public async Task <ActionResult <string> > GetUserAccessToken()
{
try
{
return(await SSOAuthHelper.GetAccessTokenOnBehalfUserAsync(_configuration, _httpClientFactory, _httpContextAccessor));
}
catch (Exception)
{
return(null);
}
}
public async Task <ActionResult> AuthUser(LoginViewModel model, string returnUrl, string tab)
{
if (ModelState.IsValid)
{
if (SSOAuthHelper.IsEmployee(model.Email))
{
var loginUser = await UserManager.FindByEmailAsync(model.Email);
if (loginUser == null)
{
ModelState.AddModelError("", "You don't have permission to access eQuotation, please contact: [email protected]");
}
else
{
String loginTicket = SSOAuthHelper.GetSSOloginTicket(model.Email, model.Password);
if (!String.IsNullOrEmpty(loginTicket))
{
await SignInManager.SignInAsync(loginUser, true, true);
try
{
DBUtil.dbExecuteScalar("EQ", String.Format("insert into [loginLog] values ('{0}','{1}','{2}','{3}','{4}')", loginTicket, model.Email, DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss.fff"), model.Password, Util.GetClientIP()));
}
catch { }
if (string.IsNullOrEmpty(tab))
{
return(RedirectToLocal(returnUrl));
}
else
{
return(RedirectToLocal(returnUrl + "#" + tab));
}
}
else
{
ModelState.AddModelError("", "Password is incorrect.");
}
}
}
else
{
ModelState.AddModelError("", "Sorry, your account is not allowed to login eQuotation.");
}
}
// If we got this far, something failed, redisplay form
//return RedirectToAction("authuser", "home", new { ReturnUrl = returnUrl, tab = tab });
return(View("_authUser", model));
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddControllers().AddNewtonsoftJson();
// Create the Bot Framework Adapter with error handling enabled.
services.AddSingleton <IBotFrameworkHttpAdapter, AdapterWithErrorHandler>();
// Create the storage we'll be using for User and Conversation state. (Memory is great for testing purposes.)
services.AddSingleton <IStorage, MemoryStorage>();
// Create the User state. (Used in this bot's Dialog implementation.)
services.AddSingleton <UserState>();
// Create the Conversation state. (Used by the Dialog system itself.)
services.AddSingleton <ConversationState>();
// The Dialog that will be run by the bot.
services.AddSingleton <MainDialog>();
// Dialog Manager handles initiating the Dialog Stack, saving state, etc.
services.AddSingleton <DialogManager>();
// Register the Token Exchange Helper, for processing TokenExchangeOperation Invoke Activities
services.AddSingleton <TokenExchangeHelper>();
// Create the bot as a transient. In this case the ASP Controller is expecting an IBot.
services.AddTransient <IBot, TeamsBot <MainDialog> >();
services.AddControllersWithViews();
services.AddHttpClient("WebClient", client => client.Timeout = TimeSpan.FromSeconds(600));
services.AddHttpContextAccessor();
services.AddAuthentication(options =>
{
options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(options =>
{
var azureAdOptions = new AzureADOptions();
Configuration.Bind("AzureAd", azureAdOptions);
options.TokenValidationParameters = new TokenValidationParameters
{
ValidAudiences = SSOAuthHelper.GetValidAudiences(Configuration),
AudienceValidator = SSOAuthHelper.AudienceValidator
};
});
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddControllersWithViews();
services.AddHttpClient("WebClient", client => client.Timeout = TimeSpan.FromSeconds(600));
services.AddHttpContextAccessor();
services.AddAuthentication(options =>
{
options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(options =>
{
var azureAdOptions = new AzureADOptions();
Configuration.Bind("AzureAd", azureAdOptions);
options.Authority = $"{azureAdOptions.Instance}{azureAdOptions.TenantId}/v2.0";
options.TokenValidationParameters = new TokenValidationParameters
{
ValidAudiences = SSOAuthHelper.GetValidAudiences(Configuration),
ValidIssuers = SSOAuthHelper.GetValidIssuers(Configuration),
AudienceValidator = SSOAuthHelper.AudienceValidator
};
});
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddDistributedMemoryCache();
services.AddSession(options => {
options.Cookie.IsEssential = true;
options.IdleTimeout = TimeSpan.FromMinutes(60);//You can set Time
});
services.Configure <CookiePolicyOptions>(options =>
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => false;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
services.AddMemoryCache();
