protected override void OnLoad(EventArgs e)
{
//LogToEventLog("Logoff.OnLoad()", "enter");
base.OnLoad(e);
try
{
LogToEventLog("DNN.Authentication.SAML.Logoff.OnLoad(post)", string.Format("(Request.HttpMethod: {0}, Session[sessionIndexFromSAMLResponse]: {1}", Request.HttpMethod, Session["sessionIndexFromSAMLResponse"]));
config = DNNAuthenticationSAMLAuthenticationConfig.GetConfig(PortalId);
UserInfo user = UserController.GetCurrentUserInfo();
LogToEventLog("Logoff.OnLoad()", string.Format("Logging off from saml {0}", user == null ? "null" : user.Username));
X509Certificate2 cert = StaticHelper.GetCert(config.OurCertFriendlyName);
XmlDocument request = GenerateSAMLLogoffRequest(user.Username);
request = StaticHelper.SignSAMLRequest2(request, cert);
string convertedRequestXML = StaticHelper.Base64CompressUrlEncode(request.OuterXml);
string convertedSigAlg = HttpUtility.UrlEncode("http://www.w3.org/2000/09/xmldsig#rsa-sha1");
byte[] signature = StaticHelper.SignString2(string.Format("SAMLRequest={0}&RelayState={1}&SigAlg={2}", convertedRequestXML, "NA", convertedSigAlg), cert);
string convertedSignature = HttpUtility.UrlEncode(Convert.ToBase64String(signature));
string redirectTo = config.IdPLogoutURL +
"?SAMLRequest=" + convertedRequestXML +
"&RelayState=NA" +
"&SigAlg=" + convertedSigAlg +
"&Signature=" + convertedSignature
;
base.OnLogOff(e);
Session.Remove("sessionIndexFromSAMLResponse");
LogToEventLog("Logoff()", string.Format("Redirecting to {0}", redirectTo));
Response.Redirect(Page.ResolveUrl(redirectTo), false);
}
catch (System.Threading.ThreadAbortException tae)
{
LogToEventLog("DNN.Authentication.SAML.Logoff.OnLoad(tae)", "ThreadAbortException");
//Response.Redirect(Page.ResolveUrl(redirectTo), false);
}
catch (Exception ex)
{
LogToEventLog("DNN.Authentication.SAML.Logoff.OnLoad()", string.Format("Exception {0}", ex.Message));
}
}
protected override void OnLoad(EventArgs e)
{
base.OnLoad(e);
staticPortalSettings = PortalSettings;
string redirectTo = "~/";
try
{
config = DNNAuthenticationSAMLAuthenticationConfig.GetConfig(PortalId);
if (Request.HttpMethod == "POST" && !Request.IsAuthenticated)
{
if (Request.Form["RelayState"] != null)
{
string relayState = HttpUtility.UrlDecode(Request.Form["RelayState"]);
LogToEventLog("DNN.Authentication.SAML.OnLoad(post !auth)", string.Format("relayState : {0}", relayState));
var relayStateSplit = relayState.Split(new char[] { '&' }, StringSplitOptions.RemoveEmptyEntries);
foreach (string s in relayStateSplit)
{
if (s.ToLower().StartsWith("returnurl"))
{
redirectTo = "~" + s.Replace("returnurl=", "");
break;
}
}
}
X509Certificate2 myCert = StaticHelper.GetCert(config.OurCertFriendlyName);
System.Text.ASCIIEncoding enc = new System.Text.ASCIIEncoding();
string responseXML = enc.GetString(Convert.FromBase64String(Request.Form["SAMLResponse"]));
ResponseHandler responseHandler = new ResponseHandler(responseXML, myCert,
config.TheirCert
);
LogToEventLog("DNN.Authentication.SAML.OnLoad(post !auth)", "responseXML : " + responseHandler.ResponseString());
string emailFromSAMLResponse = responseHandler.GetNameID();
UserInfo userInfo = UserController.GetUserByName(PortalSettings.PortalId, emailFromSAMLResponse);
if (userInfo == null)
{
userInfo = new UserInfo();
userInfo.Username = emailFromSAMLResponse;
userInfo.PortalID = base.PortalId;
userInfo.DisplayName = emailFromSAMLResponse;
userInfo.Email = emailFromSAMLResponse;
userInfo.FirstName = emailFromSAMLResponse;
userInfo.LastName = emailFromSAMLResponse;
userInfo.Membership.Password = UserController.GeneratePassword(12).ToString();
UserCreateStatus rc = UserController.CreateUser(ref userInfo);
if (rc == UserCreateStatus.Success)
{
addRoleToUser(userInfo, "Subscribers", DateTime.MaxValue);
}
}
else
{
LogToEventLog("DNN.Authentication.SAML.OnLoad(post !auth)", String.Format("FoundUser userInfo.Username: {0}", userInfo.Username));
}
string sessionIndexFromSAMLResponse = responseHandler.GetSessionIndex();
Session["sessionIndexFromSAMLResponse"] = sessionIndexFromSAMLResponse;
UserValidStatus validStatus = UserController.ValidateUser(userInfo, PortalId, true);
UserLoginStatus loginStatus = validStatus == UserValidStatus.VALID ? UserLoginStatus.LOGIN_SUCCESS : UserLoginStatus.LOGIN_FAILURE;
if (loginStatus == UserLoginStatus.LOGIN_SUCCESS)
{
//Raise UserAuthenticated Event
var eventArgs = new UserAuthenticatedEventArgs(userInfo, userInfo.Email, loginStatus, config.DNNAuthName) //"DNN" is default, "SAML" is this one. How did it get named SAML????
{
Authenticated = true,
Message = "User authorized",
RememberMe = false
};
OnUserAuthenticated(eventArgs);
}
}
else if (Request.IsAuthenticated)
{
//if (!Response.IsRequestBeingRedirected)
// Response.Redirect(Page.ResolveUrl("~/"), false);
}
else
{
XmlDocument request = GenerateSAMLRequest();
X509Certificate2 cert = StaticHelper.GetCert(config.OurCertFriendlyName);
request = StaticHelper.SignSAMLRequest(request, cert);
LogToEventLog("DNN.Authentication.SAML.OnLoad()", string.Format("request xml {0}", request.OuterXml));
String convertedRequestXML = StaticHelper.Base64CompressUrlEncode(request);
redirectTo =
config.IdPURL +
(config.IdPURL.Contains("?") ? "&" : "?") +
"SAMLRequest=" + convertedRequestXML;
if (Request.QueryString.Count > 0)
{
redirectTo += "&RelayState=" + HttpUtility.UrlEncode(Request.Url.Query.Replace("?", "&"));
}
}
}
catch (System.Threading.ThreadAbortException tae)
{
LogToEventLog("DNN.Authentication.SAML.OnLoad(tae)", string.Format("Redirecting to {0}", redirectTo));
Response.Redirect(Page.ResolveUrl(redirectTo), false);
}
catch (Exception ex)
{
LogToEventLog("DNN.Authentication.SAML.OnLoad()", string.Format("Exception {0}", ex.Message));
redirectTo = "~/";
}
Response.Redirect(Page.ResolveUrl(redirectTo), false);
}
