public static bool TryLogin(OidcModel model, out string errorReason)
 {
     return(TryLogin(new CallbackModel()
     {
         Jwt = model.IdToken
     }, model, out errorReason));
 }
        /// <summary>
        /// Used by Online
        /// </summary>
        /// <param name="token">Saml or JWT token</param>
        public static bool TryLogin(string token, string tokenType, OidcModel oidcModel, out string errorReason)
        {
            errorReason = String.Empty;
            var tokenHandler = new SuperIdTokenHandler();

            tokenHandler.ValidIssuer = oidcModel == null ? "SuperOffice AS" : "https://sod.superoffice.com"; // required for OIDC vs. Old Federated Auth...

            var useAppData = Convert.ToBoolean(ConfigurationManager.AppSettings["CertificatesInAppDataFolder"]);

            var typedTokenType = (SuperOffice.SuperID.Contracts.SystemUser.V1.TokenType)
                                 Enum.Parse(typeof(SuperOffice.SuperID.Contracts.SystemUser.V1.TokenType), tokenType);

            if (useAppData && typedTokenType == SuperOffice.SuperID.Contracts.SystemUser.V1.TokenType.Saml)
            {
                tokenHandler.IssuerTokenResolver =
                    new CertificateFileCertificateStoreTokenResolver(
                        HttpContext.Current.Server.MapPath("~/App_Data"));
                tokenHandler.CertificateValidator = X509CertificateValidator.None;
            }
            else if (useAppData && typedTokenType == SuperOffice.SuperID.Contracts.SystemUser.V1.TokenType.Jwt)
            {
                tokenHandler.JwtIssuerSigningCertificate =
                    new System.Security.Cryptography.X509Certificates.X509Certificate2(
                        HttpContext.Current.Server.MapPath("~/App_Data/") + "SuperOfficeFederatedLogin.crt");
            }
            else
            {
                tokenHandler.CertificateValidator = X509CertificateValidator.PeerTrust;
            }

            tokenHandler.ValidateAudience = false;
            var superIdClaims = tokenHandler.ValidateToken(token, typedTokenType);

            var context = new SuperOfficeContext
            {
                Ticket            = superIdClaims.Ticket,
                Email             = superIdClaims.Email,
                ContextIdentifier = superIdClaims.ContextIdentifier,
                NetServerUrl      = superIdClaims.NetserverUrl,
                SystemToken       = superIdClaims.SystemToken,
                CustomerKey       = String.Empty,
                IsOnSiteCustomer  = false,
                AccessToken       = oidcModel?.AccessToken,
                IdToken           = oidcModel?.IdToken,
                RefreshToken      = oidcModel?.RefreshToken
            };

            return(TryLogin(context, out errorReason));
        }
 public static bool TryLogin(CallbackModel model, OidcModel oidcModel, out string errorReason)
 {
     if (!String.IsNullOrEmpty(model.Jwt))
     {
         return(TryLogin(model.Jwt, SuperOffice.SuperID.Contracts.SystemUser.V1.TokenType.Jwt.ToString(), oidcModel, out errorReason));
     }
     else if (!String.IsNullOrEmpty(model.Saml))
     {
         return(TryLogin(model.Saml, SuperOffice.SuperID.Contracts.SystemUser.V1.TokenType.Saml.ToString(), oidcModel, out errorReason));
     }
     else
     {
         errorReason = "SAML and JWT empty.";
         return(false);
     }
 }