public async Task <ActionResult <string> > GetUserAccessToken() { try { return(await SSOAuthHelper.GetAccessTokenOnBehalfUserAsync(_configuration, _httpClientFactory, _httpContextAccessor)); } catch (Exception) { return(null); } }
public async Task <ActionResult> AuthUser(LoginViewModel model, string returnUrl, string tab) { if (ModelState.IsValid) { if (SSOAuthHelper.IsEmployee(model.Email)) { var loginUser = await UserManager.FindByEmailAsync(model.Email); if (loginUser == null) { ModelState.AddModelError("", "You don't have permission to access eQuotation, please contact: [email protected]"); } else { String loginTicket = SSOAuthHelper.GetSSOloginTicket(model.Email, model.Password); if (!String.IsNullOrEmpty(loginTicket)) { await SignInManager.SignInAsync(loginUser, true, true); try { DBUtil.dbExecuteScalar("EQ", String.Format("insert into [loginLog] values ('{0}','{1}','{2}','{3}','{4}')", loginTicket, model.Email, DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss.fff"), model.Password, Util.GetClientIP())); } catch { } if (string.IsNullOrEmpty(tab)) { return(RedirectToLocal(returnUrl)); } else { return(RedirectToLocal(returnUrl + "#" + tab)); } } else { ModelState.AddModelError("", "Password is incorrect."); } } } else { ModelState.AddModelError("", "Sorry, your account is not allowed to login eQuotation."); } } // If we got this far, something failed, redisplay form //return RedirectToAction("authuser", "home", new { ReturnUrl = returnUrl, tab = tab }); return(View("_authUser", model)); }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { services.AddControllers().AddNewtonsoftJson(); // Create the Bot Framework Adapter with error handling enabled. services.AddSingleton <IBotFrameworkHttpAdapter, AdapterWithErrorHandler>(); // Create the storage we'll be using for User and Conversation state. (Memory is great for testing purposes.) services.AddSingleton <IStorage, MemoryStorage>(); // Create the User state. (Used in this bot's Dialog implementation.) services.AddSingleton <UserState>(); // Create the Conversation state. (Used by the Dialog system itself.) services.AddSingleton <ConversationState>(); // The Dialog that will be run by the bot. services.AddSingleton <MainDialog>(); // Dialog Manager handles initiating the Dialog Stack, saving state, etc. services.AddSingleton <DialogManager>(); // Register the Token Exchange Helper, for processing TokenExchangeOperation Invoke Activities services.AddSingleton <TokenExchangeHelper>(); // Create the bot as a transient. In this case the ASP Controller is expecting an IBot. services.AddTransient <IBot, TeamsBot <MainDialog> >(); services.AddControllersWithViews(); services.AddHttpClient("WebClient", client => client.Timeout = TimeSpan.FromSeconds(600)); services.AddHttpContextAccessor(); services.AddAuthentication(options => { options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme; }) .AddJwtBearer(options => { var azureAdOptions = new AzureADOptions(); Configuration.Bind("AzureAd", azureAdOptions); options.TokenValidationParameters = new TokenValidationParameters { ValidAudiences = SSOAuthHelper.GetValidAudiences(Configuration), AudienceValidator = SSOAuthHelper.AudienceValidator }; }); }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { services.AddControllersWithViews(); services.AddHttpClient("WebClient", client => client.Timeout = TimeSpan.FromSeconds(600)); services.AddHttpContextAccessor(); services.AddAuthentication(options => { options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme; }) .AddJwtBearer(options => { var azureAdOptions = new AzureADOptions(); Configuration.Bind("AzureAd", azureAdOptions); options.Authority = $"{azureAdOptions.Instance}{azureAdOptions.TenantId}/v2.0"; options.TokenValidationParameters = new TokenValidationParameters { ValidAudiences = SSOAuthHelper.GetValidAudiences(Configuration), ValidIssuers = SSOAuthHelper.GetValidIssuers(Configuration), AudienceValidator = SSOAuthHelper.AudienceValidator }; }); }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { services.AddDistributedMemoryCache(); services.AddSession(options => { options.Cookie.IsEssential = true; options.IdleTimeout = TimeSpan.FromMinutes(60);//You can set Time }); services.Configure <CookiePolicyOptions>(options => { // This lambda determines whether user consent for non-essential cookies is needed for a given request. options.CheckConsentNeeded = context => false; options.MinimumSameSitePolicy = SameSiteMode.None; }); services.AddMemoryCache(); services.AddSingleton <IHttpContextAccessor, HttpContextAccessor>(); services.AddMvc().AddSessionStateTempDataProvider(); services.AddControllersWithViews(); services.AddHttpClient("WebClient", client => client.Timeout = TimeSpan.FromSeconds(600)); services.AddHttpContextAccessor(); services.AddAuthentication(options => { options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme; }) .AddJwtBearer(options => { var azureAdOptions = new AzureADOptions(); Configuration.Bind("AzureAd", azureAdOptions); options.Authority = $"{azureAdOptions.Instance}{azureAdOptions.TenantId}/v2.0"; options.TokenValidationParameters = new TokenValidationParameters { ValidAudiences = SSOAuthHelper.GetValidAudiences(Configuration), ValidIssuers = SSOAuthHelper.GetValidIssuers(Configuration), AudienceValidator = SSOAuthHelper.AudienceValidator }; }); }
public void TestMethod12() { var moduleJson = SSOAuthHelper.GetCertificate("18e48b8245e1a85d1d635ff28d561822"); }
public void TestMethod1() { var moduleJson = SSOAuthHelper.GetPermissions("18e48b8245e1a85d1d635ff28d561822"); }
public void BatchImportAccount(string[] accountList) { foreach (var mail in accountList) { // check membership data existed or not try { var profile = SSOAuthHelper.GetAdvantechMemberProfile(mail); if (profile != null) { var appUser = SSOAuthHelper.MappingSSOProfileToAppuser(profile, mail); if (SSOAuthHelper.IsEmployee(appUser.Email)) { var mngr = new IdentityManager(); var existedUser = mngr.GetUserByEmail(mail); if (existedUser == null) { //create new user //var password = "******"; //if (LoginTicket != null) // if SSO, set password = null // password = null; var succeed = mngr.CreateUser(appUser, null); //add one role to this user if (succeed) { //get selected role-Ids if (!string.IsNullOrEmpty(this.SelectedRoleId)) { var role = mngr.GetRoleByRoleId(this.SelectedRoleId); appUser = mngr.GetUserByName(appUser.UserName); succeed = mngr.AddUserToRole(appUser.Id, role.Name); if (!succeed) { throw new HttpException(608, string.Format("Role [{0}] could not be assigned.", role.Name)); } } } else { throw new HttpException(608, string.Format("Creat user {0} fail.", this.User.Email)); } } else { throw new HttpException(608, string.Format("User {0} is existed in eQuotation.", this.User.Email)); } } else { throw new HttpException(608, string.Format("User {0} is not the employee of Advantech.", this.User.Email)); } } else { throw new HttpException(608, string.Format("User {0} is not the member of Advantech.", this.User.Email)); } } catch { }; } }
public override void SetValue() { if (!HasEntity(this.User.Id)) { if (this.UnitWork.AppUser.Exists(x => x.UserName == this.User.UserName)) { throw new HttpException(608, "UserName has been used."); } // check membership data existed or not var profile = SSOAuthHelper.GetAdvantechMemberProfile(this.User.Email); if (profile != null) { var appUser = SSOAuthHelper.MappingSSOProfileToAppuser(profile, this.User.Email); if (SSOAuthHelper.IsEmployee(appUser.Email)) { var mngr = new IdentityManager(); var existedUser = mngr.GetUserByEmail(this.User.Email); if (existedUser == null) { //create new user var succeed = mngr.CreateUser(appUser, null); //add one role to this user if (succeed) { //get selected role-Ids if (!string.IsNullOrEmpty(this.SelectedRoleId)) { var role = mngr.GetRoleByRoleId(this.SelectedRoleId); appUser = mngr.GetUserByName(appUser.UserName); succeed = mngr.AddUserToRole(appUser.Id, role.Name); if (!succeed) { throw new HttpException(608, string.Format("Role [{0}] could not be assigned.", role.Name)); } } } else { throw new HttpException(608, string.Format("Creat user {0} fail.", this.User.Email)); } } else { throw new HttpException(608, string.Format("User {0} is existed in eQuotation.", this.User.Email)); } } else { throw new HttpException(608, string.Format("User {0} is not the employee of Advantech.", this.User.Email)); } } else { throw new HttpException(608, string.Format("User {0} is not the member of Advantech.", this.User.Email)); } } else { //update existing user attributes Entity.Id = this.User.Id; Entity.FirstName = this.User.FirstName; Entity.LastName = this.User.LastName; Entity.Position = this.User.Position; Entity.Department = this.User.Department; Entity.Company = this.User.Company; Entity.Location = this.User.Location; Entity.Email = this.User.Email; this.UnitWork.AppUser.Update(Entity); } }