Ejemplo n.º 1
0
        public bool LoginIntent(AuthenticationConclusion conc)
        {
            var idp = (AS)SVX.VProgram_API.GetParticipant(idpParticipantId);

            SVX.VProgram_API.AssumeTrustedServer(idp.SVX_Principal);
            SVX.VProgram_API.AssumeTrustedServer(SVX_Principal);
            SVX.VProgram_API.AssumeTrustedBrowser(conc.channel);

            return(idp.Ghost_CheckSignedIn(SVX.VProgram_API.Owner(conc.channel), conc.userProfile.UserID));
        }
Ejemplo n.º 2
0
        public bool LoginSafety(AuthenticationConclusion conc)
        {
            var idp = (AS)SVX.VProgram_API.GetParticipant(idpParticipantId);
            var idpUserPrincipal = GenericAuthStandards.GetIdPUserPrincipal(idp.SVX_Principal, conc.userProfile.UserID);

            SVX.VProgram_API.AssumeTrustedServer(idp.SVX_Principal);
            SVX.VProgram_API.AssumeTrustedServer(SVX_Principal);
            SVX.VProgram_API.AssumeTrusted(idpUserPrincipal);
            // bool x = SVX.VProgram_API.ActsFor(conc.authenticatedClient, idp.SVX_Principal);
            // bool y = SVX.VProgram_API.ActsFor(conc.authenticatedClient, SVX_Principal);
            return(SVX.VProgram_API.ActsFor(conc.channel, idpUserPrincipal));
        }
Ejemplo n.º 3
0
        public async Task AuthenticationDone(AuthenticationConclusion conclusion, SVAuthRequestContext context)
        {
            if (context.channel != conclusion.channel)
            {
                throw new Exception("Attempt to apply an AuthenticationConclusion to the wrong channel.");
            }

            if (!BypassCertification)
            {
                SVX.SVX_Ops.Certify(conclusion, LoginSafety, idpParticipantId);
                SVX.SVX_Ops.Certify(conclusion, LoginIntent, idpParticipantId);
            }
            await Utils.AbandonAndCreateSessionAsync(conclusion, context);
        }
Ejemplo n.º 4
0
        public static async Task LocalAbandonAndCreateSessionAsync(GenericAuth.AuthenticationConclusion conclusion, SVAuthRequestContext context)
        {
            Console.WriteLine(JsonConvert.SerializeObject(conclusion.userProfile));
            //return;

            string createSessionEndpoint =
                Config.config.internalPlatformRootUrl +
                "CreateNewSession." + Config.config.WebAppSettings.platform.fileExtension;

            var abandonSessionRequest = new HttpRequestMessage(HttpMethod.Post, createSessionEndpoint);

            abandonSessionRequest.Headers.Add("Cookie",
                                              Config.config.WebAppSettings.platform.sessionCookieName + "=" + context.http.Request.Cookies[Config.config.WebAppSettings.platform.sessionCookieName] + ";");

            HttpResponseMessage abandonSessionResponse = await PerformHttpRequestAsync(abandonSessionRequest);

            Trace.Write("Abandoned session");

            var createSessionRequest = new HttpRequestMessage(HttpMethod.Post, createSessionEndpoint);

            createSessionRequest.Headers.Add("Cookie", "");
            createSessionRequest.Content = ObjectToUrlEncodedContent(conclusion.userProfile);
            HttpResponseMessage createSessionResponse = await PerformHttpRequestAsync(createSessionRequest);

            Trace.Write("Created session");

            var setcookie = createSessionResponse.Headers.GetValues("Set-Cookie");

            // HTTP request and response data structures are subtly different between the HTTP client and server libraries...
            // What we really want is "add another Set-Cookie value, creating
            // the header if it doesn't exist yet".  For now, just try to create
            // the header, and we'll get an exception if there was already one
            // (e.g., for the SVAuthSessionID, which shouldn't normally be set
            // in the same response).
            context.http.Response.Headers.Add("Set-Cookie", setcookie.ToArray());

            string redir_url = context.http.Request.Cookies["LandingUrl"];

            //Console.WriteLine("LandingUrl="+ redir_url);
            if (redir_url == null || redir_url == "")
            {
                Microsoft.Extensions.Primitives.StringValues referer;
                context.http.Request.Headers.TryGetValue("referer", out referer);
                redir_url = System.Net.WebUtility.UrlDecode(referer);
                Console.WriteLine("referer=" + redir_url);
            }
            context.http.Response.StatusCode = 303;
            context.http.Response.Redirect(redir_url);
        }
Ejemplo n.º 5
0
        public static void RemoteAbandonAndCreateSessionAsync(GenericAuth.AuthenticationConclusion conclusion, SVAuthRequestContext context)
        {
            string agentscope = Config.config.AgentSettings.agentScope.ToLower();

            if (agentscope != "*" && !context.concdst.ToLower().EndsWith(agentscope))
            {
                throw new Exception("This agent is not allowed to serve the host " + context.concdst);
            }
            string SerializedUserProfile = JsonConvert.SerializeObject(conclusion.userProfile);

            Console.WriteLine(SerializedUserProfile);
            string conckey = context.conckey;

            UTF8Encoding utf8 = new UTF8Encoding();

            byte[] key           = utf8.GetBytes(conckey).Take <byte>(256 / 8).ToArray <byte>();
            byte[] IV            = utf8.GetBytes(conckey).Take <byte>(128 / 8).ToArray <byte>();
            byte[] encrypted     = EncryptStringToBytes_Aes(SerializedUserProfile, key, IV);
            string encrypted_str = BitConverter.ToString(encrypted).Replace("-", "");

            int pos = context.concdst.IndexOf('?');

            if (pos < 1)
            {
                throw new Exception("platform info is missing in the concdst string");
            }
            string platform  = context.concdst.Substring(pos + 1);
            string concdst   = context.concdst.Replace("?", "/SVAuth/adapters/");
            string redir_url =
                concdst + "/RemoteCreateNewSession." + platform +
                "?encryptedUserProfile=" + encrypted_str;

            //tmp
            //redir_url += "&conckey=" + context.http.Request.Query["conckey"] + "&userProfile=" + SerializedUserProfile; ;
            context.http.Response.StatusCode = 303;
            context.http.Response.Redirect(redir_url);
        }