public object Get(LoginRequest request)
{
TepWebContext context = new TepWebContext(PagePrivileges.EverybodyView);
string redirect = context.BaseUrl;
try {
context.Open();
context.LogInfo(this, "/login GET");
var client = new Connect2IdClient(context.GetConfigValue("sso-configUrl"));
client.SSOAuthEndpoint = context.GetConfigValue("sso-authEndpoint");
client.SSOApiClient = context.GetConfigValue("sso-clientId");
client.SSOApiSecret = context.GetConfigValue("sso-clientSecret");
client.SSOApiToken = context.GetConfigValue("sso-apiAccessToken");
if (!string.IsNullOrEmpty(request.return_to))
{
HttpContext.Current.Session["return_to"] = request.return_to;
}
var nonce = Guid.NewGuid().ToString();
HttpContext.Current.Session["oauth-nonce"] = nonce;
var scope = context.GetConfigValue("sso-scopes").Replace(",", "%20");
var oauthEndpoint = context.GetConfigValue("oauth-authEndpoint");
redirect = string.Format("{0}{1}client_id={2}&response_type={3}&nonce={4}&state={5}&redirect_uri={6}&ajax={7}&scope={8}",
oauthEndpoint,
oauthEndpoint.Contains("?") ? "&" : "?",
context.GetConfigValue("sso-clientId"),
"code",
nonce,
Guid.NewGuid().ToString(),
context.GetConfigValue("sso-callback"),
"false",
scope
);
context.Close();
} catch (Exception e) {
context.LogError(this, e.Message, e);
context.Close();
throw e;
}
return(OAuthUtils.DoRedirect(redirect, false));
}
public object Get(CallBackRequest request)
{
var redirect = "";
TepWebContext context = new TepWebContext(PagePrivileges.EverybodyView);
UserTep user = null;
try {
context.Open();
context.LogInfo(this, string.Format("/cb GET"));
if (!string.IsNullOrEmpty(request.error))
{
context.LogError(this, request.error);
context.EndSession();
return(OAuthUtils.DoRedirect(context.BaseUrl, false));
}
Connect2IdClient client = new Connect2IdClient(context.GetConfigValue("sso-configUrl"));
client.SSOAuthEndpoint = context.GetConfigValue("sso-authEndpoint");
client.SSOApiClient = context.GetConfigValue("sso-clientId");
client.SSOApiSecret = context.GetConfigValue("sso-clientSecret");
client.SSOApiToken = context.GetConfigValue("sso-apiAccessToken");
client.RedirectUri = context.GetConfigValue("sso-callback");
OauthTokenResponse tokenresponse;
try {
tokenresponse = client.AccessToken(request.Code);
DBCookie.StoreDBCookie(context, context.GetConfigValue("cookieID-token-access"), tokenresponse.access_token, null, tokenresponse.expires_in);
DBCookie.StoreDBCookie(context, context.GetConfigValue("cookieID-token-refresh"), tokenresponse.refresh_token, null);
DBCookie.StoreDBCookie(context, context.GetConfigValue("cookieID-token-id"), tokenresponse.id_token, null, tokenresponse.expires_in);
} catch (Exception e) {
DBCookie.DeleteDBCookie(context, context.GetConfigValue("cookieID-token-access"));
DBCookie.DeleteDBCookie(context, context.GetConfigValue("cookieID-token-refresh"));
DBCookie.DeleteDBCookie(context, context.GetConfigValue("cookieID-token-id"));
throw e;
}
TepLdapAuthenticationType auth = (TepLdapAuthenticationType)IfyWebContext.GetAuthenticationType(typeof(TepLdapAuthenticationType));
auth.SetConnect2IdCLient(client);
auth.TrustEmail = true;
user = (UserTep)auth.GetUserProfile(context);
if (user == null)
{
throw new Exception("Unable to load user");
}
context.LogDebug(this, string.Format("Loaded user '{0}'", user.Username));
if (string.IsNullOrEmpty(user.Email))
{
throw new Exception("Invalid email");
}
context.StartSession(auth, user);
context.SetUserInformation(auth, user);
DBCookie.StoreDBCookie(context, context.GetConfigValue("cookieID-token-access"), tokenresponse.access_token, user.Username, tokenresponse.expires_in);
DBCookie.StoreDBCookie(context, context.GetConfigValue("cookieID-token-refresh"), tokenresponse.refresh_token, user.Username);
DBCookie.StoreDBCookie(context, context.GetConfigValue("cookieID-token-id"), tokenresponse.id_token, user.Username, tokenresponse.expires_in);
redirect = context.GetConfigValue("dashboard_page");
if (string.IsNullOrEmpty(redirect))
{
redirect = context.GetConfigValue("BaseUrl");
}
if (!string.IsNullOrEmpty(HttpContext.Current.Session["return_to"] as string))
{
redirect = HttpContext.Current.Session["return_to"] as string;
HttpContext.Current.Session["return_to"] = null;
}
context.Close();
} catch (Exception e) {
context.LogError(this, e.Message, e);
context.Close();
throw e;
}
return(OAuthUtils.DoRedirect(redirect, false));
}
