/// <summary> /// Handles the click event on the logon button. /// </summary> /// <param name="sender">The sender.</param> /// <param name="e">The event arguments.</param> private void _logonButton_Click(object sender, EventArgs e) { // Get the user provider. var userProvider = this.Container.Resolve <IUserProvider>(); // Get the principal object for the current user. IPrincipal principal; try { principal = userProvider.Logon(this._loginTextBox.Text, this._passwordTextBox.Text); } catch (SecurityException) { return; } // Create the sign in request. var signInRequestMessage = (SignInRequestMessage)WSFederationMessage.CreateFromUri(this.Request.Url); // Create the security token service. var securityTokenService = new SecurityTokenService(new SecurityTokenServiceConfiguration()); // Send the sign request to the security token service and get a sign in response. var signInResponseMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest( signInRequestMessage, principal, securityTokenService); // Redirect based on the sign in response. FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse( signInResponseMessage, this.Response); }
protected void Page_Load() { string action = this.Request.QueryString[WSFederationConstants.Parameters.Action]; if (action == WSFederationConstants.Actions.SignIn) { // Process signin request. if (SimulatedWindowsAuthenticationOperations.TryToAuthenticateUser(this.Context, this.Request, this.Response)) { SecurityTokenService sts = new IdentityProviderSecurityTokenService(IdentityProviderSecurityTokenServiceConfiguration.Current); var requestMessage = (SignInRequestMessage)WSFederationMessage.CreateFromUri(this.Request.Url); SignInResponseMessage responseMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(requestMessage, this.User, sts); FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse(responseMessage, this.Response); } } else if (action == WSFederationConstants.Actions.SignOut) { // Process signout request in the default page. this.Response.Redirect("~/?" + this.Request.QueryString, false); } else { throw new InvalidOperationException( String.Format( CultureInfo.InvariantCulture, "The action '{0}' (Request.QueryString['{1}']) is unexpected. Expected actions are: '{2}' or '{3}'.", String.IsNullOrEmpty(action) ? "<EMPTY>" : action, WSFederationConstants.Parameters.Action, WSFederationConstants.Actions.SignIn, WSFederationConstants.Actions.SignOut)); } }
public IHttpActionResult LoginMock(string id) { if (string.IsNullOrWhiteSpace(id)) { return(BadRequest("No relying party id provided")); } IRelyingParty rp = STSConfiguration <RelyingParty> .Current.RelyingParties.FindByName(id); if (rp == null) { return(BadRequest(string.Format("Relying party with id {0} was not found", id))); } var sts = new SimpleSts(rp.GetStsConfiguration()); var rMessage = rp.GetSignInRequestMessage(Request.RequestUri); ClaimsPrincipal principal = GetMockPrincipalPrincipal(GetMockUser(rMessage)); //ClearAllCookies(); SignInResponseMessage res = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(rMessage, principal, sts); FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse(res, HttpContext.Current.Response); return(StatusCode(HttpStatusCode.NoContent)); }
protected override void OnLoad(EventArgs e) { string action = this.Request.QueryString[WSFederationConstants.Parameters.Action]; if (action == WSFederationConstants.Actions.SignIn) { // Process signin request. var requestMessage = (SignInRequestMessage)WSFederationMessage.CreateFromUri(this.Request.Url); if (this.User != null && this.User.Identity.IsAuthenticated) { SecurityTokenService sts = new IdentityProviderSecurityTokenService(IdentityProviderSecurityTokenServiceConfiguration.Current); SignInResponseMessage responseMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(requestMessage, this.User, sts); FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse(responseMessage, this.Response); } else { throw new UnauthorizedAccessException(); } } else if (action == WSFederationConstants.Actions.SignOut || action == WSFederationConstants.Actions.SignOutCleanup) { // Process signout request. WSFederationMessage requestMessage = WSFederationMessage.CreateFromUri(this.Request.Url); FederatedPassiveSecurityTokenServiceOperations.ProcessSignOutRequest(requestMessage, this.User, null, this.Response); // Simulate