public SsoAuthorizationDTO ValidateAndGetUserAuthorizations(SsoAuthenticationDTO sso) { var authorization = new SsoAuthorizationDTO { IsValid = false }; try { if (string.IsNullOrEmpty(sso.EncriptedAppCode) || string.IsNullOrEmpty(sso.EncriptedLogin)) { throw new ServiceException(CommonExceptionType.ParameterException, "EncriptedAppCode and EncriptedLogin"); } var appCode = CryptographHelper.RijndaelDecrypt(sso.EncriptedAppCode, CommonConsts.CommonPassword); var login = CryptographHelper.RijndaelDecrypt(sso.EncriptedLogin, CommonConsts.CommonPassword); var userFilter = new UserFilterDTO { Login = login, LoadProfiles = true }; //Get user data var worker = GetWorker(userFilter); //Validates user password if its a SSO user worker.ValidateUserCredential(sso.EncriptedPassword); //Get worker related apps filtered by AppCode worker.Applications = GetUserApplications(userFilter, new ApplicationFilterDTO { ApplicationCode = appCode, LoadTranslations = true, LanguageCultureName = sso.LanguageCultureName }); //Transforms user permissions to claims identity authorization.Claims = worker.GetClaims(); authorization.IsValid = (!worker.Validation.HasErrors && authorization.Claims.Count > 0); } catch (ServiceException ex) { //Suppress validations exceptions and returns an empty authorization } catch (Exception ex) { LogHelper.ExceptionAndThrow(ex); } return(authorization); }
/// <summary> /// Validates user using Windows or Forms authentication /// </summary> private bool ValidateUserCredentialAndGetClaims(LoginModel login) { //If its an signout action don´t get user data if (_ssoSigninSignout.RequestAction == SsoRequestParameter.WsSignOut.GetDescription()) { return(true); } //Encripts user data and password for forms authentication if (!string.IsNullOrEmpty(login.Username) && !string.IsNullOrEmpty(login.Password)) { login.Username = CryptographHelper.RijndaelEncrypt(login.Username, CommonFrameworkResource.CommonFrameworkPassword.GetDescription()); login.Password = CryptographHelper.RijndaelEncrypt(login.Password, CommonFrameworkResource.CommonFrameworkPassword.GetDescription()); } var sso = new SsoAuthenticationDTO { EncriptedLogin = login.Username, EncriptedPassword = login.Password, LanguageCultureName = Thread.CurrentThread.CurrentCulture.Name.ToUpper(), }; var userIdentity = ssoService.ValidateUserAndGetClaims(sso); var userIsValid = (userIdentity != default(ClaimsIdentity) && userIdentity.IsAuthenticated); //Adds returned Claims Principal to SSO object if (userIsValid) { _ssoSigninSignout.ClaimsUser = new ClaimsPrincipal(new ClaimsIdentityCollection { userIdentity }); } return(userIsValid); }