public object Get(LoginRequest request) { TepWebContext context = new TepWebContext(PagePrivileges.EverybodyView); string redirect = context.BaseUrl; try { context.Open(); context.LogInfo(this, "/login GET"); var client = new Connect2IdClient(context.GetConfigValue("sso-configUrl")); client.SSOAuthEndpoint = context.GetConfigValue("sso-authEndpoint"); client.SSOApiClient = context.GetConfigValue("sso-clientId"); client.SSOApiSecret = context.GetConfigValue("sso-clientSecret"); client.SSOApiToken = context.GetConfigValue("sso-apiAccessToken"); if (!string.IsNullOrEmpty(request.return_to)) { HttpContext.Current.Session["return_to"] = request.return_to; } var nonce = Guid.NewGuid().ToString(); HttpContext.Current.Session["oauth-nonce"] = nonce; var scope = context.GetConfigValue("sso-scopes").Replace(",", "%20"); var oauthEndpoint = context.GetConfigValue("oauth-authEndpoint"); redirect = string.Format("{0}{1}client_id={2}&response_type={3}&nonce={4}&state={5}&redirect_uri={6}&ajax={7}&scope={8}", oauthEndpoint, oauthEndpoint.Contains("?") ? "&" : "?", context.GetConfigValue("sso-clientId"), "code", nonce, Guid.NewGuid().ToString(), context.GetConfigValue("sso-callback"), "false", scope ); context.Close(); } catch (Exception e) { context.LogError(this, e.Message, e); context.Close(); throw e; } return(OAuthUtils.DoRedirect(redirect, false)); }
public object Get(CallBackRequest request) { var redirect = ""; TepWebContext context = new TepWebContext(PagePrivileges.EverybodyView); UserTep user = null; try { context.Open(); context.LogInfo(this, string.Format("/cb GET")); if (!string.IsNullOrEmpty(request.error)) { context.LogError(this, request.error); context.EndSession(); return(OAuthUtils.DoRedirect(context.BaseUrl, false)); } Connect2IdClient client = new Connect2IdClient(context.GetConfigValue("sso-configUrl")); client.SSOAuthEndpoint = context.GetConfigValue("sso-authEndpoint"); client.SSOApiClient = context.GetConfigValue("sso-clientId"); client.SSOApiSecret = context.GetConfigValue("sso-clientSecret"); client.SSOApiToken = context.GetConfigValue("sso-apiAccessToken"); client.RedirectUri = context.GetConfigValue("sso-callback"); OauthTokenResponse tokenresponse; try { tokenresponse = client.AccessToken(request.Code); DBCookie.StoreDBCookie(context, context.GetConfigValue("cookieID-token-access"), tokenresponse.access_token, null, tokenresponse.expires_in); DBCookie.StoreDBCookie(context, context.GetConfigValue("cookieID-token-refresh"), tokenresponse.refresh_token, null); DBCookie.StoreDBCookie(context, context.GetConfigValue("cookieID-token-id"), tokenresponse.id_token, null, tokenresponse.expires_in); } catch (Exception e) { DBCookie.DeleteDBCookie(context, context.GetConfigValue("cookieID-token-access")); DBCookie.DeleteDBCookie(context, context.GetConfigValue("cookieID-token-refresh")); DBCookie.DeleteDBCookie(context, context.GetConfigValue("cookieID-token-id")); throw e; } TepLdapAuthenticationType auth = (TepLdapAuthenticationType)IfyWebContext.GetAuthenticationType(typeof(TepLdapAuthenticationType)); auth.SetConnect2IdCLient(client); auth.TrustEmail = true; user = (UserTep)auth.GetUserProfile(context); if (user == null) { throw new Exception("Unable to load user"); } context.LogDebug(this, string.Format("Loaded user '{0}'", user.Username)); if (string.IsNullOrEmpty(user.Email)) { throw new Exception("Invalid email"); } context.StartSession(auth, user); context.SetUserInformation(auth, user); DBCookie.StoreDBCookie(context, context.GetConfigValue("cookieID-token-access"), tokenresponse.access_token, user.Username, tokenresponse.expires_in); DBCookie.StoreDBCookie(context, context.GetConfigValue("cookieID-token-refresh"), tokenresponse.refresh_token, user.Username); DBCookie.StoreDBCookie(context, context.GetConfigValue("cookieID-token-id"), tokenresponse.id_token, user.Username, tokenresponse.expires_in); redirect = context.GetConfigValue("dashboard_page"); if (string.IsNullOrEmpty(redirect)) { redirect = context.GetConfigValue("BaseUrl"); } if (!string.IsNullOrEmpty(HttpContext.Current.Session["return_to"] as string)) { redirect = HttpContext.Current.Session["return_to"] as string; HttpContext.Current.Session["return_to"] = null; } context.Close(); } catch (Exception e) { context.LogError(this, e.Message, e); context.Close(); throw e; } return(OAuthUtils.DoRedirect(redirect, false)); }