what happens when you sign out of WIF to send a response that everything was Ok var signOutImage = new byte[] { 71, 73, 70, 56, 57, 97, 17, 0, 13, 0, 162, 0, 0, 255, 255, 255, 169, 240, 169, 125, 232, 125, 82, 224, 82, 38, 216, 38, 0, 0, 0, 0, 0, 0, 0, 0, 0, 33, 249, 4, 5, 0, 0, 5, 0, 44, 0, 0, 0, 0, 17, 0, 13, 0, 0, 8, 84, 0, 11, 8, 28, 72, 112, 32, 128, 131, 5, 19, 22, 56, 24, 128, 64, 0, 0, 10, 13, 54, 116, 8, 49, 226, 193, 1, 4, 6, 32, 36, 88, 113, 97, 0, 140, 26, 11, 30, 68, 8, 64, 0, 129, 140, 29, 5, 2, 56, 73, 209, 36, 202, 132, 37, 79, 14, 112, 73, 81, 97, 76, 150, 53, 109, 210, 36, 32, 32, 37, 76, 151, 33, 35, 26, 20, 16, 84, 168, 65, 159, 9, 3, 2, 0, 59 }; this.Response.Cache.SetCacheability(HttpCacheability.NoCache); this.Response.ClearContent(); this.Response.ContentType = "image/gif"; this.Response.BinaryWrite(signOutImage); } else { throw new InvalidOperationException( String.Format( CultureInfo.InvariantCulture, "The action '{0}' (Request.QueryString['{1}']) is unexpected. Expected actions are: '{2}' or '{3}'.", String.IsNullOrEmpty(action) ? "<EMPTY>" : action, WSFederationConstants.Parameters.Action, WSFederationConstants.Actions.SignIn, WSFederationConstants.Actions.SignOut)); } base.OnLoad(e); }
private void ActionSignon() { var message = (SignInRequestMessage)WSFederationMessage.CreateFromUri(Request.Url); var user = new ClaimsPrincipal(new ClaimsIdentity(new List <Claim>(), AuthenticationType)); var responseMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest( message, user, SecurityTokenService); FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse( responseMessage, System.Web.HttpContext.Current.Response); }
/// <summary> /// Performs WS-Federation Passive Protocol processing. /// </summary> protected void Page_PreRender(object sender, EventArgs e) { string action = Request.QueryString[WSFederationConstants.Parameters.Action]; try { if (action == WSFederationConstants.Actions.SignIn) { // Process signin request. var requestMessage = (SignInRequestMessage)WSFederationMessage.CreateFromUri(Request.Url); if (User != null && User.Identity.IsAuthenticated) { SecurityTokenService sts = new CustomSecurityTokenService(CustomSecurityTokenServiceConfiguration.Current); SignInResponseMessage responseMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(requestMessage, User as ClaimsPrincipal, sts); FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse(responseMessage, Response); } else { throw new UnauthorizedAccessException(); } } else if (action == WSFederationConstants.Actions.SignOut) { // Process signout request. var requestMessage = (SignOutRequestMessage)WSFederationMessage.CreateFromUri(Request.Url); FederatedPassiveSecurityTokenServiceOperations.ProcessSignOutRequest(requestMessage, User as ClaimsPrincipal, requestMessage.Reply, Response); } else { throw new InvalidOperationException( String.Format(CultureInfo.InvariantCulture, "The action '{0}' (Request.QueryString['{1}']) is unexpected. Expected actions are: '{2}' or '{3}'.", String.IsNullOrEmpty(action) ? "<EMPTY>" : action, WSFederationConstants.Parameters.Action, WSFederationConstants.Actions.SignIn, WSFederationConstants.Actions.SignOut)); } } catch (ThreadAbortException) { // Swallow exception } catch (Exception genericException) { throw new Exception( "An unexpected error occurred when processing the request. See inner exception for details.", genericException); } }
public virtual void ProcessSignIn(ClaimsPrincipal principal, Uri requestUri) { // Get the current context. HttpContext context = HttpContext.Current; // Create the signin request message based on the current request context. SignInRequestMessage requestMessage = (SignInRequestMessage)WSFederationMessage.CreateFromUri(requestUri); // Create the signin response message based on the processing the signin request. SignInResponseMessage responseMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(requestMessage, principal, this); // Process the signin response. FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse(responseMessage, context.Response); }
