/// <summary> /// Gets called on a authenication request. This method should check sessions or simmilar to verify that the user has access to the backend. /// This method should return true if the current request is authenicated or false if it's not. /// </summary> /// <param name="man">ManagerEngine reference that the plugin is assigned to.</param> /// <returns>true/false if the user is authenticated</returns> public override bool OnAuthenticate(ManagerEngine man) { HttpContext context = HttpContext.Current; HttpSessionState session = context.Session; HttpRequest request = context.Request; HttpResponse response = context.Response; ManagerConfig config = man.Config; string dir, authURL, secretKey, rootPath, data, returnURL, prefix; // Get some config values authURL = config["ExternalAuthenticator.external_auth_url"]; secretKey = config["ExternalAuthenticator.secret_key"]; prefix = config["ExternalAuthenticator.session_prefix"]; dir = Path.GetFileName(Path.GetDirectoryName(request.FilePath)); if (prefix == null) { prefix = "mcmanager_"; } // Always load the language packs if (dir == "language") { return(true); } // Check already authenticated on rpc and stream if (dir == "rpc" || dir == "stream") { if (session[prefix + "_ExternalAuthenticator"] != null && ((string)session[prefix + "_ExternalAuthenticator"]) == "true") { // Override config values foreach (string key in session.Keys) { if (key.StartsWith(prefix + "_ExternalAuthenticator.")) { config[key.Substring((prefix + "_ExternalAuthenticator.").Length)] = (string)session[key]; } } // Try create root path rootPath = man.ToAbsPath(config["filesystem.rootpath"]); if (!Directory.Exists(rootPath)) { Directory.CreateDirectory(rootPath); } // Use root path as path if (config["filesystem.path"] == "" || !PathUtils.IsChildPath(rootPath, config["filesystem.path"])) { config["filesystem.path"] = rootPath; } return(true); } } // Handle post if (request.Form["key"] != null) { data = ""; foreach (string key in request.Form.Keys) { if (key != "key") { data += request.Form[key]; } } // Check if keys match if (MD5(data + secretKey) == request.Form["key"]) { session[prefix + "_ExternalAuthenticator"] = "true"; // Store input data in session scope foreach (string key in request.Form.Keys) { string ckey = key.Replace("__", "."); // Handle PHP escaped strings session[prefix + "_ExternalAuthenticator." + ckey] = request.Form[key]; } return(true); } else { response.Write("Input data doesn't match verify that the secret keys are the same."); response.End(); return(false); } } // Build return URL returnURL = request.Url.ToString(); if (returnURL.IndexOf('?') != -1) { returnURL = returnURL.Substring(0, returnURL.IndexOf('?')); } returnURL += "?type=" + man.Prefix; // Force auth absolute authURL = new Uri(request.Url, authURL).ToString(); // Handle rpc and stream requests if (dir == "rpc" || dir == "stream") { returnURL = new Uri(request.Url, PathUtils.ToUnixPath(Path.GetDirectoryName(Path.GetDirectoryName(request.FilePath)))).ToString() + "/default.aspx?type=" + man.Prefix; config["authenticator.login_page"] = authURL + "?return_url=" + context.Server.UrlEncode(returnURL); return(false); } response.Redirect(authURL + "?return_url=" + context.Server.UrlEncode(returnURL), true); return(false); }