Exemple #1
0
        public ActionResult ExternalLoginCallback(string returnUrl)
        {
            AuthenticationResult result = OAuthWebSecurity.VerifyAuthentication(Url.Action("ExternalLoginCallback", new { ReturnUrl = returnUrl }));
            if (!result.IsSuccessful)
            {
                return RedirectToAction("ExternalLoginFailure");
            }

            var securityManager = new OpenAuthSecurityManager(HttpContext, new ProxyOAuthClient(result.Provider), new NoDbOAuthDataProvider());

            if (securityManager.Login(result.ProviderUserId, false))
            {
                return RedirectToLocal(returnUrl);
            }

            if (User.Identity.IsAuthenticated)
            {
                // If the current user is logged in add the new account
                OAuthWebSecurity.CreateOrUpdateAccount(result.Provider, result.ProviderUserId, User.Identity.Name);
                return RedirectToLocal(returnUrl);
            }
            else
            {
                // User is new, ask for their desired membership name
                string loginData = OAuthWebSecurity.SerializeProviderUserId(result.Provider, result.ProviderUserId);
                ViewBag.ProviderDisplayName = OAuthWebSecurity.GetOAuthClientData(result.Provider).DisplayName;
                ViewBag.ReturnUrl = returnUrl;
                return View("ExternalLoginConfirmation", new RegisterExternalLoginModel { UserName = result.UserName, ExternalLoginData = loginData });
            }
        }
Exemple #2
0
 /// <summary>
 ///   Verifies the authentication.
 /// </summary>
 /// <param name="client"> The client. </param>
 /// <param name="provider"> The provider. </param>
 /// <param name="returnUrl"> The return URL. </param>
 /// <returns> </returns>
 public AuthenticationResult VerifyAuthentication(IAuthenticationClient client, IOpenAuthDataProvider provider,
                                                  string returnUrl)
 {
     var context = new HttpContextWrapper(HttpContext.Current);
     var securityManager = new OpenAuthSecurityManager(context, client, provider);
     return securityManager.VerifyAuthentication(returnUrl);
 }
Exemple #3
0
		public static AuthenticationResult VerifyAuthentication()
		{
			var ms = new GoogleOAuth2Client(Configuration.OauthClientId, Configuration.OauthClientSecret);
			var manager = new OpenAuthSecurityManager(new HttpContextWrapper(HttpContext.Current), 
				ms, OAuthDataProvider.Instance);
			GoogleOAuth2Client.RewriteRequest();
			return manager.VerifyAuthentication(Configuration.OauthRedirect);
		}
Exemple #4
0
        public static void RequestAuthentication(Membership membership, string connectName, HttpContextBase httpContext, string returnUrl)
        {
            var client = GetAuthClient(membership, connectName);

            OpenAuthSecurityManager manager = new OpenAuthSecurityManager(httpContext, client.GetOpenAuthClient(), new MembershipOpenAuthDataProvider());
            manager.RequestAuthentication(returnUrl);
            //client.RequestAuthentication(httpContext, new Uri(returnUrl));
        }
Exemple #5
0
 internal static AuthResult VerifyAuthenticationCore(Kooboo.CMS.Membership.Models.Membership membership, HttpContextBase context, string returnUrl)
 {
     IAuthClient client;
     string providerName = OpenAuthSecurityManager.GetProviderName(context);
     if (string.IsNullOrEmpty(providerName))
     {
         return AuthResult.Failed;
     }
     client = GetAuthClient(membership, providerName);
     if (client == null)
     {
         throw new InvalidOperationException("Invalid membership connect.");
     }
     OpenAuthSecurityManager manager = new OpenAuthSecurityManager(context, client.GetOpenAuthClient(), new MembershipOpenAuthDataProvider());
     var result = manager.VerifyAuthentication(returnUrl);
     return new AuthResult(result);
 }
Exemple #6
0
 internal static bool LoginCore(HttpContextBase context, string providerName, string providerUserId, bool createPersistentCookie)
 {
     var provider = GetOAuthClient(providerName);
     var securityManager = new OpenAuthSecurityManager(context, provider, OAuthDataProvider);
     return securityManager.Login(providerUserId, createPersistentCookie);
 }
Exemple #7
0
        internal static AuthenticationResult VerifyAuthenticationCore(HttpContextBase context, string returnUrl)
        {
            string providerName = OpenAuthSecurityManager.GetProviderName(context);
            if (String.IsNullOrEmpty(providerName))
            {
                return AuthenticationResult.Failed;
            }

