Esempio n. 1
0
        private ExternalIdentity MapToExternalIdentity(IEnumerable <Claim> claims)
        {
            var externalId = ExternalIdentity.FromClaims(claims);

            if (externalId != null && _externalClaimsFilter != null)
            {
                externalId.Claims = _externalClaimsFilter.Filter(externalId.Provider, externalId.Claims);
            }
            return(externalId);
        }
Esempio n. 2
0
        public async Task <IHttpActionResult> LoginExternalCallback()
        {
            Logger.Info("Callback invoked from external identity provider ");

            var signInId = await GetSignInIdFromExternalProvider();

            if (signInId.IsMissing())
            {
                Logger.Error("No signin id passed");
                return(RenderErrorPage());
            }

            var cookie        = new MessageCookie <SignInMessage>(Request.GetOwinContext(), this._options);
            var signInMessage = cookie.Read(signInId);

            if (signInMessage == null)
            {
                Logger.Error("No cookie matching signin id found");
                return(RenderErrorPage());
            }

            var user = await GetIdentityFromExternalProvider();

            if (user == null)
            {
                Logger.Error("no identity from external identity provider");
                return(await RenderLoginPage(signInMessage, signInId, Messages.NoMatchingExternalAccount));
            }

            var externalIdentity = ExternalIdentity.FromClaims(user.Claims);

            if (externalIdentity == null)
            {
                Logger.Error("no subject or unique identifier claims from external identity provider");
                return(await RenderLoginPage(signInMessage, signInId, Messages.NoMatchingExternalAccount));
            }

            Logger.InfoFormat("external user provider: {0}, provider ID: {1}", externalIdentity.Provider, externalIdentity.ProviderId);

            var authResult = await _userService.AuthenticateExternalAsync(externalIdentity);

            if (authResult == null)
            {
                Logger.Warn("user service failed to authenticate external identity");
                return(await RenderLoginPage(signInMessage, signInId, Messages.NoMatchingExternalAccount));
            }

            if (authResult.IsError)
            {
                Logger.WarnFormat("user service returned error message: {0}", authResult.ErrorMessage);
                return(await RenderLoginPage(signInMessage, signInId, authResult.ErrorMessage));
            }

            return(SignInAndRedirect(signInMessage, signInId, authResult));
        }
Esempio n. 3
0
        public async Task <IHttpActionResult> LoginExternalCallback(string error = null)
        {
            Logger.Info("Callback invoked from external identity provider");

            if (error.IsPresent())
            {
                if (error.Length > options.InputLengthRestrictions.ExternalError)
                {
                    error = error.Substring(0, options.InputLengthRestrictions.ExternalError);
                }

                Logger.ErrorFormat("External identity provider returned error: {0}", error);
                await eventService.RaiseExternalLoginErrorEventAsync(error);

                return(RenderErrorPage(String.Format(localizationService.GetMessage(MessageIds.ExternalProviderError), error)));
            }

            var signInId = await context.GetSignInIdFromExternalProvider();

            if (signInId.IsMissing())
            {
                Logger.Info("No signin id passed");
                return(HandleNoSignin());
            }

            var signInMessage = signInMessageCookie.Read(signInId);

            if (signInMessage == null)
            {
                Logger.Info("No cookie matching signin id found");
                return(HandleNoSignin());
            }

            var user = await context.GetIdentityFromExternalProvider();

            if (user == null)
            {
                Logger.Error("no identity from external identity provider");
                return(await RenderLoginPage(signInMessage, signInId, localizationService.GetMessage(MessageIds.NoMatchingExternalAccount)));
            }

            var externalIdentity = ExternalIdentity.FromClaims(user.Claims);

            if (externalIdentity == null)
            {
                var claims = user.Claims.Select(x => new { x.Type, x.Value });
                Logger.ErrorFormat("no subject or unique identifier claims from external identity provider. Claims provided:\r\n{0}", LogSerializer.Serialize(claims));
                return(await RenderLoginPage(signInMessage, signInId, localizationService.GetMessage(MessageIds.NoMatchingExternalAccount)));
            }

