Example #1
0
        public async Task <ActionResult> refreshtoken(string returnUrl = "")
        {
            Console.WriteLine("Login Controller- refreshtoken");
            //Get heroku auth token
            HerokuAuthToken authToken = await HerokuApi.GetAddonAccessToken(HttpContext.GetClaimValue(Constants.HEROKU_REFRESH_TOKEN), AuthGrantType.refresh_token).ConfigureAwait(false);

            if (authToken.IsNull())
            {
                return(RedirectToAction("herokuauth", "login", new { returnUrl = HttpUtility.UrlEncode(returnUrl) }));
            }
            else
            {
                //assign current resourceId as auth_id
                authToken.auth_id = HttpContext.GetClaimValue(ClaimTypes.NameIdentifier);

                //update heroku auth token
                var partnerAuthToken = authToken.ToPartnerAuthToken();
                partnerAuthToken = _partnerAuthTokenRepository.Add(partnerAuthToken);
                if (partnerAuthToken.Resource != null)
                {
                    var claims = new List <Claim>();
                    claims.Add(new Claim(ClaimTypes.NameIdentifier, partnerAuthToken.Resource.uuid));
                    claims.Add(new Claim(ClaimTypes.Version, partnerAuthToken.Resource.plan.ToString()));
                    claims.Add(new Claim(ClaimTypes.Country, partnerAuthToken.Resource.region));
                    if (!string.IsNullOrEmpty(partnerAuthToken.Resource.user_email))
                    {
                        claims.Add(new Claim(Constants.HEROKU_USER_EMAIL, partnerAuthToken.Resource.user_email));
                    }
                    if (!string.IsNullOrEmpty(partnerAuthToken.Resource.app_name))
                    {
                        claims.Add(new Claim(Constants.HEROKU_MAIN_APP_NAME, partnerAuthToken.Resource.app_name));
                    }
                    claims.Add(new Claim(Constants.HEROKU_ACCESS_TOKEN, partnerAuthToken.access_token));
                    claims.Add(new Claim(Constants.HEROKU_REFRESH_TOKEN, partnerAuthToken.refresh_token));
                    claims.Add(new Claim(Constants.HEROKU_AUTH_USERID, partnerAuthToken.user_id));
                    if (partnerAuthToken.expires_in.HasValue)
                    {
                        claims.Add(new Claim(Constants.HEROKU_TOKEN_EXPIREDIN, partnerAuthToken.expires_in.Value.ToString()));
                    }
                    HttpContext.AddUpdateClaims(claims);
                }
            }

            //redirect to url
            if (string.IsNullOrEmpty(returnUrl) ||
                (!string.IsNullOrEmpty(returnUrl) && (returnUrl.Contains("localhost")) ||
                 !Uri.IsWellFormedUriString(returnUrl, UriKind.RelativeOrAbsolute)))
            {
                return(RedirectToAction("index", "home"));
            }
            else
            {
                //Redirect to home page
                return(Redirect(HttpUtility.UrlDecode(returnUrl)));
            }
        }
Example #2
0
        public async Task <ActionResult> Index(string returnUrl = "")
        {
            Console.WriteLine("Login Controller- Index");
            string resourceId = HttpContext.GetClaimValue(ClaimTypes.NameIdentifier);

            if (string.IsNullOrEmpty(resourceId))
            {
                TempData["httpStatusCode"] = HttpStatusCode.Unauthorized;
                TempData["errorMessage"]   = "You are not authenticated due to heroku auth token not accessed.";
                return(RedirectToAction("forbidden", "home"));
            }