            IAuthenticationClient client;
            if (TryGetOAuthClient(providerName, out client))
            {
                var securityManager = new OpenAuthSecurityManager(context, client, OAuthDataProvider);
                return securityManager.VerifyAuthentication(returnUrl);
            }
            else
            {
                throw new InvalidOperationException(WebResources.InvalidServiceProviderName);
            }
        }
Exemple #8
0
 /// <summary>
 /// Requests the authentication core.
 /// </summary>
 /// <param name="context">The context.</param>
 /// <param name="provider">The provider.</param>
 /// <param name="returnUrl">The return URL.</param>
 internal static void RequestAuthenticationCore(HttpContextBase context, string provider, string returnUrl)
 {
     IAuthenticationClient client = GetOAuthClient(provider);
     var securityManager = new OpenAuthSecurityManager(context, client, OAuthDataProvider);
     securityManager.RequestAuthentication(returnUrl);
 }
Exemple #9
0
 public void RequestAuthentication(IAuthenticationClient client, IOpenAuthDataProvider provider, string returnUrl)
 {
     var securityManager = new OpenAuthSecurityManager(
         new HttpContextWrapper(HttpContext.Current), client, provider);
     securityManager.RequestAuthentication(returnUrl);
 }
Exemple #10
0
 public bool OAuthLogin(string provider, string providerUserId, bool persistCookie)
 {
     var oauthProvider = _authenticationClients[provider];
     var context = _applicationEnvironment.AcquireContext();
     var securityManager = new OpenAuthSecurityManager(context, oauthProvider.AuthenticationClient, this);
     return securityManager.Login(providerUserId, persistCookie);
 }
Exemple #11
0
        public bool OAuthLogin(OAuthAccount account, bool remember)
        {
            AuthenticationClientData oauthProvider = _authenticationClients[account.Provider];
            HttpContextBase context = _applicationEnvironment.AcquireContext();
            var securityManager = new OpenAuthSecurityManager(context, oauthProvider.AuthenticationClient, this);
            bool success = securityManager.Login(account.ProviderUserId, remember);
            if (success)
                return true;

            User user = GetUserByEmailAddress(account.Username);
            if (user == null)
                return false;

            user.OAuthAccounts.Add(account);
            _userCollection.Save(user);

            return securityManager.Login(account.ProviderUserId, remember);
        }
Exemple #12
0
        // GET: /api/auth/{provider}
        public HttpResponseMessage Get(string provider)
        {
            HttpResponseMessage response;
            var result = OpenAuth.VerifyAuthentication(VirtualPathUtility.ToAbsolute("~/api/auth/" + provider));

            if (!result.IsSuccessful)
            {
                response = this.Request.CreateResponse(HttpStatusCode.Redirect);
                response.Headers.Location = new Uri(VirtualPathUtility.ToAbsolute("~/login?auth=failed"), UriKind.Relative);
                return response;
            }

            var openAuthAccount = this.db.UserOpenAuthAccounts.SingleOrDefault(a => a.ProviderName == result.Provider && a.ProviderUserID == result.ProviderUserId);

            if (openAuthAccount != null)
            {
                var manager = new OpenAuthSecurityManager(new HttpContextWrapper(HttpContext.Current), OpenAuth.AuthenticationClients.GetByProviderName(result.Provider), new OpenAuthDataProvider(this.db));

                if (manager.Login(result.ProviderUserId, createPersistentCookie: true))
                {
                    openAuthAccount.LastUsedDate = DateTime.UtcNow;
                    this.db.SaveChanges();

                    response = this.Request.CreateResponse(HttpStatusCode.Redirect);
                    response.Headers.Location = new Uri(VirtualPathUtility.ToAbsolute("~/"), UriKind.Relative);
                    return response;
                }
            }

            if (this.User.Identity.IsAuthenticated)
            {
                var user = this.db.Users.SingleOrDefault(u => u.UserName == this.User.Identity.Name);

                if (user == null)
                {
                    throw new InvalidOperationException(string.Format("Cannot find a user with username '{0}'.", this.User.Identity.Name));
                }

                var dateNow = DateTime.UtcNow;

                this.db.UserOpenAuthAccounts.Add(new UserOpenAuthAccount
                {
                    UserID = user.UserID,
                    ProviderName = result.Provider,
                    ProviderUserID = result.ProviderUserId,
                    ProviderUserName = result.UserName,
                    LastUsedDate = dateNow
                });

                user.LastLoginDate = dateNow;
                user.LastActivityDate = dateNow;
                this.db.SaveChanges();

                response = this.Request.CreateResponse(HttpStatusCode.Redirect);
                response.Headers.Location = new Uri(VirtualPathUtility.ToAbsolute("~/"), UriKind.Relative);
                return response;
            }

            // User is new, ask for their desired membership name
            var loginData = CryptoUtility.Serialize("oauth", result.Provider, result.ProviderUserId, result.UserName);
            var url = "~/login?providerName=" + OpenAuth.GetProviderDisplayName(result.Provider) +
                      "&userName="******"@") ? result.UserName.Substring(0, result.UserName.IndexOf("@")) : result.UserName) +
                      "&email=" + (result.UserName.Contains("@") ? result.UserName : string.Empty) +
                      "&externalLoginData=" + loginData;

            response = this.Request.CreateResponse(HttpStatusCode.Redirect);
            response.Headers.Location = new Uri(VirtualPathUtility.ToAbsolute(url), UriKind.Relative);
            return response;
        }
Exemple #13
0
		public static AuthenticationResult VerifyAuthentication()
		{
			var manager = new OpenAuthSecurityManager(new HttpContextWrapper(HttpContext.Current),
				ms, OAuthDataProvider.Instance);
			return manager.VerifyAuthentication(Configuration.GitHubOauthRedirect);
		}