/// <summary>
/// the default page for altinn studio when the user is not logged inn
/// </summary>
/// <returns></returns>
public ActionResult StartPage()
{
string sessionId = Request.Cookies[_settings.GiteaCookieName];
AltinnCore.RepositoryClient.Model.User user = _giteaApi.GetCurrentUser(sessionId).Result;
if (user == null)
{
return(View("StartPage"));
}
return(this.RedirectToAction("Index", "Home"));
}
public async Task <Altinn.Studio.Designer.RepositoryClient.Model.User> Current()
{
// See comments in the configuration of Antiforgery in MvcConfiguration.cs.
var tokens = _antiforgery.GetAndStoreTokens(HttpContext);
HttpContext.Response.Cookies.Append("XSRF-TOKEN", tokens.RequestToken, new CookieOptions
{
HttpOnly = false // Make this cookie readable by Javascript.
});
return(await _giteaApi.GetCurrentUser());
}
public async Task <IActionResult> Login()
{
string userName = "******";
string goToUrl = "/";
if (_settings.ForceGiteaAuthentication)
{
// Temporary catch errors until we figure out how to force this.
try
{
string sessionId = Request.Cookies[_settings.GiteaCookieName];
AltinnCore.RepositoryClient.Model.User user = _giteaApi.GetCurrentUser(sessionId).Result;
if (user == null)
{
if (Environment.GetEnvironmentVariable("GiteaLoginEndpoint") != null)
{
return(Redirect(Environment.GetEnvironmentVariable("GiteaLoginEndpoint")));
}
return(Redirect(_settings.GiteaLoginUrl));
}
userName = user.Login;
}
catch (Exception ex)
{
return(Content(ex.ToString()));
}
}
List <Claim> claims = new List <Claim>();
const string Issuer = "https://altinn.no";
claims.Add(new Claim(AltinnCoreClaimTypes.Developer, userName, ClaimValueTypes.String, Issuer));
ClaimsIdentity identity = new ClaimsIdentity("TestUserLogin");
identity.AddClaims(claims);
ClaimsPrincipal principal = new ClaimsPrincipal(identity);
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, principal,
new AuthenticationProperties
{
ExpiresUtc = DateTime.UtcNow.AddMinutes(200),
IsPersistent = false,
AllowRefresh = false
});
return(LocalRedirect(goToUrl));
}
public AltinnCore.RepositoryClient.Model.User Current()
{
AltinnCore.RepositoryClient.Model.User user = _giteaApi.GetCurrentUser().Result;
return(user);
}
public async Task <AltinnCore.RepositoryClient.Model.User> Current() => await _giteaApi.GetCurrentUser();
/// <summary>
/// Method that logs inn test user
/// </summary>
/// <param name="id">The testUserId</param>
/// <param name="returnUrl">The returnUrl to redirect after login</param>
/// <param name="reportee">The reportee chosen</param>
/// <returns>Redirects to returnUrl</returns>
public async Task <IActionResult> LoginTestUser(int id, string returnUrl, string reportee)
{
string developer = null;
if (_settings.ForceGiteaAuthentication)
{
// Temporary catch errors until we figure out how to force this.
try
{
string sessionId = Request.Cookies[_settings.GiteaCookieName];
AltinnCore.RepositoryClient.Model.User user = _giteaApi.GetCurrentUser(sessionId).Result;
if (user == null)
{
if (Environment.GetEnvironmentVariable("GiteaEndpoint") != null)
{
return(Redirect(Environment.GetEnvironmentVariable("GiteaEndpoint") + "/user/login"));
}
return(Redirect(_settings.GiteaLoginUrl));
}
developer = user.Login;
}
catch (Exception ex)
{
return(Content(ex.ToString()));
}
}
UserProfile profile = _profile.GetUserProfile(id);
var claims = new List <Claim>();
const string Issuer = "https://altinn.no";
claims.Add(new Claim(AltinnCoreClaimTypes.UserName, profile.UserName, ClaimValueTypes.String, Issuer));
if (profile.UserType.Equals(UserType.Identified))
{
claims.Add(new Claim(AltinnCoreClaimTypes.SSN, profile.Party.Person.SSN, ClaimValueTypes.String, Issuer));
}
claims.Add(new Claim(AltinnCoreClaimTypes.UserId, profile.UserId.ToString(), ClaimValueTypes.Integer32, Issuer));
claims.Add(new Claim(AltinnCoreClaimTypes.PartyID, profile.PartyId.ToString(), ClaimValueTypes.Integer32, Issuer));
claims.Add(new Claim(AltinnCoreClaimTypes.AuthenticationLevel, "2", ClaimValueTypes.Integer32, Issuer));
if (developer != null)
{
claims.Add(new Claim(AltinnCoreClaimTypes.Developer, developer, ClaimValueTypes.String, Issuer));
}
ClaimsIdentity identity = new ClaimsIdentity("TestUserLogin");
identity.AddClaims(claims);
ClaimsPrincipal principal = new ClaimsPrincipal(identity);
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, principal,
new AuthenticationProperties
{
ExpiresUtc = DateTime.UtcNow.AddMinutes(200),
IsPersistent = false,
AllowRefresh = false
});
string goToUrl = "/";
if (!string.IsNullOrEmpty(returnUrl))
{
goToUrl = System.Net.WebUtility.UrlDecode(returnUrl);
}
List <Reportee> reporteeList = _authorization.GetReporteeList(profile.UserId);
Reportee reporteeBE = null;
if (!string.IsNullOrEmpty(reportee) && reporteeList.Any(r => r.ReporteeNumber.Equals(reportee)))
{
reporteeBE = reporteeList.FirstOrDefault(r => r.ReporteeNumber.Equals(reportee));
HttpContext.Response.Cookies.Append("altinncorereportee", reporteeBE.PartyID.ToString());
}
else
{
HttpContext.Response.Cookies.Append("altinncorereportee", profile.PartyId.ToString());
}
return(LocalRedirect(goToUrl));
}
