public void PayloadExtracted(string sso, string sig, string nonce, string secret)
{
var opts = A.Fake <IOptionsMonitor <DiscourseService.Options> >();
A.CallTo(() => opts.CurrentValue).Returns(new DiscourseService.Options {
Secret = secret
});
var service =
new DiscourseService(opts);
var result = service.OpenPayload(sso, sig);
result.nonce.Should().BeEquivalentTo(nonce);
}
public async Task <RedirectResult> SingleSignOn([FromQuery] string sso, [FromQuery] string sig)
{
var(nonce, returnUrl) = _discourseService.OpenPayload(sso, sig);
var user = await _userManager.GetUserAsync(User);
_log.Information("Login request from {user}", user.UserName, user.Id, nonce, returnUrl);
var(payload, signature) = _discourseService.CreatePayload(nonce, user.Email.Address, user.Id,
user.UserName, user.Name,
Url.Action("Avatar", "Files", new { id = user.Id }, Request.Scheme, Request.Host.Value), user.Biography,
user.Roles, _roleManager.Roles.Where(r => !user.Roles.Contains(r.Name)).Select(r => r.Name).ToList(),
(await _authorizationService.AuthorizeAsync(User, null,
SimplePermissionRequirement.For(SimplePermissionType.DiscourseAdmin))).Succeeded,
(await _authorizationService.AuthorizeAsync(User, null,
SimplePermissionRequirement.For(SimplePermissionType.DiscourseModerator))).Succeeded, true, false);
if (returnUrl == null)
{
returnUrl = Request.Headers["Referer"];
}
var url = returnUrl.SetQueryParam("sso", payload).SetQueryParam("sig", signature);
return(Redirect(url));
}
