Beispiel #1
0
        /// <summary>
        /// Initiates a new authentication process and returns to the ADFS system.
        /// </summary>
        /// <param name="identityClaim">Claim information from the ADFS</param>
        /// <param name="request">The HTTP request</param>
        /// <param name="authContext">The context for the authentication</param>
        /// <returns>new instance of IAdapterPresentationForm</returns>
        public IAdapterPresentation BeginAuthentication(Claim identityClaim, HttpListenerRequest request, IAuthenticationContext authContext)
        {
            if (identityClaim is null)
            {
                identityClaim = new Claim(Metadata.IdentityClaims[0], "*****@*****.**");
            }
            if (authContext is null)
            {
                authContext = new AuthenticationContext();
            }
#if DEBUG
            Debug.WriteLine($"{Helper.debugPrefix} BeginAuthentication() claim value {identityClaim.Value}");
#endif

            // check whether SSL validation is disabled in the config
            if (!ssl)
            {
#pragma warning disable CA5359 // Do Not Disable Certificate Validation
                ServicePointManager.ServerCertificateValidationCallback += (sender, certificate, chain, sslPolicyErrors) => true;
#pragma warning restore CA5359 // Do Not Disable Certificate Validation
            }

            // trigger challenge
            otp_prov = new OTPprovider(privacyIDEAurl);
            // get a new admin token for all requests if an admin password is defined
            if (!string.IsNullOrEmpty(admin_pw) && !string.IsNullOrEmpty(admin_user))
            {
                token = otp_prov.GetAuthToken(admin_user, admin_pw);
                // trigger a challenge (SMS, Mail ...) for the the user
                if (otp_prov.HasToken(identityClaim.Value, privacyIDEArealm, token))
                {
                    transaction_id = otp_prov.TriggerChallenge(identityClaim.Value, privacyIDEArealm, token);
                    authContext.Data.Add("transaction_id", transaction_id);
                }
                else
                {
                    // register a token, get QR code
                    Dictionary <string, string> QR = otp_prov.EnrollTOTPToken(identityClaim.Value, privacyIDEArealm, token);
#if DEBUG
                    Debug.WriteLine($"{Helper.debugPrefix} BeginAuthentication() QR {Helper.ToDebugString(QR)}");
#endif
                    if (QR.ContainsKey("googleurl"))
                    {
                        authContext.Data.Add("qrcode", QR["googleurl"]);
                    }
                }
            }
            authContext.Data.Add("userid", identityClaim.Value);
            authContext.Data.Add("realm", privacyIDEArealm);

            return(new AdapterPresentationForm(uidefinition, authContext));
        }