private void loginButton_Click(object sender, EventArgs e) { // AADB2C90118: The user has forgotten their password ==> Login with forgot password policy if (!string.IsNullOrEmpty(Request["error"]) && !string.IsNullOrEmpty(Request["error_description"]) && Request["error_description"]?.IndexOf("AADB2C90118") == -1) { // AADB2C90091: The user has cancelled entering self-asserted information. // User clicked on Cancel when resetting the password => Redirect to the login page if (Request["error_description"]?.IndexOf("AADB2C90091") > -1) { Response.Redirect(Common.Utils.GetLoginUrl(PortalSettings.Current, Request), true); } else { var errorMessage = Localization.GetString("LoginError", LocalResourceFile); errorMessage = string.Format(errorMessage, Request["error"], Request["error_description"]); _logger.Error(errorMessage); UI.Skins.Skin.AddModuleMessage(this, errorMessage, ModuleMessage.ModuleMessageType.RedError); } } else { if (Request["error_description"]?.IndexOf("AADB2C90118") > -1) { ((AzureClient)OAuthClient).Policy = AzureClient.PolicyEnum.PasswordResetPolicy; } AuthorisationResult result = OAuthClient.Authorize(); if (result == AuthorisationResult.Denied) { UI.Skins.Skin.AddModuleMessage(this, Localization.GetString("PrivateConfirmationMessage", Localization.SharedResourceFile), ModuleMessage.ModuleMessageType.YellowWarning); } } }
protected override void OnInit(EventArgs e) { base.OnInit(e); if (!string.IsNullOrEmpty(Request["error"]) && !string.IsNullOrEmpty(Request["error_description"])) { // AADB2C90091: The user has cancelled entering self-asserted information. // User clicked on Cancel when resetting the password => Redirect to the original page if (Request["error_description"]?.IndexOf("AADB2C90091") > -1) { if (!string.IsNullOrEmpty(Request["state"])) { var state = new State(Request["state"]); if (!string.IsNullOrEmpty(state.RedirectUrl)) { Response.Redirect(state.RedirectUrl, true); } } } else { var errorMessage = Localization.GetString("LoginError", LocalResourceFile); errorMessage = string.Format(errorMessage, Request["error"], Request["error_description"]); _logger.Error(errorMessage); UI.Skins.Skin.AddModuleMessage(this, errorMessage, ModuleMessage.ModuleMessageType.RedError); } } else { var identityProvider = UserInfo.Profile.ProfileProperties.GetByName("IdentitySource"); if (identityProvider != null && identityProvider.PropertyValue == "Azure-B2C") { var oauthClient = new AzureClient(PortalId, AuthMode.Login); // Is returning after editing the user profile? var state = new State(Request["state"]); if (Request.UrlReferrer?.Host == oauthClient.LogoutEndpoint.Host && !string.IsNullOrEmpty(Request["state"]) && state.Service == oauthClient.Service && !string.IsNullOrEmpty(state.RedirectUrl) && oauthClient.HaveVerificationCode()) { oauthClient.Policy = AzureClient.PolicyEnum.ProfilePolicy; AuthorisationResult result = oauthClient.Authorize(); if (result != AuthorisationResult.Denied) { oauthClient.UpdateUserProfile(); Response.Redirect(state.RedirectUrl); } } else { oauthClient.NavigateUserProfile(Request.UrlReferrer); } } } }
private void loginButton_Click(object sender, EventArgs e) { AuthorisationResult result = OAuthClient.Authorize(); if (result == AuthorisationResult.Denied) { UI.Skins.Skin.AddModuleMessage(this, Localization.GetString("PrivateConfirmationMessage", Localization.SharedResourceFile), ModuleMessage.ModuleMessageType.YellowWarning); } }
