public HttpResponseMessage <LoginResult> SigninSoftwarePlatform_Post([FromBody] JsonLoginCredential jsonLoginCredential)
{
return(SigninSoftwarePlatform(jsonLoginCredential));
}
/// <summary>
/// Signs a software platform user into the system.
/// </summary>
/// <param name="jsonLoginCredential">The json login credential.</param>
/// <returns></returns>
private HttpResponseMessage <LoginResult> SigninSoftwarePlatform(JsonLoginCredential jsonLoginCredential)
{
var userAgent = Request?.Headers?.UserAgent?.ToString();
try
{
using (new SecurityBypassContext( ))
{
try
{
UserAccountValidator.Authenticate(jsonLoginCredential.Username, jsonLoginCredential.Password,
jsonLoginCredential.Tenant, true);
}
catch (ArgumentException ex)
{
throw new InvalidCredentialException("Invalid user name, password or tenant", ex);
}
RequestContext context = ReadiNow.IO.RequestContext.GetContext( );
RequestContextData contextData;
UserAccount account = ReadiNow.Model.Entity.Get <UserAccount>(context.Identity.Id, true);
if (account != null)
{
/////
// If we are in integration test mode, update the test authorization info.
/////
if (TestAuthorization.IsEnabled)
{
TestAuthorization.Instance.SetTokenIdentifier(context.Tenant.Id, WellKnownAliases.CurrentTenant.ReadiNowIdentityProviderInstance, account.Name);
}
// Update cache
contextData = Factory.IdentityProviderRequestContextCache.GetRequestContextData(ReadiNow.IO.RequestContext.TenantId, WellKnownAliases.CurrentTenant.ReadiNowIdentityProviderInstance, jsonLoginCredential.Username, true);
}
else
{
throw new InvalidOperationException("No UserAccount found.");
}
ReadiNowIdentityProvider identityProvider = ReadiNow.Model.Entity.Get <ReadiNowIdentityProvider>(WellKnownAliases.CurrentTenant.ReadiNowIdentityProviderInstance);
if (!(identityProvider.IsProviderEnabled ?? true))
{
throw new AuthenticationException("The identity provider is not enabled.");
}
contextData.Identity.IdentityProviderTypeAlias = LoginConstants.ReadiNowIdentityProviderTypeAlias;
CookieHelper.CreateAuthenticationAndXsrfCookies(ReadiNow.IO.RequestContext.TenantId, WellKnownAliases.CurrentTenant.ReadiNowIdentityProviderInstance, jsonLoginCredential.Username, account.Id, jsonLoginCredential.Persistent);
AuditLogInstance.Get().OnLogon(true, jsonLoginCredential.Username, userAgent);
return(new HttpResponseMessage <LoginResult>(GetSuccessfulLoginResult(contextData, account.Id), HttpStatusCode.OK));
}
}
catch (Exception exc)
{
if (ReadiNow.IO.RequestContext.IsSet)
{
AuditLogInstance.Get().OnLogon(false, jsonLoginCredential.Username, userAgent);
}
EventLog.Application.WriteWarning("Software Platform login error. Username: {0}, Tenant: {1}. {2}", jsonLoginCredential.Username ?? "<null>", jsonLoginCredential.Tenant ?? "<null>", exc.Message);
throw; // rely on the ExceptionFilter to handle it.
}
}