Migrates remaining backofficecontroller but still a bunch of work to do , streamlines Backoffice to BackOffice (but is that what we want?)
This commit is contained in:
Shannon
@@ -26,7 +26,7 @@ namespace Umbraco.Web.Common.Install
|
||||
[Area(Umbraco.Core.Constants.Web.Mvc.InstallArea)]
|
||||
public class InstallController : Controller
|
||||
{
|
||||
private readonly IBackofficeSecurityAccessor _backofficeSecurityAccessor;
|
||||
private readonly IBackOfficeSecurityAccessor _backofficeSecurityAccessor;
|
||||
private readonly InstallHelper _installHelper;
|
||||
private readonly IRuntimeState _runtime;
|
||||
private readonly GlobalSettings _globalSettings;
|
||||
@@ -37,7 +37,7 @@ namespace Umbraco.Web.Common.Install
|
||||
private readonly IRuntimeMinifier _runtimeMinifier;
|
||||
|
||||
public InstallController(
|
||||
IBackofficeSecurityAccessor backofficeSecurityAccessor,
|
||||
IBackOfficeSecurityAccessor backofficeSecurityAccessor,
|
||||
InstallHelper installHelper,
|
||||
IRuntimeState runtime,
|
||||
IOptions<GlobalSettings> globalSettings,
|
||||
@@ -73,7 +73,7 @@ namespace Umbraco.Web.Common.Install
|
||||
// Update ClientDependency version and delete its temp directories to make sure we get fresh caches
|
||||
_runtimeMinifier.Reset();
|
||||
|
||||
var result = _backofficeSecurityAccessor.BackofficeSecurity.ValidateCurrentUser(false);
|
||||
var result = _backofficeSecurityAccessor.BackOfficeSecurity.ValidateCurrentUser(false);
|
||||
|
||||
switch (result)
|
||||
{
|
||||
|
||||
@@ -26,14 +26,14 @@ namespace Umbraco.Web.Common.Middleware
|
||||
private readonly IUmbracoRequestLifetimeManager _umbracoRequestLifetimeManager;
|
||||
private readonly IUmbracoContextFactory _umbracoContextFactory;
|
||||
private readonly IRequestCache _requestCache;
|
||||
private readonly IBackofficeSecurityFactory _backofficeSecurityFactory;
|
||||
private readonly IBackOfficeSecurityFactory _backofficeSecurityFactory;
|
||||
|
||||
public UmbracoRequestMiddleware(
|
||||
ILogger<UmbracoRequestMiddleware> logger,
|
||||
IUmbracoRequestLifetimeManager umbracoRequestLifetimeManager,
|
||||
IUmbracoContextFactory umbracoContextFactory,
|
||||
IRequestCache requestCache,
|
||||
IBackofficeSecurityFactory backofficeSecurityFactory)
|
||||
IBackOfficeSecurityFactory backofficeSecurityFactory)
|
||||
{
|
||||
_logger = logger;
|
||||
_umbracoRequestLifetimeManager = umbracoRequestLifetimeManager;
|
||||
@@ -52,7 +52,7 @@ namespace Umbraco.Web.Common.Middleware
|
||||
await next(context);
|
||||
return;
|
||||
}
|
||||
_backofficeSecurityFactory.EnsureBackofficeSecurity(); // Needs to be before UmbracoContext
|
||||
_backofficeSecurityFactory.EnsureBackOfficeSecurity(); // Needs to be before UmbracoContext
|
||||
var umbracoContextReference = _umbracoContextFactory.EnsureUmbracoContext();
|
||||
|
||||
|
||||
|
||||
@@ -76,8 +76,8 @@ namespace Umbraco.Web.Common.Runtime
|
||||
|
||||
// register the umbraco context factory
|
||||
composition.RegisterUnique<IUmbracoContextFactory, UmbracoContextFactory>();
|
||||
composition.RegisterUnique<IBackofficeSecurityFactory, BackofficeSecurityFactory>();
|
||||
composition.RegisterUnique<IBackofficeSecurityAccessor, HybridBackofficeSecurityAccessor>();
|
||||
composition.RegisterUnique<IBackOfficeSecurityFactory, BackOfficeSecurityFactory>();
|
||||
composition.RegisterUnique<IBackOfficeSecurityAccessor, HybridBackofficeSecurityAccessor>();
|
||||
|
||||
//register the install components
|
||||
//NOTE: i tried to not have these registered if we weren't installing or upgrading but post install when the site restarts
|
||||
|
||||
@@ -23,7 +23,7 @@ namespace Umbraco.Web.Common.Security
|
||||
// borrowed from https://github.com/dotnet/aspnetcore/blob/master/src/Identity/Core/src/SignInManager.cs
|
||||
private const string LoginProviderKey = "LoginProvider";
|
||||
// borrowed from https://github.com/dotnet/aspnetcore/blob/master/src/Identity/Core/src/SignInManager.cs
|
||||
private const string XsrfKey = "XsrfId";
|
||||
private const string XsrfKey = "XsrfId"; // TODO: See BackOfficeController.XsrfKey
|
||||
|
||||
private BackOfficeUserManager _userManager;
|
||||
|
||||
@@ -264,7 +264,7 @@ namespace Umbraco.Web.Common.Security
|
||||
// borrowed from https://github.com/dotnet/aspnetcore/blob/master/src/Identity/Core/src/SignInManager.cs#L422
|
||||
// to replace the auth scheme
|
||||
|
||||
var auth = await Context.AuthenticateAsync(Constants.Security.BackOfficeAuthenticationType);
|
||||