            HerokuAuthToken authToken = default(HerokuAuthToken);
            OauthGrant      oathGrant = default(OauthGrant);

            var partnerAuthToken = _partnerAuthTokenRepository.Find(resourceId);

            if (partnerAuthToken == null || (partnerAuthToken != null && (partnerAuthToken.expires_in == DateTime.MinValue ||
                                                                          (partnerAuthToken.expires_in != DateTime.MinValue && partnerAuthToken.expires_in?.AddSeconds(-300) < DateTime.Now))))
            {
                oathGrant = await HerokuApi.GetOauthGrant(resourceId).ConfigureAwait(false);

                if (oathGrant.IsNull())
                {
                    TempData["httpStatusCode"] = HttpStatusCode.Unauthorized;
                    TempData["errorMessage"]   = "You are not authenticated due to heroku auth token not accessed.";
                    return(RedirectToAction("forbidden", "home"));
                }

                //update heroku auth token
                partnerAuthToken = oathGrant.ToPartnerAuthToken(resourceId);
                partnerAuthToken = _partnerAuthTokenRepository.Add(partnerAuthToken);

                //Get heroku auth token
                authToken = await HerokuApi.GetAddonAccessToken(partnerAuthToken.oauth_code, partnerAuthToken.oauth_type).ConfigureAwait(false);

                if (authToken.IsNull())
                {
                    Response.StatusCode        = (int)HttpStatusCode.Unauthorized;
                    TempData["httpStatusCode"] = HttpStatusCode.Unauthorized;
                    TempData["errorMessage"]   = "You are not authenticated due to heroku auth token not received.";
                    return(RedirectToAction("forbidden", "home"));
                }

                //assign current resourceId as auth_id
                authToken.auth_id = resourceId;
                partnerAuthToken  = authToken.ToPartnerAuthToken();
                if (partnerAuthToken != null)
                {
                    //update heroku auth token
                    partnerAuthToken = _partnerAuthTokenRepository.Add(partnerAuthToken);
                }
            }

            if (partnerAuthToken == null)
            {
                Response.StatusCode        = (int)HttpStatusCode.Unauthorized;
                TempData["httpStatusCode"] = HttpStatusCode.Unauthorized;
                TempData["errorMessage"]   = "You are not authenticated due to heroku auth token not received.";
                return(RedirectToAction("forbidden", "home"));
            }
            else if (partnerAuthToken.Resource != null)
            {
                var claims = new List <Claim>();
                claims.Add(new Claim(ClaimTypes.NameIdentifier, partnerAuthToken.Resource.uuid));
                claims.Add(new Claim(ClaimTypes.Version, partnerAuthToken.Resource.plan.ToString()));
                claims.Add(new Claim(ClaimTypes.Country, partnerAuthToken.Resource.region));
                if (!string.IsNullOrEmpty(partnerAuthToken.Resource.user_email))
                {
                    claims.Add(new Claim(Constants.HEROKU_USER_EMAIL, partnerAuthToken.Resource.user_email));
                }
                if (!string.IsNullOrEmpty(partnerAuthToken.Resource.app_name))
                {
                    claims.Add(new Claim(Constants.HEROKU_MAIN_APP_NAME, partnerAuthToken.Resource.app_name));
                }
                claims.Add(new Claim(Constants.HEROKU_ACCESS_TOKEN, partnerAuthToken.access_token));
                claims.Add(new Claim(Constants.HEROKU_REFRESH_TOKEN, partnerAuthToken.refresh_token));
                claims.Add(new Claim(Constants.HEROKU_AUTH_USERID, partnerAuthToken.user_id));
                if (partnerAuthToken.expires_in.HasValue)
                {
                    claims.Add(new Claim(Constants.HEROKU_TOKEN_EXPIREDIN, partnerAuthToken.expires_in.Value.ToString()));
                }

