/// <summary>
/// Initiates a new authentication process and returns to the ADFS system.
/// </summary>
/// <param name="identityClaim">Claim information from the ADFS</param>
/// <param name="request">The http request</param>
/// <param name="authContext">The context for the authentication</param>
/// <returns>new instance of IAdapterPresentationForm</returns>
public IAdapterPresentation BeginAuthentication(Claim identityClaim, HttpListenerRequest request, IAuthenticationContext authContext)
{
#if DEBUG
Debug.WriteLine(debugPrefix + " Claim value: " + identityClaim.Value);
#endif
// seperates the username from the domain
// TODO: Map the domain to the ID3A realm
string[] tmp = identityClaim.Value.Split('\\');
string username = "";
if (tmp.Length > 1)
{
username = tmp[1];
}
else
{
username = tmp[0];
}
// check if ssl is disabled in the config
// TODO: Delete for security reasons
if (!ssl)
{
ServicePointManager.ServerCertificateValidationCallback += (sender, certificate, chain, sslPolicyErrors) => true;
}
// trigger challenge
otp_prov = new OTPprovider(privacyIDEAurl);
// get a new admin token for all requests if the an admin pw is defined
// #2
if (!string.IsNullOrEmpty(admin_pw) && !string.IsNullOrEmpty(admin_user))
{
token = otp_prov.getAuthToken(admin_user, admin_pw);
// trigger a challenge (SMS, Mail ...) for the the user
#if DEBUG
Debug.WriteLine(debugPrefix + " User: "******" Realm: " + privacyIDEArealm);
#endif
transaction_id = otp_prov.triggerChallenge(username, privacyIDEArealm, token);
}
// set vars to context - fix for 14 and 15
authContext.Data.Add("userid", username);
authContext.Data.Add("realm", privacyIDEArealm);
authContext.Data.Add("transaction_id", transaction_id);
return(new AdapterPresentationForm(false, uidefinition));
}
/// <summary>
/// Initiates a new authentication process and returns to the ADFS system.
/// </summary>
/// <param name="identityClaim">Claim information from the ADFS</param>
/// <param name="request">The http request</param>
/// <param name="authContext">The context for the authentication</param>
/// <returns>new instance of IAdapterPresentationForm</returns>
public IAdapterPresentation BeginAuthentication(Claim identityClaim, HttpListenerRequest request, IAuthenticationContext authContext)
{
#if DEBUG
Debug.WriteLine(debugPrefix + " Claim value: " + identityClaim.Value);
#endif
// seperates the username from the domain
// TODO: Map the domain to the ID3A realm
string username, domain, upn;
string[] tmp = identityClaim.Value.Split('\\');
if (tmp.Length > 1)
{
username = tmp[1];
domain = tmp[0];
if (use_upn)
{
// get UPN from sAMAccountName
upn = GetUserPrincipalName(username, domain);
}
else
{
upn = "not configured";
}
}
else
{
username = tmp[0];
upn = tmp[0];
domain = privacyIDEArealm;
}
#if DEBUG
Debug.WriteLine(debugPrefix + " UPN value: " + upn + " Domain value: " + domain);
#endif
// check if ssl is disabled in the config
// TODO: Delete for security reasons
if (!ssl)
{
ServicePointManager.ServerCertificateValidationCallback += (sender, certificate, chain, sslPolicyErrors) => true;
}
// use upn or sam as loginname attribute
if (use_upn)
{
username = upn;
}
// trigger challenge
otp_prov = new OTPprovider(privacyIDEAurl);
// get a new admin token for all requests if the an admin pw is defined
// #2
if (!string.IsNullOrEmpty(admin_pw) && !string.IsNullOrEmpty(admin_user))
{
token = otp_prov.getAuthToken(admin_user, admin_pw);
// trigger a challenge (SMS, Mail ...) for the the user
#if DEBUG
Debug.WriteLine(debugPrefix + " User: "******" Realm: " + privacyIDEArealm);
#endif
transaction_id = otp_prov.triggerChallenge(username, privacyIDEArealm, token);
}
// set vars to context - fix for 14 and 15
authContext.Data.Add("userid", username);
authContext.Data.Add("realm", privacyIDEArealm);
authContext.Data.Add("transaction_id", transaction_id);
// defeine if massage will be showen
if (show_challenge)
{
message = otp_prov.ChallengeMessage;
}
return(new AdapterPresentationForm(false, message, uidefinition));
}
