Ejemplo n.º 1
0
        public ActionResult Go()
        {
            _GiceConfig.CallbackUrl = Url.Action("callback", "gice", null, protocol: "https").ToLower();

            //Create a state and save to session
            string newState = Util.RandomString(6);

            HttpContext.Session.SetString("state", newState);

            GiceClientv2 gice = new GiceClientv2(_GiceConfig);

            // Request Authentication from GICE.
            return(Redirect(gice.GenerateRequestUrl(newState)));
        }
Ejemplo n.º 2
0
        public async Task <IActionResult> Callback(string code, string state)
        {
            // Verify a code and state query parameter was returned.
            if (code == null || state == null)
            {
                _Logger.LogWarning("GICE Callback Error: One or more of the query parameters are missing. State: {0}. Code: {1}", state, code);
                return(StatusCode(452));
            }

            // Verify the state to protect against CSRF attacks.
            if (HttpContext.Session.GetString("state") != state)
            {
                _Logger.LogWarning("GICE Callback Error: Invalid state returned.");
                HttpContext.Session.Remove("state");
                return(StatusCode(452));
            }

            // Clear the state session
            HttpContext.Session.Remove("state");

            // Set the callback URL
            _GiceConfig.CallbackUrl = Url.Action("Callback", "Gice", null, "https").ToLower();

            GiceClientv2 gice = new GiceClientv2(_GiceConfig);
            Dictionary <string, string> ClaimsDict = gice.VerifyCode(code);


            if (ClaimsDict.Count == 0)
            {
                _Logger.LogWarning("GICE Callback Error: The JwtVerify method failed.");
                return(StatusCode(452));
            }

            // Do we have an account for this GSF User?
            int gice_id          = int.Parse(ClaimsDict["sub"]);
            var waitlist_account = await _Db.Accounts.FindAsync(gice_id);

            if (waitlist_account != null)
            {
                // Update and save user account
                waitlist_account.Name        = ClaimsDict["name"];
                waitlist_account.LastLogin   = DateTime.UtcNow;
                waitlist_account.LastLoginIP = _RequestorIP.MapToIPv4().ToString();

                await _Db.SaveChangesAsync();
            }
            else
            {
                // User doesn't exist, create a new account
                waitlist_account = new Account()
                {
                    Id                  = gice_id,
                    Name                = ClaimsDict["name"],
                    RegisteredAt        = DateTime.UtcNow,
                    JabberNotifications = true,
                    LastLogin           = DateTime.UtcNow,
                    LastLoginIP         = _RequestorIP.MapToIPv4().ToString()
                };

                await _Db.AddAsync(waitlist_account);

                await _Db.SaveChangesAsync();
            }

            // Attempt to log the user in
            await LoginUserUsingId(waitlist_account.Id);

            _Logger.LogDebug("{0} has logged in.", ClaimsDict["name"]);

            return(Redirect("~/pilot-select"));
        }