public TwitterHandler(ClaimProvider issuer)
: base(issuer)
{
this.issuer = issuer;
this.consumerKey = issuer.Parameters["consumer_key"];
this.consumerSecret = issuer.Parameters["consumer_secret"];
}
public ActionResult Authenticate()
{
var identifier = new Uri(this.Request.QueryString[WSFederationConstants.Parameters.HomeRealm]);
ClaimProvider issuer = this.configuration.RetrieveIssuer(identifier);
if (issuer == null)
{
return(this.HomeRealmDiscovery());
}
var handler = this.protocolDiscovery.RetrieveProtocolHandler(issuer);
if (handler == null)
{
throw new InvalidOperationException(string.Format(CultureInfo.CurrentCulture, "The protocol handler '{0}' was not found in the container", issuer.Protocol));
}
this.federationContext.IssuerName = issuer.Identifier.ToString();
var scope = this.configuration.RetrieveScope(new Uri(this.federationContext.Realm));
if (scope == null)
{
throw new InvalidOperationException(string.Format(CultureInfo.CurrentCulture, "The scope '{0}' was not found in the configuration", this.federationContext.Realm));
}
handler.ProcessSignInRequest(scope, this.HttpContext);
return(new EmptyResult());
}
private void ParseMetadata(ClaimProvider issuer)
{
ServicePointManager.SecurityProtocol |= SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;
var serializer = new MetadataSerializer {
CertificateValidationMode = X509CertificateValidationMode.None
};
if ("true".Equals(issuer.Parameters["ignoreSslError"], StringComparison.InvariantCultureIgnoreCase))
{
ServicePointManager.ServerCertificateValidationCallback += (s, ce, ch, ssl) => true;
}
var metadata = serializer.ReadMetadata(XmlReader.Create(issuer.Parameters["metadataUrl"]));
var entityDescriptor = (EntityDescriptor)metadata;
var stsd = entityDescriptor.RoleDescriptors.OfType <SecurityTokenServiceDescriptor>().First();
if (stsd == null)
{
throw new InvalidOperationException("Missing SecurityTokenServiceDescriptor!");
}
Logger.Info($"Got SecurityTokenServiceDescriptor from metadata.");
_wsfedEndpoint = stsd.PassiveRequestorEndpoints.First().Uri.ToString();
Logger.Info($"First PassiveRequestorEndpoint in SecurityTokenServiceDescriptor from metadata: {_wsfedEndpoint}");
var x509DataClauses = stsd.Keys.Where(key => key.KeyInfo != null && key.Use == KeyType.Signing)
.Select(key => key.KeyInfo.OfType <X509RawDataKeyIdentifierClause>().First());
var tokens = new List <X509SecurityToken>();
tokens.AddRange(x509DataClauses.Select(token => new X509SecurityToken(new X509Certificate2(token.GetX509RawData()))));
Logger.Info($"Get signing keys: {tokens.Count}");
_signingKeyThumbprints = tokens.Select(t => t.Certificate.Thumbprint.ToLowerInvariant()).ToArray();
if (Logger.IsInfoEnabled)
{
Logger.Info($"signing key thumbprints: {string.Join(", ",_signingKeyThumbprints)}");
}
}
private void ParseMetadata(ClaimProvider issuer)
{
ServicePointManager.SecurityProtocol |= SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;
var serializer = new MetadataSerializer {
CertificateValidationMode = X509CertificateValidationMode.None
};
if ("true".Equals(issuer.Parameters["ignoreSslError"], StringComparison.InvariantCultureIgnoreCase))
{
ServicePointManager.ServerCertificateValidationCallback += (s, ce, ch, ssl) => true;
}
var metadata = serializer.ReadMetadata(XmlReader.Create(issuer.Parameters["metadataUrl"]));
var entityDescriptor = (EntityDescriptor)metadata;
var ssod = entityDescriptor.RoleDescriptors.OfType <IdentityProviderSingleSignOnDescriptor>().First();
if (ssod == null)
{
throw new InvalidOperationException("Missing IdentityProviderSingleSignOnDescriptor!");
}
Logger.Info("Got IdentityProviderSingleSignOnDescriptor from metadata.");
_identityProviderSSOURL =
ssod.SingleSignOnServices.Single(
x => x.Binding.ToString() == "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect").Location.ToString();