                HttpContext.AddUpdateClaims(claims);
            }

            //redirect to url
            if (string.IsNullOrEmpty(returnUrl) ||
                (!string.IsNullOrEmpty(returnUrl) && (returnUrl.Contains("localhost")) ||
                 !Uri.IsWellFormedUriString(returnUrl, UriKind.RelativeOrAbsolute)))
            {
                return(RedirectToAction("index", "home"));
            }
            else
            {
                //Redirect to home page
                return(Redirect(HttpUtility.UrlDecode(returnUrl)));
            }
        }
Example #3
0
        /// <summary>
        /// Action: GetAccountInfoAsync
        /// Description: It is used to get the current user name of heroku account
        /// </summary>
        /// <returns></returns>
        private async Task <string> GetAccountInfoAsync()
        {
            try
            {
                var resourceId = HttpContext.GetClaimValue(ClaimTypes.NameIdentifier);
                if (!string.IsNullOrEmpty(resourceId))
                {
                    //validate account by resource id
                    var resources = _resourcesRepository.Find(resourceId);
                    if (resources != null)
                    {
                        //Update name/email in resource table based on resource-id if null
                        if (string.IsNullOrEmpty(resources.user_organization) || string.IsNullOrEmpty(resources.user_name) || string.IsNullOrEmpty(resources.user_email))
                        {
                            //Get heroku auth token
                            var herokuAuthToken = HttpContext.GetClaimValue(Constants.HEROKU_ACCESS_TOKEN);
                            if (!string.IsNullOrEmpty(herokuAuthToken))
                            {
                                if (string.IsNullOrEmpty(resources.user_email) || string.IsNullOrEmpty(resources.app_name))
                                {
                                    //Get app info using heroku api
                                    var appInfo = HerokuApi.GetVendorAppInfoByResourceId(resources.uuid);
                                    if (!appInfo.IsNull())
                                    {
                                        if (string.IsNullOrEmpty(resources.app_name))
                                        {
                                            resources.app_name = appInfo.name;
                                        }

                                        if (string.IsNullOrEmpty(resources.user_email))
                                        {
                                            resources.user_email = appInfo.owner_email;
                                        }
                                    }
                                }

                                if (!string.IsNullOrEmpty(resources.app_name) && string.IsNullOrEmpty(resources.user_organization))
                                {
                                    //Get app info using heroku api
                                    var appInfo = HerokuApi.GetAppInfo(resources.app_name, herokuAuthToken);
                                    if (!appInfo.IsNull())
                                    {
                                        if (string.IsNullOrEmpty(resources.user_organization) && appInfo.organization.HasValue)
                                        {
                                            resources.user_organization = ((AppOrganization)appInfo.organization).name;
                                        }
                                    }
                                }

                                if (string.IsNullOrEmpty(resources.user_name))
                                {
                                    //Get username using heroku api
                                    var accInfo = HerokuApi.GetAccountInfo(herokuAuthToken);
                                    if (!accInfo.IsNull())
                                    {
                                        //Assign user name
                                        resources.user_name = accInfo.name;
                                    }
                                }

                                //Update user organization/name/email
                                _resourcesRepository.Update(resources);
                            }
                        }

                        var claims = new List <Claim>();
                        if (!string.IsNullOrEmpty(resources.user_name) && HttpContext.GetClaimValue(ClaimTypes.Name) != resources.user_name)
                        {
                            claims.Add(new Claim(ClaimTypes.Name, resources.user_name));
                        }
                        if (!string.IsNullOrEmpty(resources.user_email) && HttpContext.GetClaimValue(ClaimTypes.Email) != resources.user_email)
                        {
                            claims.Add(new Claim(ClaimTypes.Email, resources.user_email));
                        }

                        if (claims != null && claims.Count > 0)
                        {
                            HttpContext.AddUpdateClaims(claims);
                        }

                        return(await Task.FromResult(HttpContext.GetClaimValue(ClaimTypes.Name)));
                    }
                }
            }
            catch (Exception ex)
            {
                if (Environment.GetEnvironmentVariable("ASPNETCORE_ENVIRONMENT") == Environments.Development)
                {
                    _logger.LogError(ex.Message, ex);
                }
                else
                {
                    Console.WriteLine("ERROR: {0}", ex.Message);
                }
            }

            return(await Task.FromResult(string.Empty));
        }