public IActionResult Index()
{
#if DEBUG
var authRequest = new AuthRequestPayload()
{
RequestId = Guid.NewGuid(),
Source = "Home",
RedirectUri = new Uri("https://andreihava.net"),
ResponseUri = new Uri("http://localhost/")
};
return(RedirectToAction("Index", "Authentication", new { AuthToken = authRequest.Encode() }));
#else
return(RedirectToActionPermanent("Index", "Authentication"));
#endif
}
public IActionResult Index()
{
if (Request.Query.Count == 0)
{
return(Redirect("https://andreihava.net/"));
}
if (Request.Query.ContainsKey("Email"))
{
var email = Request.Query.ContainsKey("Email")
? Request.Query["Email"].ToString()
: string.Empty;
if (string.IsNullOrEmpty(email))
{
return(BadRequest("Email parameter was defined but didn't have a value!"));
}
var newReg = Request.Query.ContainsKey("NewAccount") &&
bool.Parse(Request.Query["NewAccount"].ToString());
var pendingActivation = Request.Query.ContainsKey("PendingActivation") &&
bool.Parse(Request.Query["PendingActivation"].ToString());
if (string.IsNullOrEmpty(email))
{
return(View("Authentication", new AuthenticationIdentity()));
}
var identity = new AuthenticationIdentity
{
Email = email,
NewAccount = newReg,
PendingActivation = pendingActivation
};
return(View("Authentication", identity));
}
if (Request.Query.ContainsKey("AuthToken"))
{
Session session;
AuthRequestPayload authRequest;
var authToken = Request.Query.ContainsKey("AuthToken")
? Request.Query["AuthToken"].ToString()
: string.Empty;
if (string.IsNullOrEmpty(authToken))
{
return(BadRequest("AuthToken parameter was defined but didn't have a value!"));
}
authRequest = AuthRequestPayload.Decode(authToken);
if (Request.Cookies.ContainsKey("SID"))
{
var sid = Guid.Parse(Request.Cookies["SID"]);
session = SessionStore.GetSession(sid);
if (session == null || !session.IsValid())
{
session = SessionStore.CreateSession(TimeSpan.FromHours(12));
}
else
{
var authResponse = session.GetAttribute <AuthResponsePayload>("AuthPayload");
authResponse.RequestId = authRequest.RequestId;
HttpHandler.Post(authRequest.ResponseUri, authResponse.Encode()).Wait();
return(Redirect(authRequest.RedirectUri.ToString()));
}
}
else
{
session = SessionStore.CreateSession(TimeSpan.FromHours(12));
}
session["AuthRequest"] = authRequest;
Response.Cookies.Append("SID", session.Guid.ToString(),
new CookieOptions()
{
Domain = Request.Host.Host, HttpOnly = true, SameSite = SameSiteMode.Strict, Expires = DateTimeOffset.UtcNow.AddHours(12)
});
Response.Cookies.Append("RID", authRequest.RequestId.ToString(),
new CookieOptions()
{
Domain = Request.Host.Host, HttpOnly = true, SameSite = SameSiteMode.Strict
});
return(View("Authentication", new AuthenticationIdentity()));
}
return(BadRequest());
}