protected override void OnInit(EventArgs e) { base.OnInit(e); if (!string.IsNullOrEmpty(Request["error"]) && !string.IsNullOrEmpty(Request["error_description"])) { // AADB2C90091: The user has cancelled entering self-asserted information. // User clicked on Cancel when resetting the password => Redirect to the original page if (Request["error_description"]?.IndexOf("AADB2C90091") > -1) { var url = Request["state"].Split('-'); if (url.Length > 1) { Response.Redirect(url[1], true); } } else { var errorMessage = Localization.GetString("LoginError", LocalResourceFile); errorMessage = string.Format(errorMessage, Request["error"], Request["error_description"]); _logger.Error(errorMessage); UI.Skins.Skin.AddModuleMessage(this, errorMessage, ModuleMessage.ModuleMessageType.RedError); } } else { if (UserInfo != null && UserInfo.Username.ToLowerInvariant().StartsWith("azureb2c-")) { var oauthClient = new AzureClient(PortalId, AuthMode.Login); // Is returning after editing the user profile? if (Request.UrlReferrer?.Host == oauthClient.LogoutEndpoint.Host && !string.IsNullOrEmpty(Request["state"]) && Request["state"].StartsWith(oauthClient.Service) && Request["state"].Length > oauthClient.Service.Length && oauthClient.HaveVerificationCode()) { oauthClient.Policy = AzureClient.PolicyEnum.ProfilePolicy; AuthorisationResult result = oauthClient.Authorize(); if (result != AuthorisationResult.Denied) { oauthClient.UpdateUserProfile(); var url = Request["state"].Split('-'); if (url.Length > 1) { Response.Redirect(url[1]); } } } else { oauthClient.NavigateUserProfile(Request.UrlReferrer); } } } }
private void LoginButton_Click(object sender, EventArgs e) { this.OAuthClient.CallbackUri = new Uri(this.OAuthClient.CallbackUri + "?state=Twitter"); AuthorisationResult result = this.OAuthClient.Authorize(); if (result == AuthorisationResult.Denied) { UI.Skins.Skin.AddModuleMessage(this, Localization.GetString("PrivateConfirmationMessage", Localization.SharedResourceFile), ModuleMessage.ModuleMessageType.YellowWarning); } }
private static async Task <AuthorisationResult> FailOnFirstCall() { await Task.CompletedTask; var result = _hasBeenCalled ? AuthorisationResult.Success() : AuthorisationResult.Fail("This query can only be used on a Saturday or Sunday"); _hasBeenCalled = true; return(result); }
/// <summary> /// A contrived authorisation policy function /// </summary> /// <returns></returns> private static async Task <AuthorisationResult> WeekendOnlyPolicy() { var isWeekend = DateTime.Today.DayOfWeek == DayOfWeek.Saturday || DateTime.Today.DayOfWeek == DayOfWeek.Sunday; //This isn't really an async method await Task.CompletedTask; return(isWeekend ? AuthorisationResult.Success() : AuthorisationResult.Fail("This query can only be used on a Saturday or Sunday")); }
private static async Task <AuthorisationResult> FailOnFirstCall() { await Task.CompletedTask; var result = _hasBeenCalled ? AuthorisationResult.Success() : AuthorisationResult.Fail("This query will fail the first time you call it, try again."); _hasBeenCalled = true; return(result); }
/// <summary> /// Parses the query tokens returned during authorisation process /// and notifies app of result. /// </summary> /// <param name="queryTokens">Query tokens to parse for authorisation.</param> private void ParseUrl(NameValueCollection queryTokens) { AuthorisationResult result = AuthorisationResult.Error; string reason = null; string state = null; if (queryTokens["code"] == null) { // app was not authorised for some reason if (queryTokens["error"] == "access_denied") { result = AuthorisationResult.Denied; } else { // random error so return description value reason = queryTokens["description"]; } } else { try { // get name of user who logged in from state state = queryTokens["state"]; var re = new Regex(@"(?<=name;)\w*(\+\w*)?", RegexOptions.IgnoreCase); var m = re.Match(state); this.Character = HttpUtility.UrlDecode(m.Value); state = state.Replace("name;" + m.Value, "").Trim(); // exchange code for a token this.Token = GetToken(queryTokens["code"]); result = AuthorisationResult.Authorised; } catch (Exception ex) { reason = ex.Message; } } // clean up web browser before continuing _wasAutoClosed = true; CloseForm(_webBrowserForm); // notify anyone who is listening of results OnAuthoriseComplete(new AuthoriseCompleteEventArgs(result, reason, state)); }
