/// <summary>
        /// Gets ReturnURL set by administrator or taken from query string
        /// </summary>
        /// <returns>
        /// ReturnURL to redirect or empty string
        /// </returns>
        protected string GetReturnURL(LoginFormViewModel input, HttpContextBase context)
        {
            string redirectUrl = string.Empty;

            if (this.LoginRedirectPageId.HasValue)
            {
                //Get redirectUrl set by administrator. The value is not validated.
                redirectUrl = this.GetPageUrl(this.LoginRedirectPageId);
            }
            else
            {
                //Get redirectUrl from query string parameter
                string redirectUrlFromQS;
                this.TryResolveUrlFromUrlReferrer(context, out redirectUrlFromQS);
                if (!string.IsNullOrWhiteSpace(redirectUrlFromQS))
                {
                    //validates whether the redirectUrl is allowed in the relying parties.
                    byte[] key;
                    if (SWTIssuer.TryGetRelyingPartyKey(redirectUrlFromQS, out key))
                    {
                        redirectUrl = redirectUrlFromQS;
                    }
                }
            }

            return(redirectUrl);
        }
        public virtual LoginFormViewModel Authenticate(LoginFormViewModel input, HttpContextBase context)
        {
            input.LoginError = false;

            if (Config.Get <SecurityConfig>().AuthenticationMode == SecConfig.AuthenticationMode.Claims)
            {
                var owinContext         = context.Request.GetOwinContext();
                var challengeProperties = ChallengeProperties.ForLocalUser(input.UserName, input.Password, this.MembershipProvider, input.RememberMe, context.Request.Url.ToString());
                challengeProperties.RedirectUri = this.GetReturnURL(context);
                owinContext.Authentication.Challenge(challengeProperties, ClaimsManager.CurrentAuthenticationModule.STSAuthenticationType);
            }
            else
            {
                User user;
                UserLoggingReason result = SecurityManager.AuthenticateUser(
                    this.MembershipProvider,
                    input.UserName,
                    input.Password,
                    input.RememberMe,
                    out user);

                if (result != UserLoggingReason.Success)
                {
                    input.LoginError = true;
                }
                else
                {
                    input.RedirectUrlAfterLogin = this.GetReturnURL(context);
                }
            }

            return(input);
        }
        /// <inheritDoc/>
        public virtual LoginFormViewModel GetLoginFormViewModel()
        {
            var viewModel = new LoginFormViewModel();

            this.InitializeLoginViewModel(viewModel);
            return(viewModel);
        }
        /// <inheritDoc/>
        public virtual void InitializeLoginViewModel(LoginFormViewModel viewModel)
        {
            if (viewModel != null)
            {
                viewModel.ServiceUrl             = this.ServiceUrl;
                viewModel.MembershipProvider     = this.MembershipProvider;
                viewModel.RedirectUrlAfterLogin  = this.GetPageUrl(this.LoginRedirectPageId);
                viewModel.RegisterPageUrl        = this.GetPageUrl(this.RegisterRedirectPageId);
                viewModel.ShowRegistrationLink   = this.RegisterRedirectPageId.HasValue;
                viewModel.ShowForgotPasswordLink = this.AllowResetPassword && (this.EnablePasswordReset || this.EnablePasswordRetrieval) && this.AreSmtpSettingsSet;
                viewModel.Realm          = ClaimsManager.CurrentAuthenticationModule.GetRealm();
                viewModel.CssClass       = this.CssClass;
                viewModel.ShowRememberMe = this.ShowRememberMe;

                if (!string.IsNullOrEmpty(this.serializedExternalProviders))
                {
                    var externalProviders         = JsonSerializer.DeserializeFromString <Dictionary <string, string> >(this.serializedExternalProviders);
                    var availableProviders        = ClaimsManager.CurrentAuthenticationModule.ExternalAuthenticationProviders.Where(x => x.Enabled == true && !string.IsNullOrEmpty(x.Title)).Select(x => x.Title).ToList();
                    var filteredExternalProviders = externalProviders.Where(x => availableProviders.Contains(x.Key));
                    viewModel.ExternalProviders = new Dictionary <string, string>();
                    foreach (var kv in filteredExternalProviders)
                    {
                        viewModel.ExternalProviders.Add(kv.Key, kv.Value);
                    }
                }
            }
        }
Example #5
0
        public virtual LoginFormViewModel Authenticate(LoginFormViewModel input, HttpContextBase context)
        {
            input.LoginError = false;

