public string GetResponseToken() { string uid = current.Session["uid"].ToString(); TimeSpan timeout = new TimeSpan(DateTime.Now.Ticks); SSOToken token = new SSOToken(); return token.GetToken(); }
public async void OpenUrl(string Url) { string loadUrl; if (Loading) { return; // prevent double click.. } else { Loading = true; } if (UnixTimestamp() > LoginExpiry && UnixTimestamp() > TokenExpiry) { await LoadToken (); } if (LoginToken != null) { loadUrl = App.CurrentSite.url + "api/users/me/login_token?user_guid=" + LoginToken.userGuid + "&token=" + LoginToken.token + "&redirect_url=" + Url; LoginToken = null; LoginExpiry = UnixTimestamp () + 60 * 60; } else { loadUrl = Url; // could not retrieve token } Loading = false; System.Diagnostics.Debug.WriteLine ("[SSO] opening: " + loadUrl); UIKit.UIApplication.SharedApplication.OpenUrl (new NSUrl (loadUrl)); }
/// <summary> /// Intenta obtener el token del soap header del web service /// </summary> /// <returns></returns> public bool traerDatosToken() { bool bRta = false; try { byte[] data = new byte[Convert.ToInt32(System.Web.HttpContext.Current.Request.InputStream.Length)]; System.Web.HttpContext.Current.Request.InputStream.Position = 0; System.Web.HttpContext.Current.Request.InputStream.Read(data, 0, Convert.ToInt32(System.Web.HttpContext.Current.Request.InputStream.Length)); UTF8Encoding encoding = new UTF8Encoding(); string decodedString = encoding.GetString(data); // cargo el soap xml XmlDataDocument myXmlDocument = new XmlDataDocument(); myXmlDocument.LoadXml(decodedString); XmlNodeList xmlToken = myXmlDocument.GetElementsByTagName("token"); // genero el token SSOEncodedToken encToken = new SSOEncodedToken(); encToken.Token = xmlToken.Item(0).InnerText; token = Credencial.ObtenerCredencialEnWs(encToken); bRta = true; } catch (Exception ex) { bRta = false; } return(bRta); }
public User ObtenerDatosCredencial() { try { var user = new User(); var cred = Credencial.ObtenerCredencial(); if (cred != null) { //(string)cred.GetType().GetField("strtoken", System.Reflection.BindingFlags.NonPublic | System.Reflection.BindingFlags.Instance).GetValue(cred) var token = cred.GetType().GetField("strtoken", System.Reflection.BindingFlags.NonPublic | System.Reflection.BindingFlags.Instance); var sign = cred.GetType().GetField("strsign", System.Reflection.BindingFlags.NonPublic | System.Reflection.BindingFlags.Instance); if (token != null && sign != null) { //HttpContext.Current.Session["token"] = (string)token.GetValue(cred); //HttpContext.Current.Session["sign"] = (string)sign.GetValue(cred); } credenciales = cred.SSOToken; //Perfil user.Perfil = credenciales.Operation.Login.Groups[0].Name; //Entity - Cuil user.CUIL = credenciales.Operation.Login.CUIL; //Legajo - Uid user.UserId = credenciales.Operation.Login.UId; //Nombre user.UserName = credenciales.Operation.Login.Info[0].Value; //Oficina var oficina = credenciales.Operation.Login.Info.FirstOrDefault(r => r.Name.Equals("oficina", StringComparison.CurrentCultureIgnoreCase)); user.Oficina = oficina == null ? string.Empty : oficina.Value; //Oficina Desc var oficinaDetalle = credenciales.Operation.Login.Info.FirstOrDefault(r => r.Name.Equals("oficinadesc", StringComparison.CurrentCultureIgnoreCase)); user.OficinaDetalle = oficinaDetalle == null ? string.Empty : oficinaDetalle.Value; //IP var ip = credenciales.Operation.Login.Info.FirstOrDefault(r => r.Name.Equals("ip", StringComparison.CurrentCultureIgnoreCase)); user.IP = ip == null ? string.Empty : ip.Value; // user.ExpiraToken = Credencial.ObtenerCredencial().expirasession; user.HasToken = true; user.Sistema = credenciales.Operation.Login.System; //user.Grupos = DirectorHelper.GetTokenListaGroups(credenciales); } return(user); } catch (Exception ex) { throw ex; } return(null); }
