public virtual string Login(HttpRequestBase request = null) { if (request == null) { request = new HttpRequestWrapper(HttpContext.Current.Request); } string callbackRedirect; var samlString = request["token"]; SamlLogin login = null; if (!string.IsNullOrEmpty(samlString)) { login = IcelandAuthService.VerifySaml(samlString, request.UserHostAddress); if (login?.Valid == true) { callbackRedirect = Success?.Invoke(login); return(callbackRedirect ?? SuccessRedirect); } } callbackRedirect = Error?.Invoke(login); return(callbackRedirect ?? ErrorRedirect); }
public string HandleError(SamlLogin login) { Logger.Error <Startup>("Error encountered while attempting Ísland.is authentication."); // Handle erronous logins here if (login != null) { } return(null); }
public IActionResult Index() { SamlLogin login = null; if (Request.Method == "POST" && Request.Form.ContainsKey("token")) { var authSvc = new IcelandAuthService(_configuration, _logger); login = authSvc.VerifySaml(Request.Form["token"], HttpContext.Connection.RemoteIpAddress.ToString()); } return(View(login)); }
private static string HandleLogin(SamlLogin login) { var ms = ApplicationContext.Current.Services.MemberService; var member = ms.GetByUsername(login.UserSSN); if (member == null) { Logger.Info($"Creating new User: {login.UserSSN}"); member = ms.CreateMemberWithIdentity( login.UserSSN, login.UserSSN + "@example.com", login.Name, "Member" ); // Create member with random pw // This ensures users can only login using Ísland.is authentication method byte[] pwBytes = new byte[32]; var rngCsp = new RNGCryptoServiceProvider(); rngCsp.GetBytes(pwBytes); ms.AssignRole(member.Id, "Members"); ms.SavePassword(member, Convert.ToBase64String(pwBytes)); ms.Save(member); } // This causes all subsequent requests for the user to be // authenticated as the given umbraco member FormsAuthentication.SetAuthCookie(login.UserSSN, true); // Provide a way for views and services to access the sessions saml login result HttpContext.Current.Session["login"] = login; // Return a custom redirect url return(null); }
private string HandleError(SamlLogin login) { return(Factory.GetInstance <AuthHandler>().HandleError(login)); }