public static void ConfigureBackOfficeAdfsAuthentication(
this IAppBuilder app,
string caption = "AD FS",
string style = "btn-microsoft",
string icon = "fa-windows")
{
var adfsMetadataEndpoint = ConfigurationManager.AppSettings["AdfsMetadataEndpoint"];
var adfsRelyingParty = ConfigurationManager.AppSettings["AdfsRelyingParty"];
var adfsFederationServerIdentifier = ConfigurationManager.AppSettings["AdfsFederationServerIdentifier"];
app.SetDefaultSignInAsAuthenticationType(Constants.Security.BackOfficeExternalAuthenticationType);
var wsFedOptions = new WsFederationAuthenticationOptions
{
Wtrealm = adfsRelyingParty,
MetadataAddress = adfsMetadataEndpoint,
SignInAsAuthenticationType = Constants.Security.BackOfficeExternalAuthenticationType,
Caption = caption,
Wreply = $"{adfsRelyingParty}umbraco" // Redirect to the Umbraco back office after succesful authentication
};
wsFedOptions.ForUmbracoBackOffice(style, icon);
wsFedOptions.AuthenticationType = adfsFederationServerIdentifier;
// https://our.umbraco.com/apidocs/csharp/api/Umbraco.Web.Security.Identity.ExternalSignInAutoLinkOptions.html
wsFedOptions.SetExternalSignInAutoLinkOptions(new ExternalSignInAutoLinkOptions(true, null, "en-GB"));
app.UseWsFederationAuthentication(wsFedOptions);
}
public static IAppBuilder UseUmbracoBackOfficeAdfsAuthentication(
this IAppBuilder app,
string caption = "AD FS",
string style = "btn-microsoft",
string icon = "fa-windows",
string[] defaultUserGroups = null,
string defaultCulture = "en-GB",
Action <BackOfficeIdentityUser, ExternalLoginInfo> onAutoLinking = null,
Func <SecurityTokenValidatedNotification <WsFederationMessage, WsFederationAuthenticationOptions>, Task> onSecurityTokenValidated = null
)
{
var adfsMetadataEndpoint = ConfigurationManager.AppSettings["AdfsMetadataEndpoint"];
var adfsRelyingParty = ConfigurationManager.AppSettings["AdfsRelyingParty"];
var adfsFederationServerIdentifier = ConfigurationManager.AppSettings["AdfsFederationServerIdentifier"];
app.SetDefaultSignInAsAuthenticationType(Constants.Security.BackOfficeExternalAuthenticationType);
var wsFedOptions = new WsFederationAuthenticationOptions
{
Wtrealm = adfsRelyingParty,
MetadataAddress = adfsMetadataEndpoint,
SignInAsAuthenticationType = Constants.Security.BackOfficeExternalAuthenticationType,
Caption = caption
};
wsFedOptions.ForUmbracoBackOffice(style, icon);
wsFedOptions.AuthenticationType = adfsFederationServerIdentifier;
var autoLinking = new ExternalSignInAutoLinkOptions(
autoLinkExternalAccount: true,
defaultUserGroups: defaultUserGroups ?? new[] { "writer" },
defaultCulture: defaultCulture)
{
OnAutoLinking = onAutoLinking
};
if (onSecurityTokenValidated != null)
{
wsFedOptions.Notifications = new WsFederationAuthenticationNotifications
{
SecurityTokenValidated = onSecurityTokenValidated
};
}
wsFedOptions.SetExternalSignInAutoLinkOptions(autoLinking);
app.UseWsFederationAuthentication(wsFedOptions);
return(app);
}