private async Task GetUserAsync() { if (Client.HaveVerificationCode()) { try { // Step 2: Validate that the state is the same as what was stored in the // CSRF cookie. Validation failures will throw exceptions. AntiForgery.ValidateTokens(Request); // Step 3: The app has redirected back with an Auth0 Code that can // be used for retrieving a Bearer Token from Auth0. AuthorisationResult result = await Client.ExchangeCodeForTokenAsync(); switch (result) { case AuthorisationResult.Authorized: // Step 4: We now have a token and can use that to get the // user profile data from Auth0. The profile data we have // access to is controlled by the scope passed in the original // authorization request. Auth0UserInfo user = await Client.GetCurrentUserAsync(); // Step 5: We need to take the authenticated user profile and use it to // find the corresponding DNN User. If the user does not exist, // we create the user and authorize the user according to the portal settings. Client.AuthenticateDnnUser(user, PortalSettings, IPAddress, base.OnUserAuthenticated); break; case AuthorisationResult.Denied: Skin.AddModuleMessage(this, Localization.GetString("PrivateConfirmationMessage", Localization.SharedResourceFile), ModuleMessage.ModuleMessageType.YellowWarning); AddEventLog("unknown user", Null.NullInteger, PortalSettings.PortalName, IPAddress, EventLogType.LOGIN_FAILURE, "Unable to get token"); break; default: break; } } catch (Exception ex) { (new ExceptionLogController()).AddLog(ex); } } }
private void loginButton_Click(object sender, EventArgs e) { if (!string.IsNullOrEmpty(Request["error"])) { var errorMessage = Localization.GetString("LoginError", LocalResourceFile); errorMessage = string.Format(errorMessage, Request["error"], Request["error_description"]); _logger.Error(errorMessage); UI.Skins.Skin.AddModuleMessage(this, errorMessage, ModuleMessage.ModuleMessageType.RedError); } else { AuthorisationResult result = OAuthClient.Authorize(); if (result == AuthorisationResult.Denied) { UI.Skins.Skin.AddModuleMessage(this, Localization.GetString("PrivateConfirmationMessage", Localization.SharedResourceFile), ModuleMessage.ModuleMessageType.YellowWarning); } } }
public async Task <AuthorisationResult> Verify(string authToken) { var dummyAuthResult = new AuthorisationResult(); if (string.IsNullOrEmpty(authToken)) { return(await Task.Run(() => dummyAuthResult)); } return(authToken.ToUpperInvariant() switch { "TEST_KEY1" => await Task.Run(() => new AuthorisationResult() { Valid = true, Merchant = new Merchant() { Id = "M_1111", Name = "Merchant 1" } }), _ => await Task.Run(() => dummyAuthResult), });
private Token GetTokenSilently(OAuthLowLevel oAuth) { Token token = null; token = oAuth.RetrieveExistingAccessToken(ClientID, Scope, Audience, StoragePartition); if (token == null) { Token refreshToken = oAuth.RetrieveExistingRefreshToken(ClientID, Scope, Audience, StoragePartition); if (refreshToken != null) { Auth0ClientBase client = CreateAuth0Client(); AuthorisationResult result = Task.Run(() => oAuth.RefreshAccessTokenAsync(client, refreshToken, ClientID, Scope, Audience, StoragePartition)).Result; token = result.AccessToken; } } return(token); }
