protected void Application_Start()
{
if (!_loggingStarted)
{
try
{
log4net.Config.XmlConfigurator.Configure();
_log.Info("ASAIDP Application Logger Started - APPLICATION START");
}
catch (Exception ex)
{
//There is nothing we can do here, there is no way to log this failue
//and we don't want to abort the application just because logging won't load
_log.Info("ASAIDP Logging Start Exception => " + ex.ToString());
}
_loggingStarted = true;
}
AreaRegistration.RegisterAllAreas();
RegisterGlobalFilters(GlobalFilters.Filters);
RegisterRoutes(RouteTable.Routes);
SAMLController.SSOSessionStore = new CookieSSOSession();
ASBSSOAdapterModule.Init();
IKernel kernel = ASBSSOAdapterModule.GetKernel();
kernel.Bind <IDVerifier>().To <ASAIDP.SSO.Plugins.SiteMemberPlugin>().
Named("ASAIDP.SSO.Plugins.SiteMemberPlugin");
}
/// <summary>
/// Either initiate a single logout or respond to a single logout request.
/// </summary>
/// <returns></returns>
public ActionResult SSOLogout()
{
IKernel kernel = ASBSSOAdapterModule.GetKernel();
ISSOLogoutProcessor ssoLogoutProcessor = kernel.Get <ISSOLogoutProcessor>();
SSORequestResult result = ssoLogoutProcessor.RespondToLogoutRequest(Request);
if (result.RedirectURL != null)
{
// successfull single sign-out
Session.Remove(ASBSSOConstants.ABSSOPARTNER); // indicate that we are no longer in a SSO session
return(Redirect(result.RedirectURL));
}
else
{
throw new Exception("Sorry, SSO Logout could not be completed", result.Error);
}
}
public ActionResult SSOLogin()
{
// validate the login token that has been passed, retrieve the user credentials and attributes
// and return a login token to the IDP so as to respond to a SSO login request.
// The second parameter is an arbitrary set of objects that gets passed to the custom id plugin
// in this case we pass the controller, so the plugin can figure out who is logged in.
IKernel kernel = ASBSSOAdapterModule.GetKernel();
ISSOLoginProcessor ssoLoginProcessor = kernel.Get <ISSOLoginProcessor>();
Dictionary <string, object> paramDictionary = new Dictionary <string, object> {
{ "controller", this },
{ "partnerName", Request[ASBSSOConstants.PARTNERNAME] },
{ "optionalParam", Request.Params["optionalParam"] }
};
foreach (var param in Request.Params)
{
// going through all parameters, looking for internships.com "RedirectUrl" parameters, or parameters that start with "utm_"
string paramString = param.ToString().Trim();
if (!paramDictionary.ContainsKey(paramString) && (paramString == "UrlSuffix" || paramString.StartsWith("utm_")))
{
paramDictionary.Add(paramString, Request.Params[paramString]);
}
}
SSORequestResult result = ssoLoginProcessor.RespondToSSORequest(Request, paramDictionary);
HttpCookie saltId = null;
//COV 10565
if (System.Web.HttpContext.Current != null)
{
saltId = System.Web.HttpContext.Current.Request.Cookies["IndividualId"];
}
if (saltId != null)
{
//string RedirectUrl = result.RedirectURL;
//int indexStart = RedirectUrl.IndexOf("LoginToken=") + 11;
//int indexEnd = RedirectUrl.IndexOf("&AttributeToken");
//string strToken = RedirectUrl.Substring(indexStart, indexEnd - indexStart);
//Dictionary<string, string> ssoToken = TokenDecoding.Decode(Server.UrlDecode(strToken), "AES128", "eb64a522b4a9305bb9b6c1358d03c0f8");
if (result.RedirectURL != null)
{
// indicate that we are in a SSO situation so we can do SSO logout later if needed
Session[ASBSSOConstants.ABSSOPARTNER] = Request[ASBSSOConstants.PARTNERNAME];
// redirect to the url that comes back from the adapter.
return(Redirect(result.RedirectURL));
}
else
{
throw new Exception("Sorry, SSO Login could not be completed", result.Error);
}
}
else
{
string loginRedirectPage = Url.Content("~/Home");
System.Web.Configuration.AuthenticationSection authSection =
(System.Web.Configuration.AuthenticationSection)System.Configuration.ConfigurationManager.GetSection("system.web/authentication");
if (authSection != null && authSection.Forms != null)
{
if (!string.IsNullOrEmpty(authSection.Forms.LoginUrl))
{
loginRedirectPage = Url.Content(authSection.Forms.LoginUrl);
}
}
loginRedirectPage = loginRedirectPage.Split('?')[0] + "?RetrunUrl=index.html";
return(Redirect(loginRedirectPage));
}
}