private void HandleSignInRequest() { SignInRequestMessage requestMessage = (SignInRequestMessage)WSFederationMessage.CreateFromUri(Request.Url); if (this.User != null && this.User.Identity != null && this.User.Identity.IsAuthenticated) { SecurityTokenService sts = new IdentityProviderSecurityTokenService(IdentityProviderSecurityTokenServiceConfiguration.Current); SignInResponseMessage responseMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(requestMessage, User, sts); FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse(responseMessage, this.Response); } else { throw new UnauthorizedAccessException(); } }
private ActionResult HandleTailspinSignInResponse(string userNameToValidate, Uri originalRequestUrl) { var ctx = System.Web.HttpContext.Current; SignInRequestMessage requestMessage = (SignInRequestMessage)WSFederationMessage.CreateFromUri(originalRequestUrl); SecurityTokenService sts = new IdentityProviderSecurityTokenService(SecurityTokenServiceConfiguration <IdentityProviderSecurityTokenService> .Current) { CustomUserName = userNameToValidate }; SignInResponseMessage responseMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(requestMessage, this.User, sts); FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse(responseMessage, ctx.Response); return(this.Content(responseMessage.WriteFormPost())); }
public bool SignIn() { try { SecurityTokenService sts = new TelligentSTS(Configuration); var requestMessage = WSFederationMessage.CreateFromUri(HttpContext.Current.Request.Url) as SignInRequestMessage; var responseMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(requestMessage, HttpContext.Current.User, sts); FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse(responseMessage, HttpContext.Current.Response); } catch (Exception) { SPLog.Event("SAML Authentication SignIn failed or FedAuth cookie expired."); } return(true); }
private void ActionSignon() { var message = (SignInRequestMessage)WSFederationMessage.CreateFromUri(Request.Url); var userName = User.Identity.GetUserName(); var claims = new List <Claim> { new Claim(ClaimTypes.Name, userName) }; var principal = new ClaimsPrincipal(new ClaimsIdentity(claims)); var responseMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest( message, principal, SecurityTokenService); FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse( responseMessage, System.Web.HttpContext.Current.Response); }
private ActionResult HandleSignInResponse(string contextId) { var ctxCookie = this.Request.Cookies[contextId]; if (ctxCookie == null) { throw new InvalidOperationException("Context cookie not found"); } var originalRequestUri = new Uri(ctxCookie.Value); this.DeleteContextCookie(contextId); SignInRequestMessage requestMessage = (SignInRequestMessage)WSFederationMessage.CreateFromUri(originalRequestUri); SecurityTokenService sts = new FederationSecurityTokenService(SecurityTokenServiceConfiguration <FederationSecurityTokenService> .Current); SignInResponseMessage responseMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(requestMessage, User, sts); FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse(responseMessage, this.HttpContext.ApplicationInstance.Response); return(this.Content(responseMessage.WriteFormPost())); }
protected override void OnPreRender(EventArgs e) { string action = this.Request.QueryString[WSFederationConstants.Parameters.Action]; if (action == WSFederationConstants.Actions.SignIn) { // Process signin request. var requestMessage = (SignInRequestMessage)WSFederationMessage.CreateFromUri(this.Request.Url); if (this.User != null && this.User.Identity.IsAuthenticated) { SecurityTokenService sts = new IdentityProviderSecurityTokenService(IdentityProviderSecurityTokenServiceConfiguration.Current); SignInResponseMessage responseMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(requestMessage, this.User, sts); FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse(responseMessage, this.Response); } else { throw new UnauthorizedAccessException(); } } else if (action == WSFederationConstants.Actions.SignOut) { // Process signout request. var requestMessage = (SignOutRequestMessage)WSFederationMessage.CreateFromUri(this.Request.Url); FederatedPassiveSecurityTokenServiceOperations.ProcessSignOutRequest(requestMessage, this.User, null, this.Response); this.ActionExplanationLabel.Text = @"Sign out from the issuer has been requested."; } else { throw new InvalidOperationException( String.Format( CultureInfo.InvariantCulture, "The action '{0}' (Request.QueryString['{1}']) is unexpected. Expected actions are: '{2}' or '{3}'.", String.IsNullOrEmpty(action) ? "<EMPTY>" : action, WSFederationConstants.Parameters.Action, WSFederationConstants.Actions.SignIn, WSFederationConstants.Actions.SignOut)); } }