private void loginButton_Click(object sender, EventArgs e) { if (!string.IsNullOrEmpty(Request["error"])) { var errorMessage = Localization.GetString("LoginError", LocalResourceFile); errorMessage = string.Format(errorMessage, Request["error"], Request["error_description"]); _logger.Error(errorMessage); if (string.IsNullOrEmpty(config.OnErrorUri)) { UI.Skins.Skin.AddModuleMessage(this, errorMessage, ModuleMessage.ModuleMessageType.RedError); } else { Response.Redirect($"{config.OnErrorUri}?error={Request["error"]}&error_description={HttpContext.Current.Server.UrlEncode(Request["error_description"])}"); } } else { AuthorisationResult result = OAuthClient.Authorize(); if (result == AuthorisationResult.Denied) { if (string.IsNullOrEmpty(config.OnErrorUri)) { UI.Skins.Skin.AddModuleMessage(this, Localization.GetString("PrivateConfirmationMessage", Localization.SharedResourceFile), ModuleMessage.ModuleMessageType.YellowWarning); } else { Response.Redirect($"{config.OnErrorUri}?error=Denied&error_description={HttpContext.Current.Server.UrlEncode(Localization.GetString("PrivateConfirmationMessage", Localization.SharedResourceFile))}"); } } else { if (!string.IsNullOrEmpty(((AzureClient)OAuthClient).RedirectUrl)) { RedirectURL = ((AzureClient)OAuthClient).RedirectUrl; } } } }
public AuthoriseCompleteEventArgs(AuthorisationResult result, string state) : this(result, result.GetDescription(), state) { }
public AuthoriseCompleteEventArgs(AuthorisationResult result, string deniedReason, string state) { _result = result; _reason = String.IsNullOrWhiteSpace(deniedReason) ? result.GetDescription() : deniedReason; this.State = state; }
protected override void OnInit(EventArgs e) { base.OnInit(e); if (!string.IsNullOrEmpty(Request["error"]) && !string.IsNullOrEmpty(Request["error_description"])) { // AADB2C90091: The user has cancelled entering self-asserted information. // User clicked on Cancel when resetting the password => Redirect to the original page if (Request["error_description"]?.IndexOf("AADB2C90091") > -1) { if (!string.IsNullOrEmpty(Request["state"])) { var state = new State(Request["state"]); if (!string.IsNullOrEmpty(state.RedirectUrl)) { Response.Redirect(state.RedirectUrl, true); } else { Response.Redirect("/", true); } } else { Response.Redirect("/", true); } } else { var errorMessage = Localization.GetString("LoginError", LocalResourceFile); errorMessage = string.Format(errorMessage, Request["error"], Request["error_description"]); _logger.Error(errorMessage); UI.Skins.Skin.AddModuleMessage(this, errorMessage, ModuleMessage.ModuleMessageType.RedError); } } else { var identityProvider = UserInfo.Profile.ProfileProperties.GetByName("IdentitySource"); if (identityProvider != null && identityProvider.PropertyValue == "Azure-B2C") { var oauthClient = new AzureClient(PortalId, AuthMode.Login); if (HttpContext.Current.Request.Cookies.AllKeys.Contains("AzureB2CUserToken")) { // Logout on B2C to clear the cached B2C login. This will redirect back to here after the logout oauthClient.Logout(); return; } // Is returning after running the impersonation on B2C? var state = new State(Request["state"]); if (Request.UrlReferrer?.Host == oauthClient.LogoutEndpoint.Host && !string.IsNullOrEmpty(Request["state"]) && state.Service == oauthClient.Service && !string.IsNullOrEmpty(state.RedirectUrl) && oauthClient.HaveVerificationCode()) { oauthClient.Policy = AzureClient.PolicyEnum.ImpersonatePolicy; AuthorisationResult result = oauthClient.Authorize(); if (result != AuthorisationResult.Denied) { if (User != null) { var url = oauthClient.Impersonate(); if (string.IsNullOrEmpty(url)) { Response.Redirect($"{Request.Url.Scheme}://{PortalSettings.PortalAlias.HTTPAlias}"); // Redirect to homepage after impersonation } else { Response.Redirect(url); } } } } else { var uri = oauthClient.NavigateImpersonation(Request.UrlReferrer, UserInfo.Email); Response.Redirect(uri.ToString(), false); } } } }