public async Task <IActionResult> ExternalLoginCallback(string returnUrl = null, string remoteError = null)
{
if (remoteError != null)
{
ModelState.AddModelError(string.Empty, $"Error from external provider: {remoteError}");
return(View(nameof(Login)));
}
ExternalLoginInfo info = await _signInManager.GetExternalLoginInfoAsync();
if (info == null)
{
return(RedirectToAction(nameof(Login)));
}
// Sign in the user with this external login provider if the user already has a login.
//var result = await _signInManager.ExternalLoginSignInAsync(info.LoginProvider, info.ProviderKey, isPersistent: false);
//if (result.Succeeded)
//{
// _logger.LogInformation(5, "User logged in with {Name} provider.", info.LoginProvider);
// return RedirectToLocal(returnUrl);
//}
//if (result.RequiresTwoFactor)
//{
// return RedirectToAction(nameof(SendCode), new { ReturnUrl = returnUrl });
//}
//if (result.IsLockedOut)
//{
// return View("Lockout");
//}
else
{
// If the user does not have an account, then ask the user to create an account.
ViewData["ReturnUrl"] = returnUrl;
ViewData["LoginProvider"] = info.LoginProvider;
string email = info.Principal.FindFirstValue(ClaimTypes.Email);
DboCredentialAlternate dbAltObj = _context.DboCredentialAlternate.SingleOrDefault(m => m.Vchr64UserName == email.Trim());
if (dbAltObj != null)
{
DboCredential dbCrObj = _context.DboCredential.SingleOrDefault(m => m.BintId == dbAltObj.BintPrimaryCredentialId && m.BEnabled == true);
if (dbCrObj != null)
{
SetSessionUserName(dbCrObj.Vchr32Name);
return(RedirectToAction(nameof(HomeController.Index), "Home", new { debug = "" }));
}
}
return(View("ExternalLoginConfirmation", new ExternalLoginConfirmationViewModel {
Email = email
}));
}
}
public IActionResult ExternalLogin(string provider, string returnUrl = null)
{
string[] provInfo = provider.Split('-');
if (provInfo.Length > 1)
{
//This method will hit when we user wants to delete the exisitng account
provInfo.Last();
DboCredential dbCr = _context.DboCredential.SingleOrDefault(m => m.Vchr32Name == GettSessionUserName());
if (dbCr != null)
{
List <DboCredentialAlternate> dlist = _context.DboCredentialAlternate.Where(m => m.BintPrimaryCredentialId == dbCr.BintId && m.ICredentialTypeId == Convert.ToInt32(provInfo.Last())).ToList();
if (dlist.Count() > 1)
{
DboCredentialAlternate dbCrAld = _context.DboCredentialAlternate.FirstOrDefault(m => m.BintPrimaryCredentialId == dbCr.BintId && m.ICredentialTypeId == Convert.ToInt32(provInfo.Last()) && !m.DtInactivated.HasValue);
dbCrAld.DtInactivated = DateTime.Now;
_context.DboCredentialAlternate.Update(dbCrAld);
_context.SaveChanges();
}
else
{
DboCredentialAlternate dbCrAl = _context.DboCredentialAlternate.SingleOrDefault(m => m.BintPrimaryCredentialId == dbCr.BintId && m.ICredentialTypeId == Convert.ToInt32(provInfo.Last()));
dbCrAl.DtInactivated = DateTime.Now;
_context.DboCredentialAlternate.Update(dbCrAl);
_context.SaveChanges();
}
return(RedirectToAction(nameof(HomeController.Index), "Home", new { debug = "d" }));
}
else
{
ViewData["ErrorMessage"] = "Seems there is an error";
return(View());
}
}
else
{
//This method will hit when we user wants to add any external account
string redirectUrl = Url.Action("ExternalLoginCallback", "Credentials", new { ReturnUrl = returnUrl });
var properties = _signInManager.ConfigureExternalAuthenticationProperties(provider, redirectUrl);
return(Challenge(properties, provider));
}
// Request a redirect to the external login provider.
}
/// <summary>
///
/// </summary>
/// <returns></returns>
//step 1 user hits the site
public IActionResult Index()
{
//step 11 check whether user using self registration link.
if (HttpContext.Request.Query["token"].ToString() != string.Empty)
{
string token = HttpContext.Request.Query["token"].ToString();
//step 13
return(RedirectToAction("VerifyEmail", "Account", new { token = token }));
//return this.VerifyEmail(email);
}
else
{
//step 2 checking user is in our network.
string logusr = User.Identity.Name;
//string logusr = User.Identity.Name;
WindowsIdentity loggedInUser = HttpContext.User.Identity as WindowsIdentity;
//if (loggedInUser?.User?.AccountDomainSid?.Value == "S-1-5-21-2610387755-854405893-26240035430")
//string sid = _context.DboSystemConfiguration.SingleOrDefault(m => m.IId == 50).v;
if (loggedInUser?.User?.AccountDomainSid?.Value == "S-1-5-21-2610387755-854405893-26240035430")
{
// DboCredentialAlternate userCred = _context.DboCredentialAlternate.SingleOrDefault(m => m.Vchr64UserName == GetLoggedInUser(loggedInUser));
string[] winLoginNameTrim = loggedInUser.Name.Split('\\');
string winLoginName = winLoginNameTrim.Last();
TempData["UserName"] = winLoginName;
SetSessionUserName(winLoginName);
//step 3 checking in CredentialAlternate table
DboCredentialAlternate userCred = _context.DboCredentialAlternate.SingleOrDefault(m => m.Vchr64UserName == loggedInUser.Name);
if (userCred != null)
{
// step 4 Checking in credential table
DboCredential userObject = _context.DboCredential.SingleOrDefault(m => m.BintId == userCred.BintPrimaryCredentialId && m.BEnabled == true);
if (userObject != null)
{
//stpe 5 sign on
return(RedirectToAction(nameof(CredentialsController.ManageCredentials), "Credentials", new { actiontype = "ad" }));
}
}
//step 6 creating records for the user.
