/// <summary>
/// Checks the user's logged in state.
/// </summary>
/// <param name="tokenManager">TokenManager instance.</param>
/// <param name="portalPrincipal">PortalPrincipal of the user to check.</param>
/// <param name="tokenheadAndPayload">The token head and payload value got from the client.</param>
/// <exception cref="UnauthorizedAccessException">Thrown when the access token is invalid or unavailable.</exception>
private void AssertUserHasNotLoggedOut(TokenManager tokenManager, PortalPrincipal portalPrincipal, string tokenheadAndPayload)
{
if (UserHasLoggedOut(tokenManager, portalPrincipal, tokenheadAndPayload))
{
throw new UnauthorizedAccessException("Invalid access token.");
}
}
private static void SetApplicationUser(HttpApplication application, string authenticationType)
{
if (application.User == null || !application.User.Identity.IsAuthenticated)
{
var visitor = User.Visitor;
MembershipExtenderBase.Extend(visitor);
var visitorPrincipal = new PortalPrincipal(visitor);
application.Context.User = visitorPrincipal;
}
else
{
string domain, username, fullUsername;
fullUsername = application.User.Identity.Name;
int slashIndex = fullUsername.IndexOf('\\');
if (slashIndex < 0)
{
domain = string.Empty;
username = fullUsername;
}
else
{
domain = fullUsername.Substring(0, slashIndex);
username = fullUsername.Substring(slashIndex + 1);
}
User user = null;
if (authenticationType == "Windows")
{
var widentity = application.User.Identity as WindowsIdentity; // get windowsidentity object before elevation
using (new SystemAccount())
{
// force relational engine here, because index doesn't exist install time
user = User.Load(domain, username, ExecutionHint.ForceRelationalEngine);
if (user != null)
{
user.WindowsIdentity = widentity;
}
// create non-existing installer user
if (user == null && !string.IsNullOrEmpty(domain) && !string.IsNullOrEmpty(username))
{
application.Application.Add("SNInstallUser", fullUsername);
if (PortalContext.Current != null &&
PortalContext.Current.Site != null &&
Group.Administrators.Members.Count() == 1)
{
user = User.RegisterUser(fullUsername);
}
}
}
if (user != null)
{
AccessProvider.Current.SetCurrentUser(user);
}
}
else
{
// if forms AD auth and virtual AD user is configured
// load virtual user properties from AD
var ADProvider = DirectoryProvider.Current;
if (ADProvider != null)
{
if (ADProvider.IsVirtualADUserEnabled(domain))
{
var virtualUserPath = "/Root/IMS/BuiltIn/Portal/VirtualADUser";
using (new SystemAccount())
{
user = Node.LoadNode(virtualUserPath) as User;
}
if (user != null)
{
user.SetProperty("Domain", domain);
user.Enabled = true;
ADProvider.SyncVirtualUserFromAD(domain, username, user);
}
}
else
{
using (new SystemAccount())
{
user = User.Load(domain, username);
}
}
}
else
{
using (new SystemAccount())
{
user = User.Load(domain, username);
}
}
}
// Current user will be the Visitor if the resolved user is not available
if (user == null || !user.Enabled)
{
user = User.Visitor;
}
MembershipExtenderBase.Extend(user);
var appUser = new PortalPrincipal(user);
application.Context.User = appUser;
}
}
/// <summary>
/// Tells if the user has been logged out.
/// </summary>
/// <param name="tokenManager">TokenManager instance.</param>
/// <param name="portalPrincipal">Loaded PortalPrincipal of the user to check.</param>
/// <param name="tokenheadAndPayload">The token head and payload value got from the client.</param>
private bool UserHasLoggedOut(TokenManager tokenManager, PortalPrincipal portalPrincipal, string tokenheadAndPayload)
{
var lastLoggedOut = (portalPrincipal?.Identity as IUser)?.LastLoggedOut;
return(lastLoggedOut.HasValue && DateTime.Compare(lastLoggedOut.GetValueOrDefault(), TokenCreationTime(tokenManager, tokenheadAndPayload)) > 0);
}
/// <summary>
/// Tells if the user has been logged out.
/// </summary>
/// <param name="tokenManager">TokenManager instance.</param>
/// <param name="userName">Name of the user to check.</param>
/// <param name="tokenheadAndPayload">the token head and payload value got from the client.</param>
/// <param name="portalPrincipal">Loaded PortalPrincipal of the user.</param>
private bool UserHasLoggedOut(TokenManager tokenManager, string userName, string tokenheadAndPayload, out PortalPrincipal portalPrincipal)
{
using (AuthenticationHelper.GetSystemAccount())
{
portalPrincipal = _logoutExecutor.LoadPortalPrincipalForLogout(userName);
}
return(UserHasLoggedOut(tokenManager, portalPrincipal, tokenheadAndPayload));
}
public AuthorizeEventArgs(PortalPrincipal user)
{
this._user = user;
}