hmaxnl/DotBased
1
1
Fork 0
mirror of https://github.com/hmaxnl/DotBased.git synced 2025-05-18 16:17:54 +02:00
Code Issues 3 Actions Packages Projects 1 Releases Wiki Activity

[WIP] Update AuthenticationService info

Browse Source
This commit is contained in:
max 2025-05-18 00:35:04 +02:00
parent 46dbd8c6f5
commit c225576c44
3 changed files with 14 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
DotBased.AspNet.Authority/Controllers/AuthorityController.cs
View File

@ -1,4 +1,3 @@
using System.Security.Claims;
using System.Text.Json; using System.Text.Json;
using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Authorization;
@ -8,14 +7,13 @@ namespace DotBased.AspNet.Authority.Controllers;
[ApiController] [ApiController]
[Route("[controller]")] [Route("[controller]")]
public class AuthorityController : ControllerBase public class AuthorityController(IAuthenticationService authenticationService) : ControllerBase
{ {
[HttpGet("auth/login")] [HttpGet("auth/login")]
[AllowAnonymous] [AllowAnonymous]
public async Task<ActionResult> LoginFromSchemeAsync([FromQuery(Name = "s")] string? scheme) public async Task<ActionResult> LoginFromSchemeAsync([FromQuery(Name = "s")] string? scheme, [FromQuery(Name = "ss")] string? sessionScheme)
{ {
var cPrincipal = new ClaimsPrincipal(); await authenticationService.AuthenticateAsync(HttpContext, scheme);
await HttpContext.SignInAsync(cPrincipal);
return Ok(); return Ok();
} }

14
DotBased.AspNet.Authority/Handlers/AuthorityLoginAuthenticationHandler.cs
View File

@ -1,4 +1,3 @@
using System.Security.Claims;
using System.Text.Encodings.Web; using System.Text.Encodings.Web;
using DotBased.AspNet.Authority.Managers; using DotBased.AspNet.Authority.Managers;
using DotBased.AspNet.Authority.Models.Options.Auth; using DotBased.AspNet.Authority.Models.Options.Auth;
@ -14,20 +13,11 @@ namespace DotBased.AspNet.Authority.Handlers;
public class AuthorityLoginAuthenticationHandler(IOptionsMonitor<AuthorityLoginOptions> options, public class AuthorityLoginAuthenticationHandler(IOptionsMonitor<AuthorityLoginOptions> options,
ILoggerFactory logger, ILoggerFactory logger,
UrlEncoder encoder, UrlEncoder encoder,
AuthorityManager manager) : SignInAuthenticationHandler<AuthorityLoginOptions>(options, logger, encoder) AuthorityManager manager) : AuthenticationHandler<AuthorityLoginOptions>(options, logger, encoder)
{ {
// Validate credentials
protected override Task<AuthenticateResult> HandleAuthenticateAsync() protected override Task<AuthenticateResult> HandleAuthenticateAsync()
{ {
throw new NotImplementedException(); throw new NotImplementedException();
} }
protected override Task HandleSignOutAsync(AuthenticationProperties? properties)
{
throw new NotImplementedException();
}
protected override Task HandleSignInAsync(ClaimsPrincipal user, AuthenticationProperties? properties)
{
throw new NotImplementedException();
}
} }

10
DotBased.AspNet.Authority/Services/AuthorityAuthenticationService.cs
View File

@ -20,27 +20,35 @@ public class AuthorityAuthenticationService(
public IReadOnlyCollection<SchemeInfo> GetSchemeInfos(SchemeType schemeType) => _options.SchemeInfoMap.Where(s => s.Type == schemeType).ToList(); public IReadOnlyCollection<SchemeInfo> GetSchemeInfos(SchemeType schemeType) => _options.SchemeInfoMap.Where(s => s.Type == schemeType).ToList();
public IReadOnlyCollection<SchemeInfo> GetAllSchemeInfos() => _options.SchemeInfoMap; public IReadOnlyCollection<SchemeInfo> GetAllSchemeInfos() => _options.SchemeInfoMap;
// Validate credentials
// Used internally by ASP.NET Core to determine if a user is authenticated. Can also be called manually to inspect authentication status.
public override Task<AuthenticateResult> AuthenticateAsync(HttpContext context, string? scheme) public override Task<AuthenticateResult> AuthenticateAsync(HttpContext context, string? scheme)
{ {
return base.AuthenticateAsync(context, scheme); return base.AuthenticateAsync(context, scheme);
} }
// Trigger login
// Used when access to a resource requires authentication, but the user has not provided valid credentials.
public override Task ChallengeAsync(HttpContext context, string? scheme, AuthenticationProperties? properties) public override Task ChallengeAsync(HttpContext context, string? scheme, AuthenticationProperties? properties)
{ {
return base.ChallengeAsync(context, scheme, properties); return base.ChallengeAsync(context, scheme, properties);
} }
// Log user in, set cookie/token
// Called after successfully validating user credentials (e.g., after login form submission), to establish an authenticated session.
public override Task SignInAsync(HttpContext context, string? scheme, ClaimsPrincipal principal, AuthenticationProperties? properties) public override Task SignInAsync(HttpContext context, string? scheme, ClaimsPrincipal principal, AuthenticationProperties? properties)
{ {
return base.SignInAsync(context, scheme, principal, properties); return base.SignInAsync(context, scheme, principal, properties);
} }
// Log out user and end auth session, remove cookie/token
public override Task SignOutAsync(HttpContext context, string? scheme, AuthenticationProperties? properties) public override Task SignOutAsync(HttpContext context, string? scheme, AuthenticationProperties? properties)
{ {
return base.SignOutAsync(context, scheme, properties); return base.SignOutAsync(context, scheme, properties);
} }
// Deny access, return 403/return forbid page
// Used when a user is authenticated but lacks required roles/claims/permissions.
public override Task ForbidAsync(HttpContext context, string? scheme, AuthenticationProperties? properties) public override Task ForbidAsync(HttpContext context, string? scheme, AuthenticationProperties? properties)
{ {
return base.ForbidAsync(context, scheme, properties); return base.ForbidAsync(context, scheme, properties);