//internal SSOClient(SSOClientConf conf) //{ // SiteId = _SiteId; // SSOPageUrl = _SSOPageUrl; //} private ISSOToken GetRequestToken(out bool requestByAjax, out string bt_sso_returnurl) { requestByAjax = false; bt_sso_returnurl = ""; var tokenStr = ""; if (HttpContext.Current.Request.Headers[this.ParameterPrefix + "sso_ajax"] == "1") { requestByAjax = true; bt_sso_returnurl = HttpContext.Current.Request.Headers[this.ParameterPrefix + "sso_returnurl"]; tokenStr = HttpContext.Current.Request.Headers[this.ParameterPrefix + "sso_token"]; var _token = new SSOToken(tokenStr); return(_token); } else { tokenStr = System.Web.HttpContext.Current.Request.QueryString[this.ParameterPrefix + "sso_token"]; if (!string.IsNullOrWhiteSpace(tokenStr)) { var _token = new SSOToken(tokenStr); if (_token.IsValid) { return(_token);; } } tokenStr = System.Web.HttpContext.Current.Request.QueryString["token"]; var token = new SSOToken(tokenStr); return(token); } }
public async Task<bool> LoadToken() { System.Diagnostics.Debug.WriteLine ("[SSO] requesting SSO token"); LoginToken = await WebService.GenerateToken (); if (LoginToken != null) { TokenExpiry = UnixTimestamp () + LoginToken.expiry; } return true; }
public void ValidSSOTokenIsAccepted() { // TODO: use a test double for the SingleSignOnRegistry SingleSignOnRegistry registry = null; MyService service = new MyService(registry); SSOToken token = new SSOToken(); Response response = service.HandleRequest(new Request("Foo", token)); Assert.AreEqual("hello Foo!", response.GetText()); }
ISSOToken GetResponseToken(string uid4Token, double tmeout = 60 * 60 * 24) { var token = new SSOToken() { uid = uid4Token, timeout = tmeout }; return(token); }
public void GetUserInfoByToken(HttpContext context) { //响应者 HttpResponse Response = context.Response; //请求者 HttpRequest Request = context.Request; //往返路径 string returnUrl = Request["returnUrl"]; JsonModel jsonModel = new JsonModel(); if (Request["tokenID"] != string.Empty) { string tokenID = Request["tokenID"]; if (KeepToken(tokenID)) { SSOToken token = KeepToken_Valied(tokenID); if (token != null) { Sys_UserInfo userInfo = UserManage.GetUserInfo(token.User.UserName, token.User.PassWord); if (userInfo != null) { jsonModel.retData = userInfo; jsonModel.errNum = 0; } else { jsonModel.errMsg = "用户名密码错误"; jsonModel.errNum = 999; } } else { jsonModel.errMsg = "获取用户信息失败"; jsonModel.errNum = 222; } } else { jsonModel.errMsg = "无效令牌"; jsonModel.errNum = 333; } } else { jsonModel.errMsg = "未获取到令牌"; jsonModel.errNum = 666; } //Response.Write(JsHelper.Serialize(new { Data = returnData })); string callback = context.Request["jsoncallback"]; Response.Write(callback + "({\"result\":" + JsHelper.Serialize(jsonModel) + "})"); }
public string GetUserData(string token) { TokenList = GetCookies(); SSOToken tokenModel = TokenList.FirstOrDefault(p => p.Token == token && p.OverdueTime > DateTime.Now); if (tokenModel != null) { return(tokenModel.UserData); } TokenList.RemoveAll(p => p.OverdueTime < DateTime.Now); return(""); }
public WebAdmin() { Log.Info("Reading json file..."); if (!File.Exists(Params.PathToJson)) { Log.Err("File not found: " + Params.PathToJson); _isInit = false; return; } //read file string jsonString; try { jsonString = File.ReadAllText(Params.PathToJson); } catch (Exception e) { Log.Err(e.Message); _isInit = false; return; } //convert to json object try { _inputJson = JObject.Parse(jsonString); } catch (Exception e) { Log.Err(e.Message); _isInit = false; return; } Log.Ok("Json found and parsed."); //auth Log.Info("Getting SSO Token..."); string ssoBase64; try { ssoBase64 = new SSOToken(Params.OEHost, Params.User, Params.Password, Params.OEPort, Params.UseHttps).GetBase64(); } catch (Exception e) { Log.Err(e.Message); _isInit = false; return; } Log.Ok("SSO Token obtained."); _jsonClient = new JsonClient(ssoBase64); }
public void When_validSSOToken_Then_TokenIsAccepted() { // ARRANGE SSOToken token = new SSOToken(); _singleSignOnRegistry.Setup(s => s.is_valid(token)).Returns(true); MyService service = new MyService(_singleSignOnRegistry.Object, _authGateway.Object); // ACT Response response = service.handleRequest(new Request("Foo", token)); // ASSERT Assert.AreEqual("hello Foo!", response.getText()); }
