Example #1
0
        protected void Page_Load(object sender, EventArgs e)
        {
            string token = string.Empty;

            try
            {
                token = Session["access_token"].ToString();
            }
            catch
            {
                //not authenticated; browser will invoke oidc signin-redirect to SIS
            }

            if (token != string.Empty)
            {
                var jwttoken = SynapseHelpers.DecodeJWTToken(token);

                if (!(jwttoken is JwtSecurityToken))
                {
                    Response.Redirect("SessionExpired.aspx");
                }

                if (((JwtSecurityToken)jwttoken).ValidTo <= DateTime.Now)
                {
                    Response.Redirect("Logout.aspx");
                }

                string returnURL = "Default.aspx";
                try
                {
                    returnURL = Request.Cookies[Session["SynapseUser_UserID"].ToString().ToLower() + "_SynapseStudio_ReturnURL"].Value.ToString();;
                }
                catch { }

                Response.Redirect(returnURL);
            }
            else
            { //not authenticated; Do Nothing. Browser will invoke oidc signin-redirect to SIS
            }
        }
Example #2
0
        protected void btnPostback_Click(object sender, EventArgs e)
        {
            Session["access_token"] = hTkn.Value;
            //Response.Redirect("Login.aspx");

            string token = string.Empty;

            try
            {
                token = Session["access_token"].ToString();
            }
            catch
            {
                //not authenticated; browser will invoke oidc signin-redirect to SIS
            }

            if (token != string.Empty)
            {
                string IPAddress = "";
                try
                {
                    IPAddress = GetIPAddress();
                }
                catch { }


                var jwttoken = SynapseHelpers.DecodeJWTToken(token);

                if (!(jwttoken is JwtSecurityToken))
                {
                    recordFailedLoginAttempt("-1", IPAddress, "unknown");
                    Response.Redirect("Logout.aspx");
                }

                if (((JwtSecurityToken)jwttoken).ValidTo <= DateTime.UtcNow)
                {
                    Response.Redirect("Logout.aspx");
                }


                if (((JwtSecurityToken)jwttoken).Claims.Count() > 1)
                {
                    var winAccNameClaim = ((JwtSecurityToken)jwttoken).Claims.Where(x => x.Type.ToLower() == "ipuid").FirstOrDefault();
                    var userFullName    = ((JwtSecurityToken)jwttoken).Claims.Where(x => x.Type.ToLower() == "name").FirstOrDefault();
                    if (((JwtSecurityToken)jwttoken).Claims.Where(x => x.Type.ToLower() == "idp").FirstOrDefault().Value == "local")
                    {
                        winAccNameClaim = ((JwtSecurityToken)jwttoken).Claims.Where(x => x.Type.ToLower() == "email").FirstOrDefault();
                    }

                    if (winAccNameClaim == null && string.IsNullOrWhiteSpace(winAccNameClaim.Value))
                    {
                        recordFailedLoginAttempt("-1", IPAddress, "Studio");
                        Response.Redirect("Logout.aspx");
                    }
                    else
                    {
                        Session["SynapseUser_UserID"] = winAccNameClaim.Value;
                    }

                    if (userFullName != null)
                    {
                        if (userFullName.Value.Split(' ').Length > 1)
                        {
                            string firstName = userFullName.Value.Replace(",", "").Split(' ')[1];
                            string lastName  = userFullName.Value.Replace(",", "").Split(' ')[0];

                            Session["userFullName"] = firstName + " " + lastName;
                        }
                        else
                        {
                            Session["userFullName"] = userFullName.Value;
                        }
                    }
                    else
                    {
                        recordFailedLoginAttempt("-1", IPAddress, "Studio");
                        Response.Redirect("Logout.aspx");
                    }



                    string returnURL = "Default.aspx";
                    try
                    {
                        returnURL = Request.Cookies[Session["SynapseUser_UserID"].ToString().ToLower() + "_SynapseStudio_ReturnURL"].Value.ToString();;
                    }
                    catch { }

                    recordSuccessfulLoginAttempt("0", winAccNameClaim.Value, IPAddress, "Studio");
                    Response.Redirect(returnURL);
                }
            }
        }
        public async Task <IActionResult> Index(string access_token, string code)
        {
            //if (User.Identity.IsAuthenticated)
            //{
            //    string accessToken =  await HttpContext.GetTokenAsync("access_token");
            //    string idToken = await  HttpContext.GetTokenAsync("id_token");

            //    // Now you can use them. For more info on when and how to use the
            //    // access_token and id_token, see https://auth0.com/docs/tokens
            //}
            string token = await HttpContext.GetTokenAsync("id_token");

            string accessToken = await HttpContext.GetTokenAsync("access_token");

            HttpContext.Session.SetString("access_token", accessToken);
            var jwttoken = SynapseHelpers.DecodeJWTToken(accessToken);

            //if (!(jwttoken is JwtSecurityToken))
            //{
            //    recordFailedLoginAttempt("-1", IPAddress, "unknown");
            //    Response.Redirect("Logout.aspx");
            //}

            //if (((JwtSecurityToken)jwttoken).ValidTo <= DateTime.UtcNow)
            //{
            //    return RedirectToAction("Logout");
            //}

            if (((JwtSecurityToken)jwttoken).Claims.Count() > 1)
            {
                var winAccNameClaim = ((JwtSecurityToken)jwttoken).Claims.Where(x => x.Type.ToLower() == "ipuid").FirstOrDefault();
                var userFullName    = ((JwtSecurityToken)jwttoken).Claims.Where(x => x.Type.ToLower() == "name").FirstOrDefault();
                if (((JwtSecurityToken)jwttoken).Claims.Where(x => x.Type.ToLower() == "idp").FirstOrDefault().Value == "local")
                {
                    winAccNameClaim = ((JwtSecurityToken)jwttoken).Claims.Where(x => x.Type.ToLower() == "email").FirstOrDefault();
                }

                HttpContext.Session.SetString(SynapseSession.IsPharamacist,
                                              ((JwtSecurityToken)jwttoken).Claims.Any(x => string.Compare(x.Type, "synapseroles", true) == 0 &&
                                                                                      string.Compare(x.Value, "pharmacist", true) == 0).ToString());

                if (winAccNameClaim == null && string.IsNullOrWhiteSpace(winAccNameClaim.Value))
                {
                    //recordFailedLoginAttempt("-1", IPAddress, "Studio");
                    return(RedirectToAction("Logout"));
                }
                else
                {
                    HttpContext.Session.SetString(SynapseSession.UserID, winAccNameClaim.Value);
                }

                if (userFullName != null)
                {
                    if (userFullName.Value.Split(' ').Length > 1)
                    {
                        string firstName = userFullName.Value.Replace(",", "").Split(' ')[1];
                        string lastName  = userFullName.Value.Replace(",", "").Split(' ')[0];
                        HttpContext.Session.SetString(SynapseSession.FullName, firstName + " " + lastName);
                    }
                    else
                    {
                        HttpContext.Session.SetString(SynapseSession.FullName, userFullName.Value);
                    }
                }
                else
                {
                    //recordFailedLoginAttempt("-1", IPAddress, "Studio");
                    return(RedirectToAction("Logout"));
                }

                return(RedirectToAction("Index", "Home"));
            }
            //return RedirectToAction("Index", "Home");
            return(RedirectToAction("Logout"));
        }