            if (Config.Get <SecurityConfig>().AuthenticationMode == SecConfig.AuthenticationMode.Claims)
            {
                var owinContext = context.Request.GetOwinContext();

                string errorRedirectUrl;

                if (context.Request.UrlReferrer?.AbsoluteUri != null)
                {
                    errorRedirectUrl = context.Request.UrlReferrer.AbsoluteUri;

                    var param = context.Request.Params[MvcControllerProxy.ControllerKey];

                    if (param != null)
                    {
                        var uriBuilder = new UriBuilder(errorRedirectUrl);
                        var query      = HttpUtility.ParseQueryString(uriBuilder.Query);
                        query[LoginControllerKey] = param;
                        uriBuilder.Query          = query.ToString();

                        errorRedirectUrl = uriBuilder.ToString();
                    }
                }
                else
                {
                    errorRedirectUrl = context.Request.Url.ToString();
                }

                var challengeProperties = ChallengeProperties.ForLocalUser(input.UserName, input.Password, this.MembershipProvider, input.RememberMe, errorRedirectUrl);
                challengeProperties.RedirectUri = this.GetReturnURL(context);
                owinContext.Authentication.Challenge(challengeProperties, ClaimsManager.CurrentAuthenticationModule.STSAuthenticationType);
            }
            else
            {
                User user;
                UserLoggingReason result = SecurityManager.AuthenticateUser(
                    this.MembershipProvider,
                    input.UserName,
                    input.Password,
                    input.RememberMe,
                    out user);

                if (result != UserLoggingReason.Success)
                {
                    input.LoginError = true;
                }
                else
                {
                    input.RedirectUrlAfterLogin = this.GetReturnURL(context);
                }
            }

            return(input);
        }
        public virtual LoginFormViewModel Authenticate(LoginFormViewModel input, HttpContextBase context)
        {
            input.LoginError = false;
            string errorRedirectUrl = GetErrorRedirectUrl(context);

            if (Config.Get <SecurityConfig>().AuthenticationMode == SecConfig.AuthenticationMode.Claims && ClaimsManager.CurrentAuthenticationModule.AuthenticationProtocol != "Default")
            {
                var owinContext = context.Request.GetOwinContext();

                var challengeProperties = ChallengeProperties.ForLocalUser(input.UserName, input.Password, this.MembershipProvider, input.RememberMe, errorRedirectUrl);
                challengeProperties.RedirectUri = this.GetReturnURL(context);
                owinContext.Authentication.Challenge(challengeProperties, ClaimsManager.CurrentAuthenticationModule.STSAuthenticationType);
            }
            else
            {
                var redirectUrl = this.GetReturnURL(context);

                User user;
                UserLoggingReason result = SecurityManager.AuthenticateUser(
                    this.MembershipProvider,
                    input.UserName,
                    input.Password,
                    input.RememberMe,
                    out user);

                if (result != UserLoggingReason.Success)
                {
                    if (ClaimsManager.CurrentAuthenticationModule.AuthenticationProtocol == "Default")
                    {
                        errorRedirectUrl = AddErrorParameterToQuery(errorRedirectUrl);
                        SFClaimsAuthenticationManager.ProcessRejectedUserForDefaultClaimsLogin(context, result, user, input.RememberMe, redirectUrl, errorRedirectUrl);
                    }

                    input.LoginError = true;
                }
                else
                {
                    if (ClaimsManager.CurrentAuthenticationModule.AuthenticationProtocol == "Default")
                    {
                        redirectUrl = RemoveErrorParameterFromQuery(redirectUrl);
                    }

                    input.RedirectUrlAfterLogin = redirectUrl;
                    SystemManager.CurrentHttpContext.GetOwinContext().Authentication.SignIn(new AuthenticationProperties {
                        RedirectUri = redirectUrl
                    });
                }
            }