/// <summary> /// 认证用户 /// </summary> /// <param name="username"></param> /// <param name="password"></param> /// <param name="rememberMe"></param> /// <returns></returns> public static bool AuthenticateUser(string username, string password, bool rememberMe, out string myticket) { string un = (username ?? string.Empty).Trim(); string pw = (password ?? string.Empty).Trim(); if (!string.IsNullOrWhiteSpace(un) && !string.IsNullOrWhiteSpace(pw)) { SSOUser isValidated = ValidateUser(un, pw); if (isValidated != null) { HttpContext context = HttpContext.Current; DateTime expirationDate = DateTime.Now.Add(FormsAuthentication.Timeout); FormsAuthenticationTicket ticket = new FormsAuthenticationTicket( 1, un, DateTime.Now, expirationDate, rememberMe, string.Format("{0}{1}{2}{1}{3}{4}", SecurityValidationKey, AUTH_TKT_USERDATA_DELIMITER, un, pw, Guid.NewGuid()), FormsAuthentication.FormsCookiePath ); string encryptedTicket = FormsAuthentication.Encrypt(ticket); //持久化Token SSOToken token = new SSOToken(encryptedTicket); token.User = isValidated; //token.User.UserName = Domain.Security.SmartAuthenticate.LoginUser.UserName; //token.LoginID = Session.SessionID; Domain.SSO.Entity.SSOToken.SSOTokenList.Add(token); HttpCookie cookie = new HttpCookie(FormsAuthCookieName, encryptedTicket); cookie.Expires = rememberMe ? expirationDate : DateTime.MinValue; cookie.HttpOnly = true; cookie.Path = "/"; //cookie.Domain = "domain.com"; context.Response.Cookies.Set(cookie); myticket = encryptedTicket; return(true); } } myticket = string.Empty; return(false); }
public ISSOServer GetRequestSSOServer() { ISSOServer server = new SSOServer(); string strToken = current.Request.QueryString["token"]; SSOToken token = new SSOToken(strToken); server.Token = token; server.ReturnUrl = current.Request.QueryString["returnurl"]; string siteid = current.Request.QueryString["siteid"]; server.SiteId = siteid; if (string.IsNullOrEmpty(server.ReturnUrl) && !string.IsNullOrEmpty(siteid)) { server.ReturnUrl = Sites.Instance.GetSite(siteid).HomePage; } return server; }
public static SSOToken SetToken(string loginID, string userName, string pswd) { //生成Token,并持久化Token SSOToken token = new SSOToken(); //token携带的用户信息 token.User = new SSOUser(); //token携带的用户名称 token.User.UserName = userName; token.User.PassWord = pswd; //登录ID token.LoginID = loginID; //token集合添加token SSOToken.SSOTokenList.Add(token); return(token); }
/// <summary> /// 验证当前token是否有效 /// </summary> /// <param name="tokenID"></param> /// <returns></returns> public SSOToken KeepToken_Valied(string tokenID) { SSOToken ssotoken = null; ssotoken = SSOToken.SSOTokenList.Find(m => m.ID == tokenID); if (ssotoken != null) { if (!ssotoken.IsTimeOut()) { ssotoken.AuthTime = DateTime.Now; } else { ssotoken = null; } } return(ssotoken); }
public void When_validUsernameAndPassword_Then_InitServiceOk() { // ARRANGE SSOToken actualToken = new SSOToken(); MyService service = new MyService(_singleSignOnRegistry.Object, _authGateway.Object); string username = "******"; string password = "******"; _authGateway.Setup(a => a.credentialsAreValid(username, password)).Returns(true); _singleSignOnRegistry.Setup(s => s.register_new_session(username, password)).Returns(actualToken); SSOToken expectedToken; // ACT expectedToken = service.InitService(username, password); // ASSERT Assert.AreEqual(expectedToken, actualToken); }
public ISSOServerInfo GetRequestServer() { var siteid = HttpContext.Current.Server.UrlDecode(HttpContext.Current.Request.QueryString[this.ParameterPrefix + "siteid"]); var strToken = HttpContext.Current.Server.UrlDecode(HttpContext.Current.Request.QueryString[this.ParameterPrefix + "token"]); var returnurl = HttpContext.Current.Server.UrlDecode(HttpContext.Current.Request.QueryString[this.ParameterPrefix + "returnurl"]); int.TryParse(HttpContext.Current.Server.UrlDecode(HttpContext.Current.Request.QueryString[this.ParameterPrefix + "action"]), out int action); var actionT = (SSOServerInfo.Action)action; var token = new SSOToken(strToken); var serverInfo = new SSOServerInfo(this) { SiteId = siteid, Token = token, ReturnUrl = returnurl, RequestAction = actionT, }; return(serverInfo); }
