// Placeholder for the SSO routine, this will call an API from LN public SSOData Get() { SSOData data = new SSOData(); var ssourl = _configuration.GetSection("EditorialSettings:SingleSignOnUrl").Value; var email = User.Claims.Where(x => x.Type == "eml").FirstOrDefault().Value; var claims = User.Claims.ToString(); var accesToken = Request.Headers["Authorization"]; data.Email = email; data.Token = accesToken; // Editorial API Token, use this for the mean time data.Url = ssourl; return(data); }
public async Task <IActionResult> Index([FromQuery] SSOData data) { try { Console.WriteLine("SSO Controller- Index"); string id = HttpContext.Request.Form["id"]; string timestamp = HttpContext.Request.Form["timestamp"]; string token = HttpContext.Request.Form["token"]; string appName = HttpContext.Request.Form["app"]; string userEmail = HttpContext.Request.Form["email"]; foreach (var key in HttpContext.Request.Form.Keys) { Console.WriteLine("{0}=>{1}", key, HttpContext.Request.Form[key]); } //Clear all sessions HttpContext.Session.Clear(); //Generate token by using resource-id,HEROKU_SSO_SALT and timestamp value var preToken = string.Format("{0}:{1}:{2}", id, ConfigVars.Instance.herokuSalt, timestamp); //Convert to hash string preToken = Utilities.SHA1HashStringForUTF8String(preToken); Console.WriteLine(token + " : " + preToken); Console.WriteLine(timestamp); //Check token is matching with preToken. If not then throw error if (token != preToken) { Console.WriteLine("token not match"); return(new StatusCodeResult(403)); } //Check timestamp value is expired or not. If it expired then throw error if (Convert.ToInt64(timestamp) < Utilities.ConvertToUnixTime(DateTime.Now.AddMinutes(-(2 * 60)))) { return(new StatusCodeResult(403)); } Console.WriteLine("Find resource " + id); //validate account by resource id var resources = _resourcesRepository.Find(id); if (resources == null) { return(new StatusCodeResult(404)); } else { if (!string.IsNullOrEmpty(appName)) { if (string.IsNullOrEmpty(resources.app_name)) { //Assign app name resources.app_name = appName; } } if (!string.IsNullOrEmpty(userEmail)) { if (string.IsNullOrEmpty(resources.user_email)) { //Assign app name resources.user_email = userEmail; } } //Update app name _resourcesRepository.Update(resources); } //Update the main app name in resource table based on resource-id if app name is null //clear all cookie foreach (var cookie in Request.Cookies.Keys) { Response.Cookies.Delete(cookie); } var claims = new List <Claim>(); claims.Add(new Claim(ClaimTypes.NameIdentifier, resources.uuid)); claims.Add(new Claim(ClaimTypes.Version, resources.plan)); if (!string.IsNullOrEmpty(resources.user_name)) { claims.Add(new Claim(ClaimTypes.Name, resources.user_name)); } if (!string.IsNullOrEmpty(resources.user_email)) { claims.Add(new Claim(ClaimTypes.Email, resources.user_email)); } if (!string.IsNullOrEmpty(resources.private_app_url)) { claims.Add(new Claim(ClaimTypes.Uri, resources.private_app_url)); } if (!string.IsNullOrEmpty(resources.app_name)) { claims.Add(new Claim(Dedup.Common.Constants.HEROKU_MAIN_APP_NAME, resources.app_name)); } if (resources.partnerAuthToken != null) { Console.WriteLine("partnerAuthToken"); if (!string.IsNullOrEmpty(resources.partnerAuthToken.access_token)) { Console.WriteLine("resources.partnerAuthToken : {0}", resources.partnerAuthToken.access_token); claims.Add(new Claim(Dedup.Common.Constants.HEROKU_ACCESS_TOKEN, resources.partnerAuthToken.access_token)); } if (!string.IsNullOrEmpty(resources.partnerAuthToken.refresh_token)) { Console.WriteLine("resources.partnerAuthToken : {0}", resources.partnerAuthToken.refresh_token); claims.Add(new Claim(Dedup.Common.Constants.HEROKU_REFRESH_TOKEN, resources.partnerAuthToken.refresh_token)); } if (!string.IsNullOrEmpty(resources.partnerAuthToken.user_id)) { Console.WriteLine("resources.partnerAuthToken.user_id : {0}", resources.partnerAuthToken.user_id); claims.Add(new Claim(Dedup.Common.Constants.HEROKU_AUTH_USERID, resources.partnerAuthToken.user_id)); } if (resources.partnerAuthToken.expires_in.HasValue) { Console.WriteLine("resources.expires_in.HasValue : {0}", resources.partnerAuthToken.expires_in.ToString()); claims.Add(new Claim(Dedup.Common.Constants.HEROKU_TOKEN_EXPIREDIN, resources.partnerAuthToken.expires_in.Value.ToString())); } } else { Console.WriteLine("partnerAuthToken : null"); } await HttpContext.SignOutAsync(Dedup.Common.Constants.DEFAULT_AUTH_COOKIE_SCHEME); ClaimsPrincipal principal = new ClaimsPrincipal(new ClaimsIdentity(claims, Dedup.Common.Constants.DEFAULT_AUTH_COOKIE_SCHEME)); await HttpContext.SignInAsync(Dedup.Common.Constants.DEFAULT_AUTH_COOKIE_SCHEME, principal); return(RedirectToAction("index", "home")); } catch (Exception ex) { Console.WriteLine("ERROR: {0}", ex.Message); return(new StatusCodeResult(500)); } }