public string GetAuthToken(string id_token, string userAgent)
{
string strMessage = "";
Tuple <string, string> upnTid = JWTSecurityTokenHelper.ExtractUpnAndTidFromJwtToken(id_token);
if (upnTid != null)
{
ServiceUrl = ApiUrl;
var form = new Dictionary <string, string>
{
{ "grant_type", "password" },
{ "username", upnTid.Item1 },
{ "password", upnTid.Item2 },
};
bool error;
AuthenticationToken result = PostToApi <FormUrlEncodedContent, AuthenticationToken>(RMAdminAPI.GetAuthToken + "?product=" + userAgent, new FormUrlEncodedContent(form), out error);
if (error || (result == null) || (result != null && string.IsNullOrEmpty(result.access_token)))
{
return(strMessage = @"{ 'message': '" + result.error + "', 'status': '" + GlobalConstants.INVALID_TOKEN + "'}");
}
else
{
return(strMessage = @"{ 'message': 'Success', 'status': '" + result.access_token + "'}");
}
}
return(@"{ 'message': 'User email is not avaialble', 'status': '" + GlobalConstants.INVALID_TOKEN + "'}");
}
public async Task <ActionResult> Authorize(string id_token, string code, string state, string session_state, string error, string error_description)
{
_logger.Info("Authorization complete.");
AuthState authState = null;
if (state != null)
{
authState = JsonConvert.DeserializeObject <AuthState>(state);
}
if (authState == null)
{
authState = new AuthState();
}
var authContext = new AuthenticationContext(Settings.AzureADAuthority);
try
{
string authCode = code;
string idToken = id_token;
if (!string.IsNullOrEmpty(code))
{
_logger.Info("Got Id_token and authorization code");
Tuple <string, string> upnTid = JWTSecurityTokenHelper.ExtractUpnAndTidFromJwtToken(id_token);
if (upnTid != null)
{
CurrentUserName = upnTid.Item1;
}
Token apiOffice = await TokenHelper.GetAccessToken(authCode, loginRedirectUri.AbsoluteUri, Settings.GraphApiDiscovery);
if (apiOffice == null)
{
_logger.Info("failed to get token for graph api- forcing to failue authentication");
authState.authStatus = "failure";
authState.message = "Failed to get authenticate from O365";
}
else
{
var tenantUrl = await GraphDiscoveryApi.GetCurrentTenantSiteUrl(apiOffice);
GraphAPIToken = apiOffice;
string adminApiTokenDetails = _adminApi.GetAuthToken(idToken, Settings.ProductName);
// adminApiTokenDetails =
dynamic item = JsonHelper.ConvertToObject <object>(adminApiTokenDetails);
string adminApiToken = string.Empty;
string message = string.Empty;
if (item != null)
{
message = item["message"];
adminApiToken = item["status"];
}
if (string.IsNullOrEmpty(adminApiToken) || adminApiToken == GlobalConstants.INVALID_TOKEN)
{
_logger.Info("API_token is missing and forcing to failure");
authState.authStatus = "failure";
authState.message = message;
}
else
{
AdminAPIToken = adminApiToken;
AuthorizationCode = apiOffice.refresh_token;
TenantUrl = tenantUrl;
_adminApi.ApiToken = adminApiToken;
string userDetail = _adminApi.GetUserDetail(CurrentUserName);
if (userDetail != "fail")
{
CurrentUserDetail = JsonHelper.ConvertToObject <UserModel>(userDetail);
}
var claims = new List <Claim>();
claims.Add(new Claim("id_token", idToken));
var id = new ClaimsIdentity(claims, "ApplicationCookie");
HttpContext.GetOwinContext().Request.Headers.SetValues("Authorization", new string[] { "Bearer ", adminApiToken });
HttpContext.GetOwinContext().Authentication.SignIn(new AuthenticationProperties {
IsPersistent = true
}, id);
HttpCookie authCookie = new HttpCookie("ASP.NET_SessionId", Session.SessionID);
authCookie.Expires = DateTime.Now.AddMonths(1);
Response.Cookies.Add(authCookie);
return(RedirectToActionPermanent("Index", "Home", null));
}
}
}
else
{
_logger.Error($"error during login from ad {error} - {error_description}");
authState.authStatus = "failure";
authState.message = "Failed to get authenticate from O365";
}
}
catch (Exception ex)
{
_logger.Error(ex.ToString());
authState.authStatus = "failure";
authState.message = "Technical error";
}
_logger.Info($"Authentication Status: {authState.authStatus}");
await Task.FromResult(0);
TempData["ErrorLog"] = authState;
return(RedirectToActionPermanent("Error", "Login"));
}
