Beispiel #1
0
        public bool doHandshake(
            Uri uri,
            String username,
            String password
            )
        {
            // initiate the handshake by GET on SSO url
            Uri activeUri = uri;

            if (String.IsNullOrWhiteSpace(username) || String.IsNullOrWhiteSpace(username))
            {
                performGet(activeUri, true);  // Try to get an authentication cookie using network credentials
            }
            String response = performGet(activeUri, false).body;

            //Fix = what if null or no data?

            do
            {
                if (response == null)
                {
                    Trace.TraceError("No response returned during SSO handshake.  There should have been one.");
                    break;
                }

                // look for a form that will provide the next URL in the handshake sequence, which will also provide fields (such
                // as the SAML request from the SP and the SAML response from the IdP) that need to be forwarded on to the next URL

                FormInfo formInfo = getFirstFormInfo(response);

                if (formInfo == null)
                {
                    Trace.TraceError("No form detected during SSO handshake.  There should have been one.\r\n\r\n{0}", response);
                    break; // no form detected, so this is the end of the handshake
                }

                // determine the form fields to post to the next URL; special handling takes place in the case of the password
                // form where we step in and provide the user's name / password to the SP

                List <PostParam> postParams;
                if (formInfo.isPasswordForm())
                {
                    postParams = formInfo.getPasswordPostParams(username, password);
                }
                else if (formInfo.isSamlForm())
                {
                    postParams = formInfo.getSamlPostParams();
                }
                else
                {
                    Trace.TraceError("Unknown form encountered during handshake");
                    break;
                }

                // invoke the next step in the handshake
                activeUri = formInfo.getAbsoluteUri(activeUri);
                PostResults postResults = performPost(activeUri, postParams);

                if (postResults.statusCode != HttpStatusCode.OK)
                {
                    Trace.TraceError("Unexpected status code from POST: " + postResults.statusCode.ToString());
                    break;
                }

                response = postResults.body;
            } while ((jsessionidCookie = getJsessionidCookie()) == null);

            return(jsessionidCookie != null);
        }