private static void SetPersonalInfo(Session session, IPrincipalClaimsInformation principalClaimsInformation) { IContactPersonalInfo personalInfo = session.Contact.GetFacet <IContactPersonalInfo>("Personal"); personalInfo.FirstName = principalClaimsInformation.GivenName; personalInfo.Surname = principalClaimsInformation.Surname; // if neither the given name nor the surname are specified for the user and // the display name is then we fall back to that field if (string.IsNullOrEmpty(principalClaimsInformation.GivenName) && string.IsNullOrEmpty(principalClaimsInformation.Surname) && !string.IsNullOrEmpty(principalClaimsInformation.DisplayName)) { personalInfo.Surname = principalClaimsInformation.DisplayName; } }
public override void Process(HttpRequestArgs args) { Assert.ArgumentNotNull(args, "args"); // NOTE [ILs] Only check authentication for claimbased authentication sites if (LoginSiteInfo.FastIsClaimsBasedCheck(Context.Site)) { ClaimsPrincipal federatedUser = _identityHelper.GetCurrentClaimsPrincipal() as ClaimsPrincipal; // algorithm: // 1 - if user is not logged in AND claimscookie is missing, return: anonymous visit -> handle in pipeline // 2 - if only claimscookie is available, delete this cookie -> handled by owin // 3 - if only ID in Database is available (not possible to check) -> handled by timer // 4 - if cookie, fedID and no sitecore ID is available -> redirect to login page, handled by sitecore // 5 - if only .ASPXAUTH cookiue is available (Context.IsLoggedIn) -> logout and redirect -> pipeline // 6 - if claimscookie, no fed ID and sitecore login is availalbe: logout and redirect -> pipeline // 7- if no claimscookie, no fed ID and sitecore login available: logout and redirect -> pipeline. // handled by // 1 - anonymous if (!Context.IsLoggedIn && federatedUser == null) { return; } if (Context.IsLoggedIn && federatedUser == null) { // 5 & 7 - pipeline if user is logged in LogoutAndRedirectToLogoutPage(); } else if (Context.IsLoggedIn && federatedUser != null) { // 8 all identities available // check if identity matches. // if not: redirect. Otherwise: return User user = Context.User; // compare identities // if not equal, , there is a cookie mismatch: // remove tokens, // logout sitecore user and // redirect to loginpage. LoginSiteInfo currentSiteInfo = new LoginSiteInfo(Context.Site); IPrincipalClaimsInformation principalClaimsInformation = (IPrincipalClaimsInformation) // ReSharper disable once AssignNullToNotNullAttribute - Will never be null Activator.CreateInstance(Type.GetType(currentSiteInfo.PrincipleClaimsInfoClass), federatedUser.Claims); AuthenticationCheckPipelineArgs pipelineArgs = new AuthenticationCheckPipelineArgs { ClaimsUser = federatedUser, SitecoreUser = user, PrincipalClaimsInformation = principalClaimsInformation }; CorePipeline.Run("authenticationCheck", pipelineArgs); if (!pipelineArgs.IsCheckSuccess) { LogoutAndRedirectToLogoutPage(); } } else { // several options: // Callback from the federated Identity provider, or an unexpected situation // Callback from the identity provider // entry from /login, auth context if (HttpContext.Current.Request.Url.PathAndQuery.StartsWith( Context.Site.LoginPage, StringComparison.InvariantCultureIgnoreCase)) { return; } // For all other situations: // Log to database for other situation LogoutAndRedirectToLogoutPage(); } } }