/// <summary>
/// check if customer alresdy exists in Personify
/// </summary>
/// <param name="userName">userName</param>
/// <param name="password">password</param>
/// <param name="firstName">firstName</param>
/// <param name="lastName">lastName</param>
/// <returns>the customer token</returns>
private string PersonifyRegistered(string userName, string password, string firstName, string lastName)
{
var customerToken = String.Empty;
try
{
var customer = ssoClient.SSOCustomerGetByUsername(PersonifyVendorName, PersonifyVendorPassword, userName);
if (!customer.UserExists)
{
var newPersonifyCustomer = ssoClient.SSOCustomerRegister(PersonifyVendorName, PersonifyVendorPassword, userName, password, userName, firstName, lastName, true);
if (newPersonifyCustomer.Result == false)
{
//TODO: Need to check all of these errors.
lblError.Text = newPersonifyCustomer.Errors.FirstOrDefault();
lblError.Visible = true;
return(String.Empty);
}
customerToken = newPersonifyCustomer.NewCustomerToken;
//creating customer presonify info
if (!CreateCustomerInf(userName, firstName, lastName))
{
customerToken = String.Empty;
//error disable customer account
ssoClient.SSOEnableDisableCustomerAccount(PersonifyVendorName, PersonifyVendorPassword, userName, true);
}
}
else if (customer.UserExists && customer.DisableAccountFlag)// if customer account is disabled
{
//enable customer account
ssoClient.SSOEnableDisableCustomerAccount(PersonifyVendorName, PersonifyVendorPassword, userName, false);
//creating customer presonify info
if (!CreateCustomerInf(userName, firstName, lastName))
{
customerToken = String.Empty;
//error disable customer account
ssoClient.SSOEnableDisableCustomerAccount(PersonifyVendorName, PersonifyVendorPassword, userName, true);
}
}
else
{
customerToken = String.Empty;
lblError.Visible = true;
lblError.Text = GetString("UserInfo.EmailAlreadyExist");
}
}
catch (DataServiceClientException dscex)
{
var messages = dscex.ParseMessages();
var errorMessage = messages.ValidationIssues.ValidationMessage.Aggregate(new StringBuilder(), (x, y) => x.AppendLine(y.Message)).ToString();
customerToken = String.Empty;
lblError.Visible = true;
lblError.Text = errorMessage;
EventLogProvider.LogException(dscex.Source, dscex.Message, dscex);
}
catch (Exception ex)
{
customerToken = String.Empty;
lblError.Visible = true;
lblError.Text = RegistrationErrorMessage;
EventLogProvider.LogException(ex.Source, ex.Message, ex);
}
return(customerToken);
}
/// <summary>
/// Logic to handle SSO sign in/out and user reauthorization
/// </summary>
protected void Page_Load(object sender, EventArgs e)
{
// Did user log out?
CheckForLogout();
// Do we need to reauthorize user?
ReAuthorizeCheck();
Session[PersonifySessionKey] = null;
// Check for empty session values
if (Session[UserNameSessionKey] == null || (string)Session[PasswordSessionKey] == null)
{
ReAuthorizeFail();
}
var username = (string)Session[UserNameSessionKey];
var password = (string)Session[PasswordSessionKey];
// Logic to handle retry
if (Session[RetryCountSessionKey] == null)
{
Session[RetryCountSessionKey] = 0;
}
else if ((int)Session[RetryCountSessionKey] == 5)
{
Session[RetryCountSessionKey] = null;
EventLogProvider.LogException("SSOHandler", "Retry", new Exception("Cannot resolve username and password with autologin. Exceeded retry limit."), SiteContext.CurrentSiteID);
URLHelper.Redirect(_loginErrorUrl);
}
else
{
var current = (int)Session[RetryCountSessionKey] + 1;
Session[RetryCountSessionKey] = current;
}
// Get customer from Personify
var ssoCustomer = ssoClient.SSOCustomerGetByUsername(_personifySsoVendorName, _personifySsoVendorPassword, username);
// Check if Customer exists in Personify
if (ssoCustomer == null)
{
EventLogProvider.LogException("SSOHandler", "LookupCustomer", new Exception("ssoCustomer does not exist for given username."), SiteContext.CurrentSiteID);
URLHelper.Redirect(_loginErrorUrl);
//throw new Exception("ssoCustomer does not exist for given username.");
}
// Get Token from Personify Request
var customerToken = Request.QueryString["ct"];
var decryptedToken = String.Empty;
var rememberMe = Session[RememberMeSessionKey] != null ? (bool)Session[RememberMeSessionKey] : false;
// If decrypted token is not empty and valid, then proceed to log in
if (!string.IsNullOrEmpty(customerToken) && isValidToken(decryptedToken = DecryptCustomerToken(customerToken)))
{
Session[PersonifySessionKey] = decryptedToken;
// Verify Kentico User
VerifyKenticoUser(decryptedToken, username);
// Log in to Kentico
AuthenticationHelper.AuthenticateUser(username, rememberMe);
// Set SSO Token cookie
var ssoToken = new HttpCookie(SSOTokenCookie, decryptedToken);
ssoToken.Expires = DateTime.Now.AddDays(90);
Response.Cookies.Add(ssoToken);
SessionHelper.Remove("VendorToken");
RedirectToDesiredURL();
}
else
{
//we don't have a valid token, initiate Retry
String returnURL = HttpContext.Current.Request.Url.AbsoluteUri;
if (!String.IsNullOrEmpty(HttpContext.Current.Request.Url.Query))
{
returnURL = returnURL.Replace(HttpContext.Current.Request.Url.Query, "");
}
var encryptedVendorToken = RijndaelAlgorithm.GetVendorToken(returnURL, _personifySsoVendorPassword, _personifySsoVendorBlock, username, password, rememberMe);
SessionHelper.SetValue("VendorToken", encryptedVendorToken);
var url = string.Format("{0}?vi={1}&vt={2}", _personifyAutoLoginUrl, _personifyVendorID, encryptedVendorToken);
Response.Redirect(url);
}
}
