Diplomarbeit-Absolventenverein/oqtane.framework
9
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #3922 from sbwalker/dev

Browse Source 
add IdentityRevalidatingAuthenticationStateProvider
This commit is contained in:
Shaun Walker 2024-02-29 14:47:03 -05:00 committed by GitHub
commit f18e57b50e
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 76 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
Oqtane.Server/Extensions/ClaimsPrincipalExtensions.cs
View File

@ -50,5 +50,25 @@ namespace Oqtane.Extensions
return ""; return "";
} }
} }
public static int TenantId(this ClaimsPrincipal claimsPrincipal)
{
var sitekey = SiteKey(claimsPrincipal);
if (!string.IsNullOrEmpty(sitekey) && sitekey.Contains(":"))
{
return int.Parse(sitekey.Split(':')[0]);
}
return -1;
}
public static int SiteId(this ClaimsPrincipal claimsPrincipal)
{
var sitekey = SiteKey(claimsPrincipal);
if (!string.IsNullOrEmpty(sitekey) && sitekey.Contains(":"))
{
return int.Parse(sitekey.Split(':')[1]);
}
return -1;
}
} }
} }

53
Oqtane.Server/Providers/IdentityRevalidatingAuthenticationStateProvider.cs Normal file
View File

@ -0,0 +1,53 @@
using Microsoft.AspNetCore.Components.Authorization;
using Microsoft.AspNetCore.Components.Server;
using Microsoft.AspNetCore.Identity;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Options;
using System.Security.Claims;
using System.Threading.Tasks;
using System.Threading;
using System;
using Oqtane.Infrastructure;
using Oqtane.Extensions;
namespace Oqtane.Providers
{
internal sealed class IdentityRevalidatingAuthenticationStateProvider(
ILoggerFactory loggerFactory,
IServiceScopeFactory scopeFactory,
IOptions<IdentityOptions> options)
: RevalidatingServerAuthenticationStateProvider(loggerFactory)
{
protected override TimeSpan RevalidationInterval => TimeSpan.FromSeconds(20);
protected override async Task<bool> ValidateAuthenticationStateAsync(AuthenticationState authenticationState, CancellationToken cancellationToken)
{
await using var scope = scopeFactory.CreateAsyncScope();
var tenantManager = scope.ServiceProvider.GetRequiredService<ITenantManager>();
tenantManager.SetTenant(authenticationState.User.TenantId());
var userManager = scope.ServiceProvider.GetRequiredService<UserManager<IdentityUser>>();
return await ValidateSecurityStampAsync(userManager, authenticationState.User);
}
private async Task<bool> ValidateSecurityStampAsync(UserManager<IdentityUser> userManager, ClaimsPrincipal principal)
{
var user = await userManager.FindByNameAsync(principal.Identity.Name);
if (user is null)
{
return false;
}
else if (!userManager.SupportsUserSecurityStamp)
{
return true;
}
else
{
var principalStamp = principal.FindFirstValue(options.Value.ClaimsIdentity.SecurityStampClaimType);
var userStamp = await userManager.GetSecurityStampAsync(user);
//return principalStamp == userStamp; // security stamps need to be persisted in principal - they are stored in AspNetUsers
return true;
}
}
}
}

3
Oqtane.Server/Startup.cs
View File

@ -20,6 +20,8 @@ using Microsoft.Extensions.Logging;
using Oqtane.Components; using Oqtane.Components;
using Oqtane.UI; using Oqtane.UI;
using OqtaneSSR.Extensions; using OqtaneSSR.Extensions;
using Microsoft.AspNetCore.Components.Authorization;
using Oqtane.Providers;
namespace Oqtane namespace Oqtane
{ {
@ -108,6 +110,7 @@ namespace Oqtane
services.ConfigureOqtaneIdentityOptions(Configuration); services.ConfigureOqtaneIdentityOptions(Configuration);
services.AddCascadingAuthenticationState(); services.AddCascadingAuthenticationState();
services.AddScoped<AuthenticationStateProvider, IdentityRevalidatingAuthenticationStateProvider>();
services.AddAuthorization(); services.AddAuthorization();
services.AddAuthentication(options => services.AddAuthentication(options =>