public AuthResponse Execute(string stateToken, string link, ApiObject apiObject = null)
        {
            Link href = new Link();

            href.Href = new Uri(link);
            return(_authclient.Execute(stateToken, href, apiObject));
        }
Beispiel #2
0
        public ActionResult SetPassword(SetUserPassword setPassword)
        {
            logger.Debug("SetPassword ");
            //set parameters
            string relayState = Request["relayState"];

            if (string.IsNullOrEmpty(relayState) && Request.QueryString["RelayState"] != null)
            {
                relayState = Request.QueryString["RelayState"];
            }
            else if (string.IsNullOrEmpty(relayState) && TempData["relayState"] != null)
            {
                relayState = (string)TempData["relayState"];
            }
            TempData["relayState"] = relayState;
            string stateToken = Request["stateToken"];

            if (string.IsNullOrEmpty(stateToken) && TempData["stateToken"] != null)
            {
                stateToken = TempData["stateToken"].ToString();
            }
            TempData["stateToken"] = stateToken;
            string oktaId = Request["oktaId"];

            if (string.IsNullOrEmpty(oktaId) && TempData["oktaId"] != null)
            {
                oktaId = TempData["oktaId"].ToString();
            }
            TempData["oktaId"] = oktaId;
            string userName = Request["userName"];

            if (string.IsNullOrEmpty(userName) && TempData["userName"] != null)
            {
                userName = TempData["userName"].ToString();
            }
            TempData["userName"] = userName;

            string myStatus = null;
            string myStateToken;
            string mySessionToken;


            string myResourcePath;

            System.Uri myUri;


            //get AuthClient based on Org credentials
            OktaClient oktaClient = new OktaClient(MvcApplication.apiToken, MvcApplication.apiUrl);
            AuthClient authClient = oktaClient.GetAuthClient();

            try
            {
                myResourcePath = MvcApplication.apiUrl + Constants.EndpointV1 + Constants.AuthnEndpoint + Constants.CredentialsResetPasswordEndpoint;
                logger.Debug("url " + myResourcePath);
                myUri = new System.Uri(myResourcePath);

                ApiObject myApiObject = new ApiObject();
                myApiObject.SetProperty("newPassword", setPassword.newPassword);
                AuthResponse resetPasswordRsp = authClient.Execute(stateToken, myUri, myApiObject);

                logger.Debug("resetPasswordRsp status " + resetPasswordRsp.Status);
                myStatus       = resetPasswordRsp.Status;
                myStateToken   = resetPasswordRsp.StateToken;
                mySessionToken = resetPasswordRsp.SessionToken;


                userName = resetPasswordRsp.Embedded.User.Profile.Login;
            }
            catch (OktaException ex)
            {
                if (ex.ErrorCode == "E0000085")
                {
                    logger.Error("Access Denied by Polciy for User: "******"errMessage"] = "Access Denied by Polciy for User: "******"E0000080")
                {
                    logger.Error("Password Does not meet Complexity Requirements " + userName);
                    TempData["errMessage"] = "Password Does not meet Complexity Requirements: " + userName;
                    return(RedirectToAction("GetPassword", "ForgotPassword"));
                }
                else
                {
                    logger.Error(userName + " = " + ex.ErrorCode + ":" + ex.ErrorSummary);
                    // generic failure
                    TempData["errMessage"] = "Failed to Set Password as provided!";
                }
                return(RedirectToAction("Index", "Home"));
            }//end catch

            //checking for limited number of possible statuses
            switch (myStatus)
            {
            case "MFA_ENROLL":
                TempData["stateToken"] = myStateToken;
                return(RedirectToAction("InitiateMFAEnroll", "MfaEnroll"));

            case "MFA_REQUIRED":
                TempData["stateToken"] = myStateToken;
                return(RedirectToAction("InitiateMFAChallenge", "Mfa"));

            case "SUCCESS":
            //return RedirectToAction("ProcessSuccess", "EvaluateUser", new { passuser = userName, passId = oktaId, passSession = mySessionToken, passRelay = relayState });
            //break;
            default:
                logger.Debug("Status: " + myStatus);
                TempData["errMessage"] = "Status: " + myStatus;
                break;
            }

            return(RedirectToAction("Index", "Home"));
        }