Logger.Info($"_identityProviderSSOURL: {_identityProviderSSOURL}");
_signingKeyThumbprint = GetSigningKeyThumbprint(ssod).ToArray();
if (Logger.IsInfoEnabled)
{
Logger.Info($"signing key thumbprints: {string.Join(", ", _signingKeyThumbprint)}");
}
}
public FacebookHandler(ClaimProvider issuer)
: base(issuer)
{
this.issuer = issuer;
this.applicationId = issuer.Parameters["application_id"];
this.apiUrl = issuer.Parameters["api_url"];
this.secret = issuer.Parameters["secret"];
}
public WindowsAzureADHandler(ClaimProvider issuer)
: base(issuer)
{
this.signingKeyThumbprint = issuer.Parameters["signingKeyThumbprint"];
this.tenantId = issuer.Parameters["tenantId"];
this.appPrincipalId = issuer.Parameters["appPrincipalId"];
this.realmFormat = issuer.Parameters["realmFormat"];
}
public WindowsAzureADHandler(ClaimProvider issuer)
: base(issuer)
{
this.signingKeyThumbprint = issuer.Parameters["signingKeyThumbprint"];
this.tenantId = issuer.Parameters["tenantId"];
this.appPrincipalId = issuer.Parameters["appPrincipalId"];
this.realmFormat = issuer.Parameters["realmFormat"];
}
public IHttpActionResult CreateNewRequest(FormDataCollection form)
{
var emailName = ClaimProvider.GetEmailClaim(User);
var fullName = ClaimProvider.GetFullNameClaim(User);
var exceptionReq = JObject.Parse(form.ToArray()[0].Key);
var newRequest = this.dataContext.CreateNewRequest(emailName, fullName, exceptionReq);
return(Ok(newRequest));
}
public GoogleHandler(ClaimProvider issuer) : base(issuer)
{
if (issuer == null)
{
throw new ArgumentNullException(nameof(issuer));
}
_issuer = issuer;
_clientId = _issuer.Parameters["clientId"];
_clientSecret = _issuer.Parameters["clientSecret"];
}
public LiveIdHandler(ClaimProvider issuer) : base(issuer)
{
if (issuer == null)
{
throw new ArgumentNullException("issuer");
}
this.issuer = issuer;
this.appId = this.issuer.Parameters["wll_appid"];
this.secretKey = this.issuer.Parameters["wll_secret"];
}
public OwnerStatementSummaryModel(DojoDbContext context = null)
{
StatementMonth = DateTime.Now; // default to current month
if (context != null)
{
OwnerName = ClaimProvider.GetFriendlyName(context);
}
ItemTotal = new OwnerStatementSummaryItem();
SummaryItems = new List <OwnerStatementSummaryItem>();
}
public OwnerStatementViewModel(DojoDbContext context = null)
{
StatementMonth = DateTime.Now; // default to current month
if (context != null)
{
OwnerName = ClaimProvider.GetFriendlyName(context);
}
ReservationDetails = new List <ReservationStatement>();
AdvancePaymentDetails = new List <AdvancePaymentStatement>();
UnitExpenseDetails = new List <UnitExpenseStatement>();
}
public WSFedHandler(ClaimProvider issuer)
: base(issuer)
{
if (!string.IsNullOrEmpty(issuer.Parameters["metadataUrl"]))
{
ParseMetadata(issuer);
}
else
{
_signingKeyThumbprints = new [] { issuer.Parameters["signingKeyThumbprint"].ToLowerInvariant() };
_wsfedEndpoint = issuer.Parameters["wsfedEndpoint"];
}
}
public IHttpActionResult GetUserExceptionRequests()
{
var emailClaimValue = ClaimProvider.GetEmailClaim(User);
var values = this.dataContext.GetExceptionRequestsByEmail(emailClaimValue);
var result = new ExceptionRequestWithCount
{
Items = values,
Count = values.Count()
};
return(Ok(result));
}
public AzureAdOAuthHandler(ClaimProvider issuer) : base(issuer)
{
if (issuer == null)
{
throw new ArgumentNullException(nameof(issuer));
}
this.issuer = issuer;
_appId = this.issuer.Parameters["clientId"];
_secretKey = this.issuer.Parameters["key"];
_graphApiEndpoint = this.issuer.Parameters["graphApiEndpoint"];
_tokenEndpoint = this.issuer.Parameters["tokenEndpoint"];
_authorizationEndpoint = this.issuer.Parameters["authorizationEndpoint"];
_graphApiVersion = this.issuer.Parameters["graphApiVersion"];
}
protected ProtocolHandlerBase(ClaimProvider issuer, IConfigurationRepository configuration)
{
if (issuer == null)