            return(input);
        }
Example #7
0
 /// <inheritDoc/>
 public virtual void InitializeLoginViewModel(LoginFormViewModel viewModel)
 {
     if (viewModel != null)
     {
         viewModel.ServiceUrl             = this.ServiceUrl;
         viewModel.MembershipProvider     = this.MembershipProvider;
         viewModel.RedirectUrlAfterLogin  = this.GetPageUrl(this.LoginRedirectPageId);
         viewModel.RegisterPageUrl        = this.GetPageUrl(this.RegisterRedirectPageId);
         viewModel.ShowRegistrationLink   = this.RegisterRedirectPageId.HasValue;
         viewModel.ShowForgotPasswordLink = this.AllowResetPassword && (this.EnablePasswordReset || this.EnablePasswordRetrieval);
         viewModel.Realm          = SitefinityClaimsAuthenticationModule.Current.GetRealm();
         viewModel.CssClass       = this.CssClass;
         viewModel.ShowRememberMe = this.ShowRememberMe;
     }
 }
Example #8
0
        /// <inheritDoc/>
        public virtual LoginFormViewModel Authenticate(LoginFormViewModel input, HttpContextBase context)
        {
            User user;
            UserLoggingReason result = SecurityManager.AuthenticateUser(
                this.MembershipProvider,
                input.UserName,
                input.Password,
                input.RememberMe,
                out user);

            var identity = ClaimsManager.GetCurrentIdentity();

            if (user != null && identity != null && identity.OriginalIdentity is SitefinityIdentity)
            {
                IClaimsPrincipal cp = new ClaimsPrincipal(new[] { new ClaimsIdentity(identity.Claims) });
                var wifCredentials  = new FederatedServiceCredentials(FederatedAuthentication.ServiceConfiguration);
                cp = wifCredentials.ClaimsAuthenticationManager.Authenticate(context.Request.RequestType, cp);
                SitefinityClaimsAuthenticationModule.Current.AuthenticatePrincipalWithCurrentToken(cp, input.RememberMe);
            }

            if (result == UserLoggingReason.Unknown)
            {
                input.IncorrectCredentials = true;
            }
            else
            {
                string redirectUrl;
                if (!this.TryResolveUrlFromUrlReferrer(context, out redirectUrl))
                {
                    redirectUrl = this.GetPageUrl(this.LoginRedirectPageId);
                }

                input.RedirectUrlAfterLogin = redirectUrl;

                if (result != UserLoggingReason.Success)
                {
                    SFClaimsAuthenticationManager.ProcessRejectedUser(context, input.RedirectUrlAfterLogin);
                }
            }

            return(input);
        }
        /// <inheritDoc/>
        public virtual void InitializeLoginViewModel(LoginFormViewModel viewModel)
        {
            if (viewModel != null)
            {
                viewModel.ServiceUrl             = this.ServiceUrl;
                viewModel.MembershipProvider     = this.MembershipProvider;
                viewModel.RedirectUrlAfterLogin  = this.GetPageUrl(this.LoginRedirectPageId);
                viewModel.RegisterPageUrl        = this.GetPageUrl(this.RegisterRedirectPageId);
                viewModel.ShowRegistrationLink   = this.RegisterRedirectPageId.HasValue;
                viewModel.ShowForgotPasswordLink = this.AllowResetPassword && (this.EnablePasswordReset || this.EnablePasswordRetrieval);
                viewModel.Realm          = ClaimsManager.CurrentAuthenticationModule.GetRealm();
                viewModel.CssClass       = this.CssClass;
                viewModel.ShowRememberMe = this.ShowRememberMe;

