public void Setup() { _fakeHttpMessageHandler = new Mock <FakeHttpMessageHandler> { CallBase = true }; _fakeHttpMessageHandler .Setup(h => h.Send(It.IsAny <HttpRequestMessage>())) .Returns(new HttpResponseMessage { Content = new StringContent(JsonConvert.SerializeObject(new UserDto { Id = "0815-4711", UserName = "******" }), Encoding.UTF8, "application/json"), Headers = { CacheControl = new CacheControlHeaderValue { MaxAge = TimeSpan.FromHours(1), Private = true } } }); _unit = new IdentityProviderClient(new HttpClient(_fakeHttpMessageHandler.Object), () => new TenantInformation { SystemBaseUri = "http://localhost/", TenantId = "0" }); }
public IdentityProviderMiddleware(RequestDelegate next, IdentityProviderOptions clientOptions) { _next = next; var co = new IdentityProviderClientOptions { HttpClient = clientOptions.HttpClient, AllowAppSessions = clientOptions.AllowAppSessions, AllowedImpersonatedApps = clientOptions.AllowedImpersonatedApps, AllowExternalValidation = clientOptions.AllowExternalValidation, AllowImpersonatedUsers = clientOptions.AllowImpersonatedUsers, LogCallBack = clientOptions.LogCallBack, SystemBaseUri = clientOptions.BaseAddress, TenantInformationCallback = clientOptions.TenantInformationCallback, UseMinimizedOnlyIdValidateDetailLevel = clientOptions.UseMinimizedOnlyIdValidateDetailLevel }; _identityProviderClient = new IdentityProviderClient(co); }
public IdentityProviderMiddleware(RequestDelegate next, IdentityProviderOptions options) { _next = next; _identityProviderClient = new IdentityProviderClient(options.HttpClient, options.TenantInformationCallback, options.AllowExternalValidation); }
public void Get(string uwmAccountID) { System.Console.WriteLine(uwmAccountID); // The first thing you need to do is make sure that your user is logged in. It is likely that you use some // sort of cookie for that. var currentUser = this.GetCurrentUser(); if (currentUser == null) { this.redirectToLogin(); } // Once you have the current user on your end, you need to know which account on the Vendasta end that the // user is supposed to access. // In the Vendasta system, users have access to accounts. Accounts are a "business" - a physical location, // and can have one or more users. // In UWM's case, I believe that the users are "brokers" - we need to figure out whether a broker matches // up to an account in the Vendasta system, or whether a broker matches up to a user, and there is some // other business that the broker would have access to. // For this example, let's assume a few things here: // 1. Accounts in the Vendasta system have a "customer identifier" field pre-populated that matches up to // a UWM "account". // 2. The customer identifier is passed in via the URL (the {id} portion). // 3. The user may not have access to the specified account so you will want to run an access check, // if applicable. // First, you should check that your user has access to the ID that is being requested on your end: if (!this.canUserAccessID(currentUser, uwmAccountID)) { throw new System.UnauthorizedAccessException(); // or some kind of appropriate HTTP 403 error code. } // Once we know that the user has access to the specific account, we need to convert your account ID into // the Vendasta account ID (also known as a Business ID), in order to call the SSO API. // // We do so by searching for the business by customer ID: var req = new Business.V1.SearchRequest { Filters = new Business.V1.SearchRequest.Types.Filters { PartnerId = "USFS", // This is UWM's Partner ID. CustomerIdentifier = uwmAccountID } }; // In your actual code, you should store this client and reuse it, since it opens a new connection for each // instance. var _client = new BusinessServiceClient(Vendasta.Vax.Environment.Prod); var resp = _client.Search(req); // You might want to make sure that you only get one business back here, and you will definitely want to // check that you get at least one business back. var vendastaAccountID = resp.Businesses[0].BusinessId; // Finally, we can call the Vendasta SSO service to get the authenticated URL: var _ssoClient = new IdentityProviderClient(Vendasta.Vax.Environment.Prod); // "SM" is Social Marketing's service provider ID // sessionID is a unique identifier from your system indicating your user's unique session. // - It is recommended that you hash this value, Vendasta does not need the actual session ID from your // end, just something unique that you can reference on your end. // - For this example, I'm just using a new GUID // var urlBeforeAuthentication = string.Format("https://united-shore-financial-services-llc.socialsmbs.com/embed/account/{0}/compose", vendastaAccountID); var accountCtx = new Sso.V1.ServiceContext.Types.Account { AccountId = vendastaAccountID }; var serviceContext = new Sso.V1.ServiceContext { Account = accountCtx }; var ssoReq = new Sso.V1.GetEntryURLWithCodeRequest { Email = currentUser.email, SessionId = Guid.NewGuid().ToString(), ServiceProviderId = "SM", NextUrl = urlBeforeAuthentication, UserId = currentUser.userId, Context = serviceContext }; var ssoResp = _ssoClient.GetEntryURLWithCode(ssoReq); var authenticatedUrl = ssoResp.EntryUrl; Response.Redirect(authenticatedUrl); }