new BusinessLayer(_context).CreateWindowsUserCredential(winLoginName, loggedInUser.Name);
return(RedirectToAction(nameof(CredentialsController.ManageCredentials), "Credentials", new { actiontype = "ad" }));
}
else
{
//getting IP address and checking against CredentialOrganizationInfo table
string remoteIpAddress = HttpContext.Features.Get <IHttpConnectionFeature>()?.RemoteIpAddress.ToString();
//step 26 checking IP address in COI.
DboCredentialOrganizationInfo creOrg = _context.DboCredentialOrganizationInfo.SingleOrDefault(m => m.Vchr40Ip == remoteIpAddress && m.BAllowIpsignon == true);
if (creOrg != null)
{
//step 11 Checking in Credential table
DboCredential userObject = _context.DboCredential.SingleOrDefault(m => m.BintId == creOrg.BintCredentialId && m.BEnabled == true);
if (userObject != null)
{
//step 16 sign on as org
TempData["UserName"] = userObject.Vchr32Name;
HttpContext.Session.SetString("lUserName", userObject.Vchr32Name);
return(RedirectToAction(nameof(CredentialsController.ManageCredentials), "Credentials", new { actiontype = "ad" }));
}
else
{
//setp 10 Access Denied
return(RedirectToAction(nameof(AccountController.AccessDenied), "Account", new { debug = "" }));
//return RedirectToAction(nameof(HomeController.Error), "Home", new { debug = "" });
}
}
else
{
//step 17 login page
return(RedirectToAction(nameof(AccountController.Login), "Account", new { debug = "" }));
}
}
}
}
//Active directory users login
public IActionResult Login(Models.LoginViewModel userr, string ReturnUrl)
{
//Authenticating using Active Directory
using (var cn = new LdapConnection())
{
// connect
// cn.Connect("<<hostname>>", 389);
// bind with an username and password
// this how you can verify the password of an user
// string Username = WindowsIdentity.GetCurrent().Name.ToString();
//var CurLoggedUser = User.Identity.IsAuthenticated;
// string domain = System.Net.NetworkInformation.IPGlobalProperties.GetIPGlobalProperties().DomainNamel;
if (userr.Email.Contains("\\"))
{
string[] winLoginNameTrim = userr.Email.Split('\\');
string winLoginName = winLoginNameTrim.Last();
string domainName = winLoginNameTrim.First();
DboCredentialOrganizationInfo dbCrOrgInfo = _context.DboCredentialOrganizationInfo.FirstOrDefault(m => m.Vchr8Ldapdomain == (domainName) && m.BAllowLdapauthentication == true);
if (dbCrOrgInfo != null)
{
cn.SecureSocketLayer = true;
// cn.Connect("hqmsdcw01.pomeroy.msft", 636);
cn.Connect(dbCrOrgInfo.Vchr64LdaphostName, dbCrOrgInfo.ILdapportNumber.Value);
try
{
cn.Bind(userr.Email, userr.Password);
//step 18 checking in Credential Alternate Table
DboCredentialAlternate userCred = _context.DboCredentialAlternate.SingleOrDefault(m => m.Vchr64UserName == userr.Email);
if (userCred != null)
{
TempData["UserName"] = winLoginName;
SetSessionUserName(winLoginName);
//step 19 checking in Credential table
DboCredential userObject = _context.DboCredential.SingleOrDefault(m => m.BintId == userCred.BintPrimaryCredentialId && m.BEnabled == true);
if (userObject != null)
{
//step 5 sign on as user
return(RedirectToAction(nameof(CredentialsController.ManageCredentials), "Credentials", new { actiontype = "ad" }));
}
}
new BusinessLayer(_context).CreateActiveDirectoryUserCredential(userr);
//step 5 sign on user
return(RedirectToAction(nameof(CredentialsController.ManageCredentials), "Credentials", new { actiontype = "ad" }));
}
catch (Exception e)
{
//step 18
int isUseExists = new BusinessLayer(_context).ValidateUser(Utility.GetUserNameFromEmail(userr.Email), userr.Password);
if (isUseExists > 0)
{
//step 5 sign on as system10 user
TempData["UserName"] = userr.Email;
SetSessionUserName(userr.Email);
return(RedirectToAction(nameof(HomeController.Index), "Home", new { debug = "" }));
}
ViewData["ErrorMessage"] = "Please provide valid user name and password";
}
}
else
{
ViewData["ErrorMessage"] = "No domain exists";
}
}
else
{
int isUseExists = new BusinessLayer(_context).ValidateUser(Utility.GetUserNameFromEmail(userr.Email), userr.Password);
if (isUseExists > 0)
{
TempData["UserName"] = userr.Email;
SetSessionUserName(userr.Email);
return(RedirectToAction(nameof(HomeController.Index), "Home", new { debug = "" }));
}
ViewData["ErrorMessage"] = "Please provide valid user name and password";
}
}
return(View());
}
