = EmailValidationKeyModel.FromRequest(Context.Request);
-												Auth: added additional roles

											
										
										
											2019-09-23 15:36:22 +00:00
-												Auth: added check confirm method

											
										
										
											2019-09-26 13:36:53 +00:00
+								            if (SecurityContext.IsAuthenticated && emailValidationKeyModel.Type != ConfirmType.EmailChange)
-												Api: added confirm auth scheme

											
										
										
											2019-09-10 12:42:15 +00:00
+								            {
 								                return Task.FromResult(AuthenticateResult.Success(new AuthenticationTicket(Context.User, new AuthenticationProperties(), Scheme.Name)));
 								            }
-												Auth: added check confirm method

											
										
										
											2019-09-26 13:36:53 +00:00
+								            var checkKeyResult = emailValidationKeyModel.Validate();
-												Api: added confirm auth scheme

											
										
										
											2019-09-10 12:42:15 +00:00
-												ConfirmAuth: PasswordChange

											
										
										
											2019-09-24 12:27:13 +00:00
+								            var claims = new List<Claim>()
-												Auth: added additional roles

											
										
										
											2019-09-23 15:36:22 +00:00
+								            {
-												Auth: added check confirm method

											
										
										
											2019-09-26 13:36:53 +00:00
+								                new Claim(ClaimTypes.Role, emailValidationKeyModel.Type.ToString())
-												Auth: added additional roles

											
										
										
											2019-09-23 15:36:22 +00:00
+								            };
-												Confirm: fixed invite link

											
										
										
											2019-09-27 12:28:51 +00:00
+								            if (checkKeyResult == EmailValidationKeyProvider.ValidationResult.Ok)
-												Auth: added additional roles

											
										
										
											2019-09-23 15:36:22 +00:00
+								            {
-												Confirm: fixed invite link

											
										
										
											2019-09-27 12:28:51 +00:00
+								                if (!SecurityContext.IsAuthenticated)
-												ConfirmAuthHandler: auth by uid

											
										
										
											2019-09-27 09:18:48 +00:00
+								                {
-												Confirm: fixed invite link

											
										
										
											2019-09-27 12:28:51 +00:00
+								                    if (emailValidationKeyModel.UiD.HasValue && !emailValidationKeyModel.UiD.Equals(Guid.Empty))
 								                    {
 								                        SecurityContext.AuthenticateMe(CoreContext.TenantManager.GetCurrentTenant().TenantId, emailValidationKeyModel.UiD.Value, claims);
 								                    }
 								                    else
 								                    {
 								                        SecurityContext.AuthenticateMe(ASC.Core.Configuration.Constants.CoreSystem, claims);
 								                    }
-												ConfirmAuthHandler: auth by uid

											
										
										
											2019-09-27 09:18:48 +00:00
+								                }
 								                else
 								                {
-												Confirm: fixed invite link

											
										
										
											2019-09-27 12:28:51 +00:00
+								                    SecurityContext.AuthenticateMe(SecurityContext.CurrentAccount, claims);
-												ConfirmAuthHandler: auth by uid

											
										
										
											2019-09-27 09:18:48 +00:00
+								                }
-												Auth: added additional roles

											
										
										
											2019-09-23 15:36:22 +00:00
+								            }
-												Api: added confirm auth scheme

											
										
										
											2019-09-10 12:42:15 +00:00
 								            var result = checkKeyResult switch
 								            {
 								                EmailValidationKeyProvider.ValidationResult.Ok => AuthenticateResult.Success(new AuthenticationTicket(Context.User, new AuthenticationProperties(), Scheme.Name)),
 								                _ => AuthenticateResult.Fail(new AuthenticationException(HttpStatusCode.Unauthorized.ToString()))
 								            };
 								            return Task.FromResult(result);
 								        }
 								    }
 								}