public string SetToken(string userData, TimeSpan saveInterval) { TokenList = GetCookies(); SSOToken tokenModel = TokenList.FirstOrDefault(p => p.UserData == userData && p.OverdueTime > DateTime.Now); if (tokenModel != null) { tokenModel.OverdueTime = DateTime.Now.Add(saveInterval); SetCookies(); return(tokenModel.Token); } SSOToken ssoModel = new SSOToken { Token = CreateToken(), UserData = userData, OverdueTime = DateTime.Now.Add(saveInterval) }; TokenList.Add(ssoModel); SetCookies(); return(ssoModel.Token); }
public void Login(HttpContext context) { //响应者 HttpResponse Response = context.Response; //请求者 HttpRequest Request = context.Request; //往返路径 string returnUrl = Request["returnUrl"]; //如果没有回调链接,该SSO不起作用 if (string.IsNullOrEmpty(returnUrl)) { return; } else { //判断returnUrl是否为信任的Domain } if (Request["UserName"] != "" && Request["password"] != "") { var pp = context.User.Identity.Name; string userName = Request["UserName"]; string passWord = Request["password"]; bool result = SmartAuthenticate.AuthenticateUser(userName, passWord, true); //SSOToken token = null; ////判断当前是否登录() //if (SmartAuthenticate.LoginUser != null)//未登录(生成token【携带用户信息】,并加入到集合里去) //{ // SmartAuthenticate.LoginUser.UserName = userName; // token = TokenManage.SetToken(context.Session.SessionID); //} SSOToken token = null; //判断当前是否登录() if (!string.IsNullOrEmpty(userName))//未登录(生成token【携带用户信息】,并加入到集合里去) { //SmartAuthenticate.LoginUser.UserName = userName; token = TokenManage.SetToken(context.Session.SessionID, userName, passWord); } //拼接返回的url,参数中带Tip string spliter = returnUrl.Contains('?') ? "&" : "?"; if (token != null) { //将TIP返回 returnUrl = returnUrl + spliter + "token=" + token.ID + "&IsSuccessed=" + "true"; } else { //将TIP返回 returnUrl = returnUrl + spliter + "&IsSuccessed=" + "false"; } string callback = context.Request["jsoncallback"]; Response.Write(callback + "({\"result\":\"" + token.ID + "\"})"); //跳转到访问该SSO的初始页面 //Response.Redirect(returnUrl); } }
public void Expire() { LoginToken = null; TokenExpiry = 0; }
public void DisposeService(SSOToken token) { _ssoRegistry.unregister(token); }
public Request(String name, SSOToken token) { this.name = name; this.token = token; }
public User GetTokenFromHeader(SoapUnknownHeader[] unknownHeaders, string tag) { try { var user = new User(); var tokenEnviado = new SSOEncodedToken(); foreach (SoapUnknownHeader header in unknownHeaders) { if (header.Element.Name == tag) { tokenEnviado.Token = header.Element.InnerText; break; } } if (!string.IsNullOrEmpty(tokenEnviado.Token) && tokenEnviado.Token.Length > 0) { credenciales = Credencial.ObtenerCredencialEnWs(tokenEnviado); if (credenciales != null) { //Entity - CUIT user.Entity = credenciales.Operation.Login.Entity; // user.HasToken = true; user.Sistema = credenciales.Operation.Login.System; //Perfil user.Perfil = credenciales.Operation.Login.Groups[0].Name; //Cuil user.CUIL = credenciales.Operation.Login.CUIL; //Legajo - Uid user.UserId = credenciales.Operation.Login.UId; //verificamos el grupo y la info //****************************** user.UserName = credenciales.Operation.Login.UserName; //deteccion del cuil - para CVSS en el campo UId estara el CUIL de la persona. //Para aplicaciones internas el UId tendra el Usuario del operador try { user.Cuip = string.IsNullOrEmpty(credenciales.Operation.Login.UId) ? 0 : long.Parse(credenciales.Operation.Login.UId); } catch { user.Cuip = 0; user.UserName = credenciales.Operation.Login.UId; } //Nombre user.Nombre = credenciales.Operation.Login.UserName; for (int i = 0; i < credenciales.Operation.Login.Info.Length; i++) { switch (credenciales.Operation.Login.Info[i].Name) { case "nombre": user.Nombre = credenciales.Operation.Login.Info[i].Value; break; case "ip": user.IP = credenciales.Operation.Login.Info[i].Value; break; case "oficina": user.Oficina = credenciales.Operation.Login.Info[i].Value; break; case "oficinadesc": user.OficinaDetalle = credenciales.Operation.Login.Info[i].Value; break; default: break; } } return(user); } throw new Exception("Ha ocurrido un error al obtener las credenciales del usuario, por favor verifique que ha enviado el token con sus credenciales"); } throw new Exception("Ha ocurrido un error al obtener el token, por favor verifique que el mismo fue enviado"); } catch (Exception ex) { //log.Error("Credenciales - " + ex.Message); throw ex; } return(null); }