yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f389cc9aa37417805f061a2d18ca88a8c21e350a
Umbraco-CMS/src/Umbraco.Web.Common/Security/ConfigureSecurityStampOptions.cs
Elitsa Marinovska 9c18cd22e0 V14: Deleted code marked as obsolete for V14 (#15998) 
* Obsoletions related to Delivery API

* Fix TypeLoader and TypeFinder tests

* Remove obsolete and default implementations of IFileSource and IFileTypeCollection

* More Delivery API related obsoletions

* VariationContextAccessor related

* ValueFactories obsoletion and fix references

* ValueSetBuilders obsoletions

* ValueConverters obsoletions

* Other obsolete ctors and methods

* Forgotten VariationContextAccessor obsoletion

* More obsoletions

* XPath related obsoletions

* Revert XmlHelper changes

* Delete RenamedRootNavigator and its tests

* Fix test

* XmlHelper obsoletion

* Return null instead of GetXPathValue

* Obsolete entire class instead

* Remove XPath obsoletions from IPublishedCache

* Remove XPath-related if-block that is no longer needed

* Change obsolete msg for classes needed for NuCache

* Moving classes to NuCache and making them internal

* Remove more XPath-related obsoletions

* Remove NavigableNavigator and its tests

* Cleanup

* Remove Xpath references from tests

* Revert interface deletion in MediaCache

* Using XOR operation

Co-authored-by: Nuklon <Nuklon@users.noreply.github.com>

---------

Co-authored-by: Nuklon <Nuklon@users.noreply.github.com>
2024-04-09 09:06:48 +02:00

61 lines
2.5 KiB
C#
Raw Blame History

using System.Security.Claims;
using Microsoft.AspNetCore.Identity;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Options;
using Umbraco.Cms.Core.Configuration.Models;
using Umbraco.Cms.Core.DependencyInjection;
using Umbraco.Extensions;
namespace Umbraco.Cms.Web.Common.Security;
public class ConfigureSecurityStampOptions : IConfigureOptions<SecurityStampValidatorOptions>
{
private readonly SecuritySettings _securitySettings;
public ConfigureSecurityStampOptions()
: this(StaticServiceProvider.Instance.GetRequiredService<IOptions<SecuritySettings>>())
{
}
public ConfigureSecurityStampOptions(IOptions<SecuritySettings> securitySettings)
=> _securitySettings = securitySettings.Value;
/// <summary>
/// Configures security stamp options and ensures any custom claims
/// set on the identity are persisted to the new identity when it's refreshed.
/// </summary>
/// <param name="options">Options for <see cref="ISecurityStampValidator"/>.</param>
/// <param name="securitySettings">The <see cref="SecuritySettings" /> options.</param>
public static void ConfigureOptions(SecurityStampValidatorOptions options, SecuritySettings securitySettings)
{
// Adjust the security stamp validation interval to a shorter duration
// when concurrent logins are not allowed and the duration has the default interval value
// (currently defaults to 30 minutes), ensuring quicker re-validation.
if (securitySettings.AllowConcurrentLogins is false && options.ValidationInterval == TimeSpan.FromMinutes(30))
{
options.ValidationInterval = TimeSpan.FromSeconds(30);
}
// When refreshing the principal, ensure custom claims that
// might have been set with an external identity continue
// to flow through to this new one.
options.OnRefreshingPrincipal = refreshingPrincipal =>
{
ClaimsIdentity? newIdentity = refreshingPrincipal.NewPrincipal?.Identities.First();
ClaimsIdentity? currentIdentity = refreshingPrincipal.CurrentPrincipal?.Identities.First();
if (currentIdentity is not null)
{
// Since this is refreshing an existing principal, we want to merge all claims.
newIdentity?.MergeAllClaims(currentIdentity);
}
return Task.CompletedTask;
};
}
/// <inheritdoc />
public void Configure(SecurityStampValidatorOptions options)
=> ConfigureOptions(options, _securitySettings);
}
Reference in New Issue View Git Blame Copy Permalink