var auth = await Context.AuthenticateAsync(Constants.Security.BackOfficeExternalAuthenticationType);
|
||||
var items = auth?.Properties?.Items;
|
||||
if (auth?.Principal == null || items == null || !items.ContainsKey(LoginProviderKey))
|
||||
{
|
||||
|
||||
@@ -14,7 +14,7 @@ using Umbraco.Web.Security;
|
||||
namespace Umbraco.Web.Common.Security
|
||||
{
|
||||
|
||||
public class BackofficeSecurity : IBackofficeSecurity
|
||||
public class BackofficeSecurity : IBackOfficeSecurity
|
||||
{
|
||||
private readonly IUserService _userService;
|
||||
private readonly GlobalSettings _globalSettings;
|
||||
|
||||
@@ -9,33 +9,33 @@ using Umbraco.Core.Services;
|
||||
|
||||
namespace Umbraco.Web.Common.Security
|
||||
{
|
||||
public class BackofficeSecurityFactory: IBackofficeSecurityFactory
|
||||
public class BackOfficeSecurityFactory: IBackOfficeSecurityFactory
|
||||
{
|
||||
private readonly IBackofficeSecurityAccessor _backofficeSecurityAccessor;
|
||||
private readonly IBackOfficeSecurityAccessor _backOfficeSecurityAccessor;
|
||||
private readonly IUserService _userService;
|
||||
private readonly IOptions<GlobalSettings> _globalSettings;
|
||||
private readonly IHostingEnvironment _hostingEnvironment;
|
||||
private readonly IHttpContextAccessor _httpContextAccessor;
|
||||
|
||||
public BackofficeSecurityFactory(
|
||||
IBackofficeSecurityAccessor backofficeSecurityAccessor,
|
||||
public BackOfficeSecurityFactory(
|
||||
IBackOfficeSecurityAccessor backofficeSecurityAccessor,
|
||||
IUserService userService,
|
||||
IOptions<GlobalSettings> globalSettings,
|
||||
IHostingEnvironment hostingEnvironment,
|
||||
IHttpContextAccessor httpContextAccessor)
|
||||
{
|
||||
_backofficeSecurityAccessor = backofficeSecurityAccessor;
|
||||
_backOfficeSecurityAccessor = backofficeSecurityAccessor;
|
||||
_userService = userService;
|
||||
_globalSettings = globalSettings;
|
||||
_hostingEnvironment = hostingEnvironment;
|
||||
_httpContextAccessor = httpContextAccessor;
|
||||
}
|
||||
|
||||
public void EnsureBackofficeSecurity()
|
||||
public void EnsureBackOfficeSecurity()
|
||||
{
|
||||
if (_backofficeSecurityAccessor.BackofficeSecurity is null)
|
||||
if (_backOfficeSecurityAccessor.BackOfficeSecurity is null)
|
||||
{
|
||||
_backofficeSecurityAccessor.BackofficeSecurity = new BackofficeSecurity(_userService, _globalSettings, _hostingEnvironment, _httpContextAccessor);
|
||||
_backOfficeSecurityAccessor.BackOfficeSecurity = new BackofficeSecurity(_userService, _globalSettings, _hostingEnvironment, _httpContextAccessor);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -0,0 +1,13 @@
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Text;
|
||||
|
||||
namespace Umbraco.Web.Common.Security
|
||||
{
|
||||
// TODO: We need to implement this and extend it to support the back office external login options
|
||||
public interface IExternalAuthenticationOptions
|
||||
{
|
||||
ExternalSignInAutoLinkOptions Get(string authenticationType);
|
||||
}
|
||||
|
||||
}
|
||||
@@ -0,0 +1,59 @@
|
||||
using Microsoft.AspNetCore.Identity;
|
||||
using System;
|
||||
using Umbraco.Core.BackOffice;
|
||||
using Umbraco.Core.Configuration.Models;
|
||||
using SecurityConstants = Umbraco.Core.Constants.Security;
|
||||
|
||||
namespace Umbraco.Web.Common.Security
|
||||
{
|
||||
/// <summary>
|
||||
/// Options used to configure auto-linking external OAuth providers
|
||||
/// </summary>
|
||||
public class ExternalSignInAutoLinkOptions
|
||||
{
|
||||
/// <summary>
|
||||
/// Creates a new <see cref="ExternalSignInAutoLinkOptions"/> instance
|
||||
/// </summary>
|
||||
/// <param name="autoLinkExternalAccount"></param>
|
||||
/// <param name="defaultUserGroups">If null, the default will be the 'editor' group</param>
|
||||
/// <param name="defaultCulture"></param>
|
||||
public ExternalSignInAutoLinkOptions(
|
||||
bool autoLinkExternalAccount = false,
|
||||
string[] defaultUserGroups = null,
|
||||
string defaultCulture = null)
|
||||
{
|
||||
DefaultUserGroups = defaultUserGroups ?? new[] { SecurityConstants.EditorGroupAlias };
|
||||
AutoLinkExternalAccount = autoLinkExternalAccount;
|
||||
_defaultCulture = defaultCulture;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// A callback executed during account auto-linking and before the user is persisted
|
||||
/// </summary>
|
||||
public Action<BackOfficeIdentityUser, ExternalLoginInfo> OnAutoLinking { get; set; }
|
||||
|
||||
/// <summary>
|
||||
/// A callback executed during every time a user authenticates using an external login.
