public virtual string Login(HttpRequestBase request = null)
{
if (request == null)
{
request = new HttpRequestWrapper(HttpContext.Current.Request);
}
string callbackRedirect;
var samlString = request["token"];
SamlLogin login = null;
if (!string.IsNullOrEmpty(samlString))
{
login = IcelandAuthService.VerifySaml(samlString, request.UserHostAddress);
if (login?.Valid == true)
{
callbackRedirect = Success?.Invoke(login);
return(callbackRedirect ?? SuccessRedirect);
}
}
callbackRedirect = Error?.Invoke(login);
return(callbackRedirect ?? ErrorRedirect);
}
public string HandleError(SamlLogin login)
{
Logger.Error <Startup>("Error encountered while attempting Ísland.is authentication.");
// Handle erronous logins here
if (login != null)
{
}
return(null);
}
public IActionResult Index()
{
SamlLogin login = null;
if (Request.Method == "POST" && Request.Form.ContainsKey("token"))
{
var authSvc = new IcelandAuthService(_configuration, _logger);
login = authSvc.VerifySaml(Request.Form["token"], HttpContext.Connection.RemoteIpAddress.ToString());
}
return(View(login));
}
private static string HandleLogin(SamlLogin login)
{
var ms = ApplicationContext.Current.Services.MemberService;
var member = ms.GetByUsername(login.UserSSN);
if (member == null)
{
Logger.Info($"Creating new User: {login.UserSSN}");
member = ms.CreateMemberWithIdentity(
login.UserSSN,
login.UserSSN + "@example.com",
login.Name,
"Member"
);
// Create member with random pw
// This ensures users can only login using Ísland.is authentication method
byte[] pwBytes = new byte[32];
var rngCsp = new RNGCryptoServiceProvider();
rngCsp.GetBytes(pwBytes);
ms.AssignRole(member.Id, "Members");
ms.SavePassword(member, Convert.ToBase64String(pwBytes));
ms.Save(member);
}
// This causes all subsequent requests for the user to be
// authenticated as the given umbraco member
FormsAuthentication.SetAuthCookie(login.UserSSN, true);
// Provide a way for views and services to access the sessions saml login result
HttpContext.Current.Session["login"] = login;
// Return a custom redirect url
return(null);
}
private string HandleError(SamlLogin login)
{
return(Factory.GetInstance <AuthHandler>().HandleError(login));
}
