public async Task <AltinnCore.RepositoryClient.Model.User> GetCurrentUser(string giteaSession)
{
AltinnCore.RepositoryClient.Model.User user = null;
DataContractJsonSerializer serializer = new DataContractJsonSerializer(typeof(AltinnCore.RepositoryClient.Model.User));
Uri giteaUrl = null;
Cookie cookie = null;
// TODO: Figure out how appsettings.json parses values and merges with environment variables and use these here
// Since ":" is not valid in environment variables names in kubernetes, we can't use current docker-compose environment variables
if (Environment.GetEnvironmentVariable("GiteaApiEndpoint") != null && Environment.GetEnvironmentVariable("GiteaEndpoint") != null)
{
giteaUrl = new Uri(Environment.GetEnvironmentVariable("GiteaApiEndpoint") + "/user");
cookie = new Cookie(_settings.GiteaCookieName, giteaSession, "/", Environment.GetEnvironmentVariable("GiteaEndpoint"));
}
else
{
giteaUrl = new Uri(_settings.ApiEndPoint + "/user");
cookie = new Cookie(_settings.GiteaCookieName, giteaSession, "/", _settings.ApiEndPointHost);
}
CookieContainer cookieContainer = new CookieContainer();
cookieContainer.Add(cookie);
HttpClientHandler handler = new HttpClientHandler()
{
CookieContainer = cookieContainer
};
using (HttpClient client = new HttpClient(handler))
{
var response = client.GetAsync(giteaUrl);
if (response.Result.StatusCode == System.Net.HttpStatusCode.OK)
{
Stream stream = await response.Result.Content.ReadAsStreamAsync();
user = serializer.ReadObject(stream) as AltinnCore.RepositoryClient.Model.User;
}
else if (response.Result.StatusCode == System.Net.HttpStatusCode.Forbidden ||
response.Result.StatusCode == System.Net.HttpStatusCode.Unauthorized)
{
// User is not logged in.
return(null);
}
else
{
// Will cause an exception Temporary workaround
Stream stream = await response.Result.Content.ReadAsStreamAsync();
user = serializer.ReadObject(stream) as AltinnCore.RepositoryClient.Model.User;
}
}
return(user);
}
/// <summary>
/// the default page for altinn studio when the user is not logged inn
/// </summary>
/// <returns></returns>
public ActionResult StartPage()
{
string sessionId = Request.Cookies[_settings.GiteaCookieName];
AltinnCore.RepositoryClient.Model.User user = _giteaApi.GetCurrentUser(sessionId).Result;
if (user == null)
{
return(View("StartPage"));
}
return(this.RedirectToAction("Index", "Home"));
}
public async Task <IActionResult> Login()
{
string userName = "******";
string goToUrl = "/";
if (_settings.ForceGiteaAuthentication)
{
// Temporary catch errors until we figure out how to force this.
try
{
string sessionId = Request.Cookies[_settings.GiteaCookieName];
AltinnCore.RepositoryClient.Model.User user = _giteaApi.GetCurrentUser(sessionId).Result;
if (user == null)
{
if (Environment.GetEnvironmentVariable("GiteaLoginEndpoint") != null)
{
return(Redirect(Environment.GetEnvironmentVariable("GiteaLoginEndpoint")));
}
return(Redirect(_settings.GiteaLoginUrl));
}
userName = user.Login;
}
catch (Exception ex)
{
return(Content(ex.ToString()));
}
}
List <Claim> claims = new List <Claim>();
const string Issuer = "https://altinn.no";
claims.Add(new Claim(AltinnCoreClaimTypes.Developer, userName, ClaimValueTypes.String, Issuer));
ClaimsIdentity identity = new ClaimsIdentity("TestUserLogin");
identity.AddClaims(claims);
ClaimsPrincipal principal = new ClaimsPrincipal(identity);
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, principal,
new AuthenticationProperties
{
ExpiresUtc = DateTime.UtcNow.AddMinutes(200),
IsPersistent = false,
AllowRefresh = false
});
return(LocalRedirect(goToUrl));
}
/// <inheritdoc/>
public async Task <AltinnCore.RepositoryClient.Model.User> GetCurrentUser()
{
AltinnCore.RepositoryClient.Model.User user = null;
DataContractJsonSerializer serializer = new DataContractJsonSerializer(typeof(AltinnCore.RepositoryClient.Model.User));
Uri endpointUrl = new Uri(GetApiBaseUrl() + "/user");
using (HttpClient client = GetApiClient())
{
HttpResponseMessage response = await client.GetAsync(endpointUrl);
if (response.StatusCode == System.Net.HttpStatusCode.OK)
{
Stream stream = await response.Content.ReadAsStreamAsync();
user = serializer.ReadObject(stream) as AltinnCore.RepositoryClient.Model.User;
}
else
{
_logger.LogError("User " + AuthenticationHelper.GetDeveloperUserName(_httpContextAccessor.HttpContext) + " Get current user failed with statuscode " + response.StatusCode);
}
}
return(user);
}
