IApplicationIdentityProviderService in assembly SanteDB.Core.Api version 3.0.1980.0
Summary
Represents a service which retrieves IApplicationIdentity and can authenticate to an IPrincipal for applications.
Description
In SanteDB, a security session is comprised of up to three security identities/principals:
(Optional) User identity representing the human using the application
(Optional) Device identity representing the device running the application, and
This service is what is used to authenticate the application identity from a central credential store of registered applications.
See: SanteDB authentication architecture
Events
| Event | Type | Description |
|---|
| EventHandler<AuthenticatedEventArgs> | Fired after an authentication request has been made. |
| EventHandler<AuthenticatingEventArgs> | Fired prior to an authentication request being made. |
Operations
| Operation | Response/Return | Input/Parameter | Description |
|---|
| | String applicationName
String applicationSecret | Authenticate the application identity. |
| | String applicationName
IPrincipal authenticationContext | Authenticate the application identity. |
| | String applicationName
String password
IPrincipal principal
Nullable<Guid> withSid | Create a basic identity in the provider |
| | | Gets the specified identity for an application. |
| | | Gets the specified identity for an application. |
| | | Gets the SID for the specified identity |
| | String applicationName
Boolean lockoutState
IPrincipal principal | |
| | String applicationName
String secret
IPrincipal principal | Change the specified application identity's secret |
| | String applicationName
IClaim claim
IPrincipal principal
Nullable<TimeSpan> expiry | |
| | | Get all active claims for the specified application |
| | String applicationName
String claimType
IPrincipal principal | Removes a claim from the specified device account |
Implementations
BridgedApplicationIdentityProvider - (SanteDB.Client)
Application identity provider service that bridges between local and upstream
Service Registration
...
<section xsi:type="ApplicationServiceContextConfigurationSection" threadPoolSize="4">
<serviceProviders>
...
<add type="SanteDB.Client.Upstream.Security.BridgedApplicationIdentityProvider, SanteDB.Client, Version=3.0.1980.0, Culture=neutral, PublicKeyToken=null" />
...
</serviceProviders>
UpstreamApplicationIdentityProvider - (SanteDB.Client)
Represents an implementation of a IApplicationIdentityProviderService which uses OAUTH
Service Registration
...
<section xsi:type="ApplicationServiceContextConfigurationSection" threadPoolSize="4">
<serviceProviders>
...
<add type="SanteDB.Client.Upstream.Security.UpstreamApplicationIdentityProvider, SanteDB.Client, Version=3.0.1980.0, Culture=neutral, PublicKeyToken=null" />
...
</serviceProviders>
AdoApplicationIdentityProvider - (SanteDB.Persistence.Data)
Application identity provider that uses the database to authenticate applications
Service Registration
...
<section xsi:type="ApplicationServiceContextConfigurationSection" threadPoolSize="4">
<serviceProviders>
...
<add type="SanteDB.Persistence.Data.Services.AdoApplicationIdentityProvider, SanteDB.Persistence.Data, Version=3.0.1980.0, Culture=neutral, PublicKeyToken=null" />
...
</serviceProviders>
Example Implementation
/// Example Implementation
using SanteDB.Core.Security.Services;
/// Other usings here
public class MyApplicationIdentityProviderService : SanteDB.Core.Security.Services.IApplicationIdentityProviderService {
public String ServiceName => "My own IApplicationIdentityProviderService service";
/// <summary>
/// Fired after an authentication request has been made.
/// </summary>
public event EventHandler<AuthenticatedEventArgs> Authenticated;
/// <summary>
/// Fired prior to an authentication request being made.
/// </summary>
public event EventHandler<AuthenticatingEventArgs> Authenticating;
/// <summary>
/// Authenticate the application identity.
/// </summary>
public IPrincipal Authenticate(String applicationName,String applicationSecret){
throw new System.NotImplementedException();
}
/// <summary>
/// Authenticate the application identity.
/// </summary>
public IPrincipal Authenticate(String applicationName,IPrincipal authenticationContext){
throw new System.NotImplementedException();
}
/// <summary>
/// Create a basic identity in the provider
/// </summary>
public IApplicationIdentity CreateIdentity(String applicationName,String password,IPrincipal principal,Nullable<Guid> withSid){
throw new System.NotImplementedException();
}
/// <summary>
/// Gets the specified identity for an application.
/// </summary>
public IApplicationIdentity GetIdentity(String applicationName){
throw new System.NotImplementedException();
}
/// <summary>
/// Gets the specified identity for an application.
/// </summary>
public IApplicationIdentity GetIdentity(Guid sid){
throw new System.NotImplementedException();
}
/// <summary>
/// Gets the SID for the specified identity
/// </summary>
public Guid GetSid(String name){
throw new System.NotImplementedException();
}
/// <summary>
/// Set the lockout status
/// </summary>
public void SetLockout(String applicationName,Boolean lockoutState,IPrincipal principal){
throw new System.NotImplementedException();
}
/// <summary>
/// Change the specified application identity's secret
/// </summary>
public void ChangeSecret(String applicationName,String secret,IPrincipal principal){
throw new System.NotImplementedException();
}
/// <summary>
/// Add a to
/// </summary>
public void AddClaim(String applicationName,IClaim claim,IPrincipal principal,Nullable<TimeSpan> expiry){
throw new System.NotImplementedException();
}
/// <summary>
/// Get all active claims for the specified application
/// </summary>
public IEnumerable<IClaim> GetClaims(String applicationName){
throw new System.NotImplementedException();
}
/// <summary>
/// Removes a claim from the specified device account
/// </summary>
public void RemoveClaim(String applicationName,String claimType,IPrincipal principal){
throw new System.NotImplementedException();
}
}
References