{
throw new ArgumentNullException("issuer");
}
if (configuration == null)
{
throw new ArgumentNullException("configuration");
}
this.Issuer = issuer;
this.Configuration = configuration;
this.MultiProtocolIssuer = this.Configuration.RetrieveMultiProtocolIssuer();
}
protected ProtocolHandlerBase(ClaimProvider issuer, IConfigurationRepository configuration)
{
if (issuer == null)
{
throw new ArgumentNullException(nameof(issuer));
}
if (configuration == null)
{
throw new ArgumentNullException(nameof(configuration));
}
Issuer = issuer;
Configuration = configuration;
MultiProtocolIssuer = Configuration.MultiProtocolIssuer;
}
public SamlHandler(ClaimProvider issuer)
: base(issuer)
{
_issuer = string.IsNullOrEmpty(issuer.Parameters["issuer"]) ? MultiProtocolIssuer.Identifier.ToString() : issuer.Parameters["issuer"];
if (!string.IsNullOrEmpty(issuer.Parameters["metadataUrl"]))
{
ParseMetadata(issuer);
}
else
{
_signingKeyThumbprint = new[] { issuer.Parameters["signingKeyThumbprint"].ToLowerInvariant() };
_identityProviderSSOURL = issuer.Parameters["identityProviderSSOURL"];
}
_audienceRestriction = issuer.Parameters["audienceRestriction"];
_requestedAuthnContextComparisonMethod = issuer.Parameters["requestedAuthnContextComparisonMethod"];
var authnContextClassRefs = issuer.Parameters["authnContextClassRefs"];
_authnContextClassRefs = !string.IsNullOrWhiteSpace(authnContextClassRefs)
? authnContextClassRefs.Split(',').ToList()
: new List <string>();
}
public ActionResult Authenticate()
{
Logger.Info("Authenticate!");
var identifier = new Uri(Request.QueryString[WSFederationConstants.Parameters.HomeRealm]);
var requestUrl = Request.UrlConsideringLoadBalancerHeaders();
ClaimProvider issuer = configuration.RetrieveIssuer(requestUrl, identifier);
if (issuer == null)
{
return(HomeRealmDiscovery());
}
var handler = protocolDiscovery.RetrieveProtocolHandler(issuer);
if (handler == null)
{
throw new InvalidOperationException(string.Format(CultureInfo.CurrentCulture, "The protocol handler '{0}' was not found in the container", issuer.Protocol));
}
federationContext.IssuerName = issuer.Identifier.ToString();
var realm = federationContext.Realm;
if (string.IsNullOrEmpty(realm))
{
realm = CreateFederationContextFromConfiguration();
}
var scope = configuration.RetrieveScope(requestUrl, new Uri(realm));
if (scope == null)
{
throw new InvalidOperationException(string.Format(CultureInfo.CurrentCulture, "The scope '{0}' was not found in the configuration", realm));
}
handler.ProcessSignInRequest(scope, HttpContext);
return(new EmptyResult());
}
public OpenIdHandler(ClaimProvider issuer)
: base(issuer)
{
}
protected ProtocolHandlerBase(ClaimProvider issuer) : this(issuer, new DefaultConfigurationRepository())
{
}
protected ProtocolHandlerBase(ClaimProvider issuer) : this(issuer, ServiceLocator.Container.Value.Resolve <IConfigurationRepository>())
{
}
public IProtocolHandler RetrieveProtocolHandler(ClaimProvider issuer)
{
return(this.container.Resolve <IProtocolHandler>(
issuer.Protocol,
new ParameterOverride("issuer", issuer)));
}
public DBContext(DbContextOptions options, ClaimProvider provider) : base(options)
{
_userId = provider.UserId;
}
public GoogleHandler(ClaimProvider issuer)
: base(issuer)
{
}
public AWFOSHandler(ClaimProvider issuer)
: base(issuer)
{
_identityProviderSSOURL = issuer.Parameters["identityProviderSSOURL"];
}
public YahooHandler(ClaimProvider issuer)
: base(issuer)
{
}
public IProtocolHandler RetrieveProtocolHandler(ClaimProvider issuer)
{
return(ServiceLocator.Container.Value.Resolve <IProtocolHandler>(
issuer.Protocol,
new ParameterOverride("issuer", issuer)));
}
public RelativeOpenIdHandler(ClaimProvider issuer)
: base(issuer)
{
}
public WSFedHandler(ClaimProvider issuer)
: base(issuer)
{
this.signingKeyThumbprint = issuer.Parameters["signingKeyThumbprint"];
}