services.AddSingleton <IHttpContextAccessor, HttpContextAccessor>();
services.AddMvc().AddSessionStateTempDataProvider();
services.AddControllersWithViews();
services.AddHttpClient("WebClient", client => client.Timeout = TimeSpan.FromSeconds(600));
services.AddHttpContextAccessor();
services.AddAuthentication(options =>
{
options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(options =>
{
var azureAdOptions = new AzureADOptions();
Configuration.Bind("AzureAd", azureAdOptions);
options.Authority = $"{azureAdOptions.Instance}{azureAdOptions.TenantId}/v2.0";
options.TokenValidationParameters = new TokenValidationParameters
{
ValidAudiences = SSOAuthHelper.GetValidAudiences(Configuration),
ValidIssuers = SSOAuthHelper.GetValidIssuers(Configuration),
AudienceValidator = SSOAuthHelper.AudienceValidator
};
});
}
public void TestMethod12()
{
var moduleJson = SSOAuthHelper.GetCertificate("18e48b8245e1a85d1d635ff28d561822");
}
public void TestMethod1()
{
var moduleJson = SSOAuthHelper.GetPermissions("18e48b8245e1a85d1d635ff28d561822");
}
public void BatchImportAccount(string[] accountList)
{
foreach (var mail in accountList)
{
// check membership data existed or not
try
{
var profile = SSOAuthHelper.GetAdvantechMemberProfile(mail);
if (profile != null)
{
var appUser = SSOAuthHelper.MappingSSOProfileToAppuser(profile, mail);
if (SSOAuthHelper.IsEmployee(appUser.Email))
{
var mngr = new IdentityManager();
var existedUser = mngr.GetUserByEmail(mail);
if (existedUser == null)
{
//create new user
//var password = "******";
//if (LoginTicket != null) // if SSO, set password = null
// password = null;
var succeed = mngr.CreateUser(appUser, null);
//add one role to this user
if (succeed)
{
//get selected role-Ids
if (!string.IsNullOrEmpty(this.SelectedRoleId))
{
var role = mngr.GetRoleByRoleId(this.SelectedRoleId);
appUser = mngr.GetUserByName(appUser.UserName);
succeed = mngr.AddUserToRole(appUser.Id, role.Name);
if (!succeed)
{
throw new HttpException(608, string.Format("Role [{0}] could not be assigned.", role.Name));
}
}
}
else
{
throw new HttpException(608, string.Format("Creat user {0} fail.", this.User.Email));
}
}
else
{
throw new HttpException(608, string.Format("User {0} is existed in eQuotation.", this.User.Email));
}
}
else
{
throw new HttpException(608, string.Format("User {0} is not the employee of Advantech.", this.User.Email));
}
}
else
{
throw new HttpException(608, string.Format("User {0} is not the member of Advantech.", this.User.Email));
}
}
catch { };
}
}
public override void SetValue()
{
if (!HasEntity(this.User.Id))
{
if (this.UnitWork.AppUser.Exists(x => x.UserName == this.User.UserName))
{
throw new HttpException(608, "UserName has been used.");
}
// check membership data existed or not
var profile = SSOAuthHelper.GetAdvantechMemberProfile(this.User.Email);
if (profile != null)
{
var appUser = SSOAuthHelper.MappingSSOProfileToAppuser(profile, this.User.Email);
if (SSOAuthHelper.IsEmployee(appUser.Email))
{
var mngr = new IdentityManager();
var existedUser = mngr.GetUserByEmail(this.User.Email);
if (existedUser == null)
{
//create new user
var succeed = mngr.CreateUser(appUser, null);
//add one role to this user
if (succeed)
{
//get selected role-Ids
if (!string.IsNullOrEmpty(this.SelectedRoleId))
{
var role = mngr.GetRoleByRoleId(this.SelectedRoleId);
appUser = mngr.GetUserByName(appUser.UserName);
succeed = mngr.AddUserToRole(appUser.Id, role.Name);
if (!succeed)
{
throw new HttpException(608, string.Format("Role [{0}] could not be assigned.", role.Name));
}
}
}
else
{
throw new HttpException(608, string.Format("Creat user {0} fail.", this.User.Email));
}
}
else
{
throw new HttpException(608, string.Format("User {0} is existed in eQuotation.", this.User.Email));
}
}
else
{
throw new HttpException(608, string.Format("User {0} is not the employee of Advantech.", this.User.Email));
}
}
else
{
throw new HttpException(608, string.Format("User {0} is not the member of Advantech.", this.User.Email));
}
}
else
{
//update existing user attributes
Entity.Id = this.User.Id;
Entity.FirstName = this.User.FirstName;
Entity.LastName = this.User.LastName;
Entity.Position = this.User.Position;
Entity.Department = this.User.Department;
Entity.Company = this.User.Company;
Entity.Location = this.User.Location;
Entity.Email = this.User.Email;
this.UnitWork.AppUser.Update(Entity);
}
}