            Logger.InfoFormat("external user provider: {0}, provider ID: {1}", externalIdentity.Provider, externalIdentity.ProviderId);

            var externalContext = new ExternalAuthenticationContext
            {
                ExternalIdentity = externalIdentity,
                SignInMessage    = signInMessage
            };

            await userService.AuthenticateExternalAsync(externalContext);

            var authResult = externalContext.AuthenticateResult;

            if (authResult == null)
            {
                Logger.Warn("user service failed to authenticate external identity");

                var msg = localizationService.GetMessage(MessageIds.NoMatchingExternalAccount);
                await eventService.RaiseExternalLoginFailureEventAsync(externalIdentity, signInId, signInMessage, msg);

                return(await RenderLoginPage(signInMessage, signInId, msg));
            }

            if (authResult.IsError)
            {
                Logger.WarnFormat("user service returned error message: {0}", authResult.ErrorMessage);

                await eventService.RaiseExternalLoginFailureEventAsync(externalIdentity, signInId, signInMessage, authResult.ErrorMessage);

                return(await RenderLoginPage(signInMessage, signInId, authResult.ErrorMessage));
            }

            Logger.Info("External identity successfully validated by user service");

            await eventService.RaiseExternalLoginSuccessEventAsync(externalIdentity, signInId, signInMessage, authResult);

            return(await SignInAndRedirectAsync(signInMessage, signInId, authResult));
        }
        public async Task <IHttpActionResult> LoginExternalCallback(string error = null)
        {
            Logger.Info("Callback invoked from external identity provider");

            if (error.IsPresent())
            {
                Logger.ErrorFormat("External identity provider returned error: {0}", error);
                eventService.RaiseExternalLoginErrorEvent(error);
                return(RenderErrorPage(String.Format(localizationService.GetMessage(MessageIds.ExternalProviderError), error)));
            }

            var signInId = await context.GetSignInIdFromExternalProvider();

            if (signInId.IsMissing())
            {
                Logger.Error("No signin id passed");
                return(RenderErrorPage(localizationService.GetMessage(MessageIds.NoSignInCookie)));
            }

            var signInMessage = signInMessageCookie.Read(signInId);

            if (signInMessage == null)
            {
                Logger.Error("No cookie matching signin id found");
                return(RenderErrorPage(localizationService.GetMessage(MessageIds.NoSignInCookie)));
            }

            var user = await context.GetIdentityFromExternalProvider();

            if (user == null)
            {
                Logger.Error("no identity from external identity provider");
                return(await RenderLoginPage(signInMessage, signInId, localizationService.GetMessage(MessageIds.NoMatchingExternalAccount)));
            }

            var externalIdentity = ExternalIdentity.FromClaims(user.Claims);

            if (externalIdentity == null)
            {
                Logger.Error("no subject or unique identifier claims from external identity provider");
                return(await RenderLoginPage(signInMessage, signInId, localizationService.GetMessage(MessageIds.NoMatchingExternalAccount)));
            }

            Logger.InfoFormat("external user provider: {0}, provider ID: {1}", externalIdentity.Provider, externalIdentity.ProviderId);

            var authResult = await userService.AuthenticateExternalAsync(externalIdentity, signInMessage);

            if (authResult == null)
            {
                Logger.Warn("user service failed to authenticate external identity");

                var msg = localizationService.GetMessage(MessageIds.NoMatchingExternalAccount);
                eventService.RaiseExternalLoginFailureEvent(externalIdentity, signInId, signInMessage, msg);

                return(await RenderLoginPage(signInMessage, signInId, msg));
            }

            if (authResult.IsError)
            {
                Logger.WarnFormat("user service returned error message: {0}", authResult.ErrorMessage);

                eventService.RaiseExternalLoginFailureEvent(externalIdentity, signInId, signInMessage, authResult.ErrorMessage);

                return(await RenderLoginPage(signInMessage, signInId, authResult.ErrorMessage));
            }

            eventService.RaiseExternalLoginSuccessEvent(externalIdentity, signInId, signInMessage, authResult);

            return(SignInAndRedirect(signInMessage, signInId, authResult));
        }