public async Task <ActionResult> ACS(IFormCollection collection)
{
string samlResponse = "";
string redirect = "";
AuthResponse resp = new AuthResponse();
try
{
samlResponse = Encoding.UTF8.GetString(Convert.FromBase64String(collection["SAMLResponse"]));
redirect = Encoding.UTF8.GetString(Convert.FromBase64String(collection["RelayState"]));
resp.Deserialize(samlResponse);
}
catch (Exception ex)
{
_logger.LogError(ex, "Error reading SAML Response {0}", samlResponse);
}
if (resp.RequestStatus == SamlRequestStatus.Success)
{
//CookieOptions options = new CookieOptions();
//options.Expires = resp.SessionIdExpireDate;
//Response.Cookies.Delete("SPID_COOKIE");
//Response.Cookies.Append("SPID_COOKIE", JsonConvert.SerializeObject(resp), options);
var scheme = "SPIDCookie"; //CookieAuthenticationDefaults.AuthenticationScheme
var claims = resp.GetClaims();
var identityClaims = new List <Claim>();
foreach (var item in claims)
{
identityClaims.Add(new Claim(item.Key, item.Value, ClaimValueTypes.String, resp.Issuer));
}
identityClaims.Add(new Claim(ClaimTypes.Name, claims["Name"], ClaimValueTypes.String, resp.Issuer));
identityClaims.Add(new Claim(ClaimTypes.Surname, claims["FamilyName"], ClaimValueTypes.String, resp.Issuer));
identityClaims.Add(new Claim(ClaimTypes.Email, claims["Email"], ClaimValueTypes.String, resp.Issuer));
var identity = new ClaimsIdentity(identityClaims, scheme);
var principal = new ClaimsPrincipal(identity);
HttpContext.User = principal;
await AuthenticationHttpContextExtensions.SignInAsync(HttpContext, scheme, principal,
new AuthenticationProperties
{
ExpiresUtc = DateTime.UtcNow.AddMinutes(20),
IsPersistent = true,
AllowRefresh = false
});
}
if (string.IsNullOrEmpty(redirect))
{
redirect = "/";
}
return(Redirect(redirect));
}
/// <summary>
/// Sends an authorization request to the server.
/// </summary>
/// <param name="request">The request to send.</param>
/// <returns><see cref="Task"/></returns>
private async Task SendAuthRequestAsync(IRequest request)
{
try
{
var content = new HttpStringContent(request.Serialize());
content.Headers["Content-Type"] = "application/json";
var httpResponse = await _httpClient.PostAsync(new Uri(ServerUrl, UriKind.Absolute), content);
var response = new AuthResponse()
{
StatusCode = httpResponse.StatusCode
};
var buffer = await httpResponse.Content.ReadAsBufferAsync();
var bytes = buffer.ToArray();
response.Deserialize(Encoding.UTF8.GetString(bytes, 0, bytes.Length));
RaiseNewResponseEvent(response);
}
catch
{
var response = new AuthResponse {
StatusCode = HttpStatusCode.InternalServerError
};
RaiseNewResponseEvent(response);
}
}
/// <summary>
/// Performs Username/Password authentication.
/// </summary>
/// <exception cref="Socks5Exception">The server returned invalid or
/// unexpected data, or authentication failed.</exception>
private void Authenticate()
{
byte[] bytes = new AuthRequest(Username, Password).Serialize();
stream.Write(bytes, 0, bytes.Length);
// Read the server's response.
bytes = new byte[2];
stream.Read(bytes, 0, 2);
AuthResponse response = AuthResponse.Deserialize(bytes);
if (!response.Success)
{
throw new Socks5Exception("Authentication failed.");
}
}