                if (!string.IsNullOrEmpty(this.serializedExternalProviders))
                {
                    viewModel.ExternalProviders = JsonSerializer.DeserializeFromString <Dictionary <string, string> >(this.serializedExternalProviders);
                }
            }
        }
Example #10
0
 /// <inheritDoc/>
 public virtual void InitializeLoginViewModel(LoginFormViewModel viewModel)
 {
     if (viewModel != null)
     {
         viewModel.ServiceUrl = this.ServiceUrl;
         viewModel.MembershipProvider = this.MembershipProvider;
         viewModel.RedirectUrlAfterLogin = this.GetPageUrl(this.LoginRedirectPageId);
         viewModel.RegisterPageUrl = this.GetPageUrl(this.RegisterRedirectPageId);
         viewModel.ShowRegistrationLink = this.RegisterRedirectPageId.HasValue;
         viewModel.ShowForgotPasswordLink = this.AllowResetPassword && (this.EnablePasswordReset || this.EnablePasswordRetrieval);
         viewModel.Realm = SitefinityClaimsAuthenticationModule.Current.GetRealm();
         viewModel.CssClass = this.CssClass;
         viewModel.ShowRememberMe = this.ShowRememberMe;
     }
 }
Example #11
0
 /// <inheritDoc/>
 public virtual LoginFormViewModel GetLoginFormViewModel()
 {
     var viewModel = new LoginFormViewModel();
     this.InitializeLoginViewModel(viewModel);
     return viewModel;
 }
Example #12
0
        /// <inheritDoc/>
        public virtual LoginFormViewModel Authenticate(LoginFormViewModel input, HttpContextBase context)
        {
            User user;
            UserLoggingReason result = SecurityManager.AuthenticateUser(
                this.MembershipProvider,
                input.UserName,
                input.Password,
                input.RememberMe,
                out user);

            var identity = ClaimsManager.GetCurrentIdentity();
            if (user != null && identity != null && identity.OriginalIdentity is SitefinityIdentity)
            {
                IClaimsPrincipal cp = new ClaimsPrincipal(new[] { new ClaimsIdentity(identity.Claims) });
                var wifCredentials = new FederatedServiceCredentials(FederatedAuthentication.ServiceConfiguration);
                cp = wifCredentials.ClaimsAuthenticationManager.Authenticate(context.Request.RequestType, cp);
                SitefinityClaimsAuthenticationModule.Current.AuthenticatePrincipalWithCurrentToken(cp, input.RememberMe);
            }

            if (result == UserLoggingReason.Unknown)
            {
                input.IncorrectCredentials = true;
            }
            else
            {
                string redirectUrl;
                if (!this.TryResolveUrlFromUrlReferrer(context, out redirectUrl))
                {
                    redirectUrl = this.GetPageUrl(this.LoginRedirectPageId);
                }

                input.RedirectUrlAfterLogin = redirectUrl;

                if (result != UserLoggingReason.Success)
                {
                    SFClaimsAuthenticationManager.ProcessRejectedUser(context, input.RedirectUrlAfterLogin);
                }
            }

            return input;
        }
        public ActionResult Index(LoginFormViewModel model)
        {
            if (ModelState.IsValid)
            {
                model = this.Model.Authenticate(model, this.ControllerContext.HttpContext);

                if (!model.IncorrectCredentials && !string.IsNullOrWhiteSpace(model.RedirectUrlAfterLogin))
                {
                    return this.Redirect(model.RedirectUrlAfterLogin);
                }
                else if (!model.IncorrectCredentials && this.Request.UrlReferrer != null)
                {
                    var returnUrlFromQS = System.Web.HttpUtility.ParseQueryString(this.Request.UrlReferrer.Query)["ReturnUrl"];

                    if (!string.IsNullOrEmpty(returnUrlFromQS))
                        return this.Redirect(returnUrlFromQS);
                }
            }

            this.Model.InitializeLoginViewModel(model);

            var fullTemplateName = this.loginFormTemplatePrefix + this.LoginFormTemplate;
            return this.View(fullTemplateName, model);
        }
        public ActionResult Index(LoginFormViewModel model)
        {
            if (ModelState.IsValid)
            {
                model = this.Model.Authenticate(model, this.ControllerContext.HttpContext);

                if (!model.IncorrectCredentials && !string.IsNullOrWhiteSpace(model.RedirectUrlAfterLogin))
                    return this.Redirect(model.RedirectUrlAfterLogin);
            }

            this.Model.InitializeLoginViewModel(model);

            var fullTemplateName = this.loginFormTemplatePrefix + this.LoginFormTemplate;
            return this.View(fullTemplateName, model);
        }