protected override void OnLoad(EventArgs e) { //LogToEventLog("Logoff.OnLoad()", "enter"); base.OnLoad(e); try { LogToEventLog("DNN.Authentication.SAML.Logoff.OnLoad(post)", string.Format("(Request.HttpMethod: {0}, Session[sessionIndexFromSAMLResponse]: {1}", Request.HttpMethod, Session["sessionIndexFromSAMLResponse"])); config = DNNAuthenticationSAMLAuthenticationConfig.GetConfig(PortalId); UserInfo user = UserController.GetCurrentUserInfo(); LogToEventLog("Logoff.OnLoad()", string.Format("Logging off from saml {0}", user == null ? "null" : user.Username)); X509Certificate2 cert = StaticHelper.GetCert(config.OurCertFriendlyName); XmlDocument request = GenerateSAMLLogoffRequest(user.Username); request = StaticHelper.SignSAMLRequest2(request, cert); string convertedRequestXML = StaticHelper.Base64CompressUrlEncode(request.OuterXml); string convertedSigAlg = HttpUtility.UrlEncode("http://www.w3.org/2000/09/xmldsig#rsa-sha1"); byte[] signature = StaticHelper.SignString2(string.Format("SAMLRequest={0}&RelayState={1}&SigAlg={2}", convertedRequestXML, "NA", convertedSigAlg), cert); string convertedSignature = HttpUtility.UrlEncode(Convert.ToBase64String(signature)); string redirectTo = config.IdPLogoutURL + "?SAMLRequest=" + convertedRequestXML + "&RelayState=NA" + "&SigAlg=" + convertedSigAlg + "&Signature=" + convertedSignature ; base.OnLogOff(e); Session.Remove("sessionIndexFromSAMLResponse"); LogToEventLog("Logoff()", string.Format("Redirecting to {0}", redirectTo)); Response.Redirect(Page.ResolveUrl(redirectTo), false); } catch (System.Threading.ThreadAbortException tae) { LogToEventLog("DNN.Authentication.SAML.Logoff.OnLoad(tae)", "ThreadAbortException"); //Response.Redirect(Page.ResolveUrl(redirectTo), false); } catch (Exception ex) { LogToEventLog("DNN.Authentication.SAML.Logoff.OnLoad()", string.Format("Exception {0}", ex.Message)); } }
protected override void OnLoad(EventArgs e) { base.OnLoad(e); staticPortalSettings = PortalSettings; string redirectTo = "~/"; try { config = DNNAuthenticationSAMLAuthenticationConfig.GetConfig(PortalId); if (Request.HttpMethod == "POST" && !Request.IsAuthenticated) { if (Request.Form["RelayState"] != null) { string relayState = HttpUtility.UrlDecode(Request.Form["RelayState"]); LogToEventLog("DNN.Authentication.SAML.OnLoad(post !auth)", string.Format("relayState : {0}", relayState)); var relayStateSplit = relayState.Split(new char[] { '&' }, StringSplitOptions.RemoveEmptyEntries); foreach (string s in relayStateSplit) { if (s.ToLower().StartsWith("returnurl")) { redirectTo = "~" + s.Replace("returnurl=", ""); break; } } } X509Certificate2 myCert = StaticHelper.GetCert(config.OurCertFriendlyName); System.Text.ASCIIEncoding enc = new System.Text.ASCIIEncoding(); string responseXML = enc.GetString(Convert.FromBase64String(Request.Form["SAMLResponse"])); ResponseHandler responseHandler = new ResponseHandler(responseXML, myCert, config.TheirCert ); LogToEventLog("DNN.Authentication.SAML.OnLoad(post !auth)", "responseXML : " + responseHandler.ResponseString()); string emailFromSAMLResponse = responseHandler.GetNameID(); UserInfo userInfo = UserController.GetUserByName(PortalSettings.PortalId, emailFromSAMLResponse); if (userInfo == null) { userInfo = new UserInfo(); userInfo.Username = emailFromSAMLResponse; userInfo.PortalID = base.PortalId; userInfo.DisplayName = emailFromSAMLResponse; userInfo.Email = emailFromSAMLResponse; userInfo.FirstName = emailFromSAMLResponse; userInfo.LastName = emailFromSAMLResponse; userInfo.Membership.Password = UserController.GeneratePassword(12).ToString(); UserCreateStatus rc = UserController.CreateUser(ref userInfo); if (rc == UserCreateStatus.Success) { addRoleToUser(userInfo, "Subscribers", DateTime.MaxValue); } } else { LogToEventLog("DNN.Authentication.SAML.OnLoad(post !auth)", String.Format("FoundUser userInfo.Username: {0}", userInfo.Username)); } string sessionIndexFromSAMLResponse = responseHandler.GetSessionIndex(); Session["sessionIndexFromSAMLResponse"] = sessionIndexFromSAMLResponse; UserValidStatus validStatus = UserController.ValidateUser(userInfo, PortalId, true); UserLoginStatus loginStatus = validStatus == UserValidStatus.VALID ? UserLoginStatus.LOGIN_SUCCESS : UserLoginStatus.LOGIN_FAILURE; if (loginStatus == UserLoginStatus.LOGIN_SUCCESS) { //Raise UserAuthenticated Event var eventArgs = new UserAuthenticatedEventArgs(userInfo, userInfo.Email, loginStatus, config.DNNAuthName) //"DNN" is default, "SAML" is this one. How did it get named SAML???? { Authenticated = true, Message = "User authorized", RememberMe = false }; OnUserAuthenticated(eventArgs); } } else if (Request.IsAuthenticated) { //if (!Response.IsRequestBeingRedirected) // Response.Redirect(Page.ResolveUrl("~/"), false); } else { XmlDocument request = GenerateSAMLRequest(); X509Certificate2 cert = StaticHelper.GetCert(config.OurCertFriendlyName); request = StaticHelper.SignSAMLRequest(request, cert); LogToEventLog("DNN.Authentication.SAML.OnLoad()", string.Format("request xml {0}", request.OuterXml)); String convertedRequestXML = StaticHelper.Base64CompressUrlEncode(request); redirectTo = config.IdPURL + (config.IdPURL.Contains("?") ? "&" : "?") + "SAMLRequest=" + convertedRequestXML; if (Request.QueryString.Count > 0) { redirectTo += "&RelayState=" + HttpUtility.UrlEncode(Request.Url.Query.Replace("?", "&")); } } } catch (System.Threading.ThreadAbortException tae) { LogToEventLog("DNN.Authentication.SAML.OnLoad(tae)", string.Format("Redirecting to {0}", redirectTo)); Response.Redirect(Page.ResolveUrl(redirectTo), false); } catch (Exception ex) { LogToEventLog("DNN.Authentication.SAML.OnLoad()", string.Format("Exception {0}", ex.Message)); redirectTo = "~/"; } Response.Redirect(Page.ResolveUrl(redirectTo), false); }