protected override void OnLoad(EventArgs e) { string action = this.Request.QueryString[WSFederationConstants.Parameters.Action]; if (action == WSFederationConstants.Actions.SignIn) { // Process signin request. if (SimulatedWindowsAuthenticationOperations.TryToAuthenticateUser(this.Context, this.Request, this.Response)) { //This is the second time through SecurityTokenService sts = new IdentityProviderSecurityTokenService(IdentityProviderSecurityTokenServiceConfiguration.Current); var requestMessage = (SignInRequestMessage)WSFederationMessage.CreateFromUri(this.Request.Url); SignInResponseMessage responseMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(requestMessage, this.User, sts); //responseMessage = getMessage(); FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse(responseMessage, this.Response); var response = this.Response; } } else if (action == WSFederationConstants.Actions.SignOut || action == WSFederationConstants.Actions.SignOutCleanup) { // Process signout request in the SignOut page. We do this because we have different styling for signout vs signin this.Response.Redirect("~/SignOut.aspx?" + this.Request.QueryString, false); } else { throw new InvalidOperationException( String.Format( CultureInfo.InvariantCulture, "The action '{0}' (Request.QueryString['{1}']) is unexpected. Expected actions are: '{2}' or '{3}'.", String.IsNullOrEmpty(action) ? "<EMPTY>" : action, WSFederationConstants.Parameters.Action, WSFederationConstants.Actions.SignIn, WSFederationConstants.Actions.SignOut)); } base.OnLoad(e); }
private void HandleSignInResponse(WSFederationMessage responseMessageFromIssuer) { var contextId = responseMessageFromIssuer.Context; var ctxCookie = this.Request.Cookies[contextId]; if (ctxCookie == null) { throw new InvalidOperationException("Context cookie not found"); } var originalRequestUri = new Uri(ctxCookie.Value); this.DeleteContextCookie(contextId); var requestMessage = (SignInRequestMessage)WSFederationMessage.CreateFromUri(originalRequestUri); SecurityTokenService sts = new FederationSecurityTokenService(FederationSecurityTokenServiceConfiguration.Current); SignInResponseMessage responseMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(requestMessage, this.User, sts); FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse(responseMessage, this.Response); }
/// <summary> /// Performs WS-Federation Passive Protocol processing. /// </summary> protected void Page_PreRender(object sender, EventArgs e) { string action = Request.QueryString[WSFederationConstants.Parameters.Action]; try { if (action == WSFederationConstants.Actions.SignIn) { // Process signin request. SignInRequestMessage requestMessage = (SignInRequestMessage)WSFederationMessage.CreateFromUri(Request.Url); if (User != null && User.Identity != null && User.Identity.IsAuthenticated) { SecurityTokenService sts = new CustomSecurityTokenService(CustomSecurityTokenServiceConfiguration.Current); SignInResponseMessage responseMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(requestMessage, User, sts); FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse(responseMessage, Response); } else { throw new UnauthorizedAccessException(); } } else if (action == WSFederationConstants.Actions.SignOut) { // Process signout request. SignOutRequestMessage requestMessage = (SignOutRequestMessage)WSFederationMessage.CreateFromUri(Request.Url); FederatedPassiveSecurityTokenServiceOperations.ProcessSignOutRequest(requestMessage, User, requestMessage.Reply, Response); } else if (action == null && SocialAuthUser.IsLoggedIn()) { string originalUrl = SocialAuthUser.GetCurrentUser().GetConnection(SocialAuthUser.CurrentProvider).GetConnectionToken().UserReturnURL; //replace ru value int wctxBeginsFrom = originalUrl.IndexOf("wctx="); int wctxEndsAt = originalUrl.IndexOf("&wct="); string wctxContent = originalUrl.Substring(wctxBeginsFrom + 5, wctxEndsAt - (wctxBeginsFrom + 5)); originalUrl = originalUrl.Replace(wctxContent, Server.UrlEncode(wctxContent)); //replace wtrealm value int wtrealmBeginsFrom = originalUrl.IndexOf("wtrealm="); int wtrealmEndsAt = originalUrl.IndexOf("&", wtrealmBeginsFrom); string wtrealmContent = originalUrl.Substring(wtrealmBeginsFrom + 8, wtrealmEndsAt - (wtrealmBeginsFrom + 8)); originalUrl = originalUrl.Replace(wtrealmContent, Server.UrlEncode(wtrealmContent)); SignInRequestMessage requestMessage = (SignInRequestMessage)WSFederationMessage.CreateFromUri(new Uri(originalUrl)); if (User != null && User.Identity != null && User.Identity.IsAuthenticated) { SecurityTokenService sts = new CustomSecurityTokenService(CustomSecurityTokenServiceConfiguration.Current); SignInResponseMessage responseMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(requestMessage, User, sts); FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse(responseMessage, Response); } } else { throw new InvalidOperationException( String.Format(CultureInfo.InvariantCulture, "The action '{0}' (Request.QueryString['{1}']) is unexpected. Expected actions are: '{2}' or '{3}'.", String.IsNullOrEmpty(action) ? "<EMPTY>" : action, WSFederationConstants.Parameters.Action, WSFederationConstants.Actions.SignIn, WSFederationConstants.Actions.SignOut)); } } catch (Exception exception) { throw new Exception("An unexpected error occurred when processing the request. See inner exception for details.", exception); } }
public async Task <IHttpActionResult> Login(string relyingPartyName) { if (string.IsNullOrWhiteSpace(relyingPartyName)) { return(BadRequest("No relying party id provided")); } string action; NameValueCollection content = null; NameValueCollection qs = Request.RequestUri.ParseQueryString(); action = qs.Get(WSFederationConstants.Parameters.Action); if (string.IsNullOrWhiteSpace(action)) { content = await Request.Content.ReadAsFormDataAsync(); action = content.Get(WSFederationConstants.Parameters.Action); } if (action == WSFederationConstants.Actions.SignIn) { IRelyingParty rp = STSConfiguration <RelyingParty> .Current.RelyingParties.FindByName(relyingPartyName); if (this.User != null && this.User.Identity.IsAuthenticated) { if (content == null) { content = await Request.Content.ReadAsFormDataAsync(); } WSFederationMessage responseMessageFromIssuer = WSFederationMessage.CreateFromNameValueCollection(Request.RequestUri, content); var contextId = responseMessageFromIssuer.Context; var ctxCookie = System.Web.HttpContext.Current.Request.Cookies[contextId]; if (ctxCookie == null) { throw new InvalidOperationException("Context cookie not found"); } var originalRequestUri = new Uri(ctxCookie.Value); HttpCookie cookie = DeleteContextCookie(contextId); System.Web.HttpContext.Current.Response.Cookies.Add(cookie); var requestMessage = (SignInRequestMessage)WSFederationMessage.CreateFromUri(originalRequestUri); var sts = new SimpleSts(rp.GetStsConfiguration()); SignInResponseMessage rm = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(requestMessage, User as ClaimsPrincipal, sts); //WSTrustSerializationContext context = new WSTrustSerializationContext(FederatedAuthentication.FederationConfiguration.IdentityConfiguration.SecurityTokenHandlerCollectionManager); //WSFederationSerializer fedSer = new WSFederationSerializer(); //RequestSecurityTokenResponse token = fedSer.CreateResponse(rm, context); //token.RequestedSecurityToken.SecurityToken. FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse(rm, System.Web.HttpContext.Current.Response); return(StatusCode(HttpStatusCode.NoContent)); } else { var contextId = Guid.NewGuid().ToString(); HttpCookie cookie = CreateContextCookie(contextId, HttpUtility.UrlDecode(this.Request.RequestUri.AbsoluteUri)); System.Web.HttpContext.Current.Response.Cookies.Add(cookie); var message = new SignInRequestMessage(new Uri(rp.AuthenticationUrl), FederatedAuthentication.WSFederationAuthenticationModule.Realm) { CurrentTime = DateTime.UtcNow.ToString("s", CultureInfo.InvariantCulture) + "Z", HomeRealm = rp.Realm, Context = contextId, Reply = Url.Link("Login", new { relyingPartyName = relyingPartyName }) }; message.Parameters.Add(new KeyValuePair <string, string>("originalRequest", Request.RequestUri.ToString())); return(Redirect(message.RequestUrl)); } } else { return(BadRequest(String.Format( CultureInfo.InvariantCulture, "The action '{0}' (Request.QueryString['{1}']) is unexpected. Expected actions are: '{2}' or '{3}'.", String.IsNullOrEmpty(action) ? "<EMPTY>" : action, WSFederationConstants.Parameters.Action, WSFederationConstants.Actions.SignIn, WSFederationConstants.Actions.SignOut))); } }