async Task IAuthenticator.AuthenticateAsync(CancellationToken cancellationToken) { var loginRequest = BuildLoginRequest(); var response = await session.restRequester.PostAsync <LoginResponse>(loginRequest, cancellationToken).ConfigureAwait(false); session.ProcessLoginResponse(response); }
/// <see cref="IAuthenticator"/> async Task IAuthenticator.AuthenticateAsync(CancellationToken cancellationToken) { logger.Info("External Browser Authentication"); int localPort = GetRandomUnusedPort(); string proofKey; string samlResponseToken; using (var httpListener = GetHttpListener(localPort)) { httpListener.Start(); logger.Debug("Get IdpUrl and ProofKey"); var authenticatorRestRequest = BuildAuthenticatorRestRequest(localPort); var authenticatorRestResponse = await session.restRequester.PostAsync <AuthenticatorResponse>( authenticatorRestRequest, cancellationToken ).ConfigureAwait(false); authenticatorRestResponse.FilterFailedResponse(); var idpUrl = authenticatorRestResponse.data.ssoUrl; proofKey = authenticatorRestResponse.data.proofKey; logger.Debug("Open browser"); StartBrowser(idpUrl); logger.Debug("Get the redirect SAML request"); var context = await httpListener.GetContextAsync().ConfigureAwait(false); var request = context.Request; samlResponseToken = ValidateAndExtractToken(request); HttpListenerResponse response = context.Response; try { using (var output = response.OutputStream) { await output.WriteAsync(SUCCESS_RESPONSE, 0, SUCCESS_RESPONSE.Length).ConfigureAwait(false); } } catch (Exception e) { // Ignore the exception as it does not affect the overall authentication flow logger.Warn("External browser response not sent out"); } httpListener.Stop(); } logger.Debug("Send login request"); var loginResponse = await session.restRequester.PostAsync <LoginResponse>( BuildExternalBrowserLoginRequest(samlResponseToken, proofKey), cancellationToken ).ConfigureAwait(false); session.ProcessLoginResponse(loginResponse); }
/// <see cref="IAuthenticator"/> async Task IAuthenticator.AuthenticateAsync(CancellationToken cancellationToken) { logger.Info("Okta Authentication"); logger.Debug("step 1: get sso and token url"); var authenticatorRestRequest = BuildAuthenticatorRestRequest(); var authenticatorResponse = await session.restRequester.PostAsync <AuthenticatorResponse>(authenticatorRestRequest, cancellationToken); authenticatorResponse.FilterFailedResponse(); Uri ssoUrl = new Uri(authenticatorResponse.data.ssoUrl); Uri tokenUrl = new Uri(authenticatorResponse.data.tokenUrl); logger.Debug("step 2: verify urls fetched from step 1"); logger.Debug("Checking sso url"); VerifyUrls(ssoUrl, oktaUrl); logger.Debug("Checking token url"); VerifyUrls(tokenUrl, oktaUrl); logger.Debug("step 3: get idp onetime token"); IdpTokenRestRequest idpTokenRestRequest = BuildIdpTokenRestRequest(tokenUrl); var idpResponse = await session.restRequester.PostAsync <IdpTokenResponse>(idpTokenRestRequest, cancellationToken); string onetimeToken = idpResponse.CookieToken; logger.Debug("step 4: get SAML reponse from sso"); var samlRestRequest = BuildSAMLRestRequest(ssoUrl, onetimeToken); var samlRawResponse = await session.restRequester.GetAsync(samlRestRequest, cancellationToken); var samlRawHtmlString = await samlRawResponse.Content.ReadAsStringAsync(); logger.Debug("step 5: verify postback url in SAML reponse"); VerifyPostbackUrl(samlRawHtmlString); logger.Debug("step 6: send SAML reponse to snowflake to login"); var loginRestRequest = BuildOktaLoginRestRequest(samlRawHtmlString); var authnResponse = await session.restRequester.PostAsync <LoginResponse>(loginRestRequest, cancellationToken); session.ProcessLoginResponse(authnResponse); }