|
||||
/// returns a boolean indicating if sign in should continue or not.
|
||||
/// </summary>
|
||||
public Func<BackOfficeIdentityUser, ExternalLoginInfo, bool> OnExternalLogin { get; set; }
|
||||
|
||||
/// <summary>
|
||||
/// Flag indicating if logging in with the external provider should auto-link/create a local user
|
||||
/// </summary>
|
||||
public bool AutoLinkExternalAccount { get; }
|
||||
|
||||
/// <summary>
|
||||
/// The default user groups to assign to the created local user linked
|
||||
/// </summary>
|
||||
public string[] DefaultUserGroups { get; }
|
||||
|
||||
private readonly string _defaultCulture;
|
||||
|
||||
/// <summary>
|
||||
/// The default Culture to use for auto-linking users
|
||||
/// </summary>
|
||||
// TODO: Should we use IDefaultCultureAccessor here intead?
|
||||
public string GetUserAutoLinkCulture(GlobalSettings globalSettings) => _defaultCulture ?? globalSettings.DefaultUILanguage;
|
||||
}
|
||||
}
|
||||
@@ -31,7 +31,7 @@ namespace Umbraco.Web
|
||||
// warn: does *not* manage setting any IUmbracoContextAccessor
|
||||
internal UmbracoContext(
|
||||
IPublishedSnapshotService publishedSnapshotService,
|
||||
IBackofficeSecurity backofficeSecurity,
|
||||
IBackOfficeSecurity backofficeSecurity,
|
||||
GlobalSettings globalSettings,
|
||||
IHostingEnvironment hostingEnvironment,
|
||||
IVariationContextAccessor variationContextAccessor,
|
||||
@@ -80,7 +80,7 @@ namespace Umbraco.Web
|
||||
/// <summary>
|
||||
/// Gets the BackofficeSecurity class
|
||||
/// </summary>
|
||||
public IBackofficeSecurity Security { get; }
|
||||
public IBackOfficeSecurity Security { get; }
|
||||
|
||||
/// <summary>
|
||||
/// Gets the uri that is handled by ASP.NET after server-side rewriting took place.
|
||||
|
||||
@@ -31,7 +31,7 @@ namespace Umbraco.Web
|
||||
private readonly IHttpContextAccessor _httpContextAccessor;
|
||||
private readonly ICookieManager _cookieManager;
|
||||
private readonly IRequestAccessor _requestAccessor;
|
||||
private readonly IBackofficeSecurityAccessor _backofficeSecurityAccessor;
|
||||
private readonly IBackOfficeSecurityAccessor _backofficeSecurityAccessor;
|
||||
private readonly UriUtility _uriUtility;
|
||||
|
||||
/// <summary>
|
||||
@@ -49,7 +49,7 @@ namespace Umbraco.Web
|
||||
IHttpContextAccessor httpContextAccessor,
|
||||
ICookieManager cookieManager,
|
||||
IRequestAccessor requestAccessor,
|
||||
IBackofficeSecurityAccessor backofficeSecurityAccessor)
|
||||
IBackOfficeSecurityAccessor backofficeSecurityAccessor)
|
||||
{
|
||||
_umbracoContextAccessor = umbracoContextAccessor ?? throw new ArgumentNullException(nameof(umbracoContextAccessor));
|
||||
_publishedSnapshotService = publishedSnapshotService ?? throw new ArgumentNullException(nameof(publishedSnapshotService));
|
||||
@@ -80,7 +80,7 @@ namespace Umbraco.Web
|
||||
|
||||
return new UmbracoContext(
|
||||
_publishedSnapshotService,
|
||||
_backofficeSecurityAccessor.BackofficeSecurity,
|
||||
_backofficeSecurityAccessor.BackOfficeSecurity,
|
||||
_globalSettings,
|
||||
_hostingEnvironment,
|
||||
_variationContextAccessor,
|
||||
|
||||
Reference in New Issue
Block a user