public async Task <ActionResult> ExternalLoginCallback(string returnUrl)
{
Microsoft.AspNet.Identity.Owin.ExternalLoginInfo loginInfo = await this.AuthenticationManager.GetExternalLoginInfoAsync();
if (loginInfo == null)
{
return(this.RedirectToAction("Login"));
}
// Sign in the user with this external login provider if the user already has a login
ApplicationUser user = await this.UserManager.FindAsync(loginInfo.Login);
if (user != null)
{
await this.SignInAsync(user, isPersistent : false);
return(this.RedirectToLocal(returnUrl));
}
else
{
// If the user does not have an account, then prompt the user to create an account
this.ViewBag.ReturnUrl = returnUrl;
this.ViewBag.LoginProvider = loginInfo.Login.LoginProvider;
return(this.View("ExternalLoginConfirmation", new ExternalLoginConfirmationViewModel {
UserName = loginInfo.DefaultUserName
}));
}
}
public async Task <IHttpActionResult> RegisterExternal(RegisterExternalBindingModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var verifiedAccessToken = await VerifyExternalAccessToken(model.Provider, model.ExternalAccessToken);
if (verifiedAccessToken == null)
{
return(BadRequest("Invalid Provider or External Access Token"));
}
IdentityUser user = await _repo.FindAsync(new UserLoginInfo(model.Provider, verifiedAccessToken.user_id));
bool hasRegistered = user != null;
if (hasRegistered)
{
return(BadRequest("External user is already registered"));
}
user = new IdentityUser()
{
UserName = model.UserName
};
IdentityResult result = await _repo.CreateAsync(user);
if (!result.Succeeded)
{
return(GetErrorResult(result));
}
var info = new Microsoft.AspNet.Identity.Owin.ExternalLoginInfo()
{
DefaultUserName = model.UserName,
Login = new UserLoginInfo(model.Provider, verifiedAccessToken.user_id)
};
result = await _repo.AddLoginAsync(user.Id, info.Login);
if (!result.Succeeded)
{
return(GetErrorResult(result));
}
//generate access token response
var accessTokenResponse = GenerateLocalAccessTokenResponse(model.UserName);
return(Ok(accessTokenResponse));
}
public static ExternalLoginInfo Create(Microsoft.AspNet.Identity.Owin.ExternalLoginInfo identityExternalLoginInfo)
{
if (identityExternalLoginInfo == null)
{
return(null);
}
var externalLoginInfo = new ExternalLoginInfo
{
DefaultUserName = identityExternalLoginInfo.DefaultUserName,
Email = identityExternalLoginInfo.Email,
ExternalIdentity = identityExternalLoginInfo.ExternalIdentity,
Login = Create(identityExternalLoginInfo.Login)
};
return(externalLoginInfo);
}
public async Task <ActionResult> ExternalLoginConfirmation(ExternalLoginConfirmationViewModel model, string returnUrl)
{
if (this.User.Identity.IsAuthenticated)
{
return(this.RedirectToAction("Manage"));
}
if (this.ModelState.IsValid)
{
// Get the information about the user from the external login provider
Microsoft.AspNet.Identity.Owin.ExternalLoginInfo info = await this.AuthenticationManager.GetExternalLoginInfoAsync();
if (info == null)
{
return(this.View("ExternalLoginFailure"));
}
ApplicationUser user = new ApplicationUser()
{
UserName = model.UserName
};
IdentityResult result = await this.UserManager.CreateAsync(user);
if (result.Succeeded)
{
result = await this.UserManager.AddLoginAsync(user.Id, info.Login);
if (result.Succeeded)
{
await this.SignInAsync(user, isPersistent : false);
return(this.RedirectToLocal(returnUrl));
}
}
this.AddErrors(result);
}
this.ViewBag.ReturnUrl = returnUrl;
return(this.View(model));
}
//
// GET: /Account/LinkLoginCallback
public async Task <ActionResult> LinkLoginCallback()
{
Microsoft.AspNet.Identity.Owin.ExternalLoginInfo loginInfo = await this.AuthenticationManager.GetExternalLoginInfoAsync(XsrfKey, this.User.Identity.GetUserId());
if (loginInfo == null)
{
return(this.RedirectToAction("Manage", new
{
Message = ManageMessageId.Error
}));
}
IdentityResult result = await this.UserManager.AddLoginAsync(this.User.Identity.GetUserId(), loginInfo.Login);
if (result.Succeeded)
{
return(this.RedirectToAction("Manage"));
}
return(this.RedirectToAction("Manage", new
{
Message = ManageMessageId.Error
}));
}
public async Task <ActionResult> SsoResult(string samlResponse, string RelayState)
{
// LogManager.GetLogger(this.GetType()).Debug("Entering SsoResult... RelayState=" + RelayState);
// string lillyID = GetUserIdFromSaml(samlResponse, RelayState);
// LogManager.GetLogger(this.GetType()).Debug("SsoResult - lillyID : " + lillyID);
// TODO: 应该在生产服务器上完成,但现在DMZ不能主动连外网,只能搞到外网的测试服务器上测试了。
//ViewBag.samlResponse = samlResponse;
//ViewBag.RelayState = RelayState;
//return View();
var loginInfo = await AuthenticationManager.GetExternalLoginInfoAsync();
if (loginInfo == null)
{
//return RedirectToAction("Login");
var claims = AuthenticationManager.AuthenticationResponseGrant.Identity.Claims.FirstOrDefault(a =>
a.Type == ClaimTypes.NameIdentifier);
if (claims != null)
{
loginInfo = new Microsoft.AspNet.Identity.Owin.ExternalLoginInfo()
{
Login = new Microsoft.AspNet.Identity.UserLoginInfo("SAML2", claims.Value)
};
}
}
if (string.IsNullOrEmpty(RelayState))
{
return(Redirect("~/Subscribed/Subscrib/Subscribed?lillyId=" + loginInfo.Login.ProviderKey));
}
var user = _sysUserService.AutoLogin(loginInfo.Login.ProviderKey);
if (user == null)
{
string strMsg = string.Format("login OK,but user [{0}] not found!", loginInfo.Login.ProviderKey);
log.Error(strMsg);
return(View("~/Views/Shared/Error.cshtml", new HandleErrorInfo(new Exception(strMsg), "OWinLogin", "SsoResult")));
}
await _authService.SignInAsync(user, true);
//从主网站跳转过来
if (RelayState.IndexOf("RelayState", StringComparison.OrdinalIgnoreCase) < 0)
{
return(Redirect(RelayState));
}
if (RelayState.IndexOf("sso/OAuth/OAuthToken", StringComparison.OrdinalIgnoreCase) >= 0)
{
ViewBag.samlResponse = samlResponse;
ViewBag.RelayState = RelayState;
return(View());
}
if (RelayState.IndexOf(Request.Url.Host, StringComparison.OrdinalIgnoreCase) >= 0)
{ //跳转的网站和当前网站是一个网站
var index = RelayState.IndexOf("RelayState", StringComparison.OrdinalIgnoreCase);
return(Redirect(RelayState.Substring(index + 11)));
}
// 如果是其他网站的请求,直接返回给对方网站
ViewBag.samlResponse = samlResponse;
ViewBag.RelayState = RelayState;
return(View());
}
