/
UserLogin.aspx.cs
88 lines (72 loc) · 3.55 KB
/
UserLogin.aspx.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
using System;
using System.Security.Cryptography.X509Certificates;
using System.Web.Security;
using System.Xml;
using ComponentPro.Saml;
using ComponentPro.Saml.Binding;
using ComponentPro.Saml2;
using ComponentPro.Saml2.Binding;
namespace SamlShibboleth.ServiceProvider
{
public partial class UserLogin : System.Web.UI.Page
{
protected string NavigateUrl;
private const string errorQueryParameter = "error";
protected void Page_Load(object sender, EventArgs e)
{
Form.DefaultFocus = txtPassword.ClientID;
Form.DefaultButton = btnLogin.UniqueID;
// Display any error message resulting from a failed login.
lblErrorMessage.Text = !String.IsNullOrEmpty(Request.QueryString[errorQueryParameter]) ? Request.QueryString[errorQueryParameter] : String.Empty;
}
protected void btnIdPLogin_Click(object sender, EventArgs e)
{
// Get the authentication request.
AuthnRequest authnRequest = Util.GetAuthnRequest(this);
// Get SP Resource URL.
string spResourceUrl = Util.GetAbsoluteUrl(this, FormsAuthentication.GetRedirectUrl("", false));
// Create relay state.
string relayState = Guid.NewGuid().ToString();
// Save the SP Resource URL to the cache.
SamlSettings.CacheProvider.Insert(relayState, spResourceUrl, new TimeSpan(1, 0, 0));
switch (Global.SingleSignOnServiceBinding)
{
case SamlBinding.HttpRedirect:
X509Certificate2 x509Certificate = (X509Certificate2)Application[Global.SpCertKey];
// Send authentication request using HTTP Redirect.
authnRequest.Redirect(Response, Global.SingleSignOnServiceURL, relayState, x509Certificate.PrivateKey);
break;
case SamlBinding.HttpPost:
// Send authentication request using HTTP POST form.
authnRequest.SendHttpPost(Response, Global.SingleSignOnServiceURL, relayState);
// End the response.
Response.End();
break;
case SamlBinding.HttpArtifact:
// Create a new http artifact.
string identificationUrl = Util.GetAbsoluteUrl(this, "~/");
Saml2ArtifactType0004 httpArtifact = new Saml2ArtifactType0004(SamlArtifact.GetSourceId(identificationUrl), SamlArtifact.GetHandle());
// Save the authentication request for subsequent sending using the artifact resolution protocol.
SamlSettings.CacheProvider.Insert(httpArtifact.ToString(), authnRequest.GetXml(), new TimeSpan(1, 0, 0));
// Send the artifact using HTTP POST form.
httpArtifact.SendPostForm(Response.OutputStream, Global.SingleSignOnServiceURL, relayState);
// End the response.
Response.End();
break;
default:
throw new ApplicationException("Invalid binding type");
}
}
protected void btnLogin_Click(object sender, EventArgs e)
{
if (FormsAuthentication.Authenticate(txtUserName.Text, txtPassword.Text))
{
FormsAuthentication.RedirectFromLoginPage(txtUserName.Text, false);
}
else
{
lblErrorMessage.Text = "The user name and password should be \"suser\" and \"password\".";
}
}
}
}