/// <summary> /// Use system user token to perform work /// </summary> /// <param name="token">Token returned from SuperId and validated</param> /// <returns>Contact entity created as the system user</returns> private static ContactEntity DoWorkAsSystemUser(SuperIdToken token) { // Enter database context for the customer (enter the right multi-tenant context) using (var context = SoDatabaseContext.EnterDatabaseContext(token.ContextIdentifier)) { // set appropriate url for the customer tenant // ConfigFile.WebServices.RemoteBaseURL = token.NetserverUrl; // Log in as the system user using (var session = SoSession.Authenticate(new SoCredentials(token.Ticket))) { // Do work as the system user var principal = SoContext.CurrentPrincipal; System.Diagnostics.Trace.WriteLine(principal.Associate); using (var agent = new ContactAgent()) { var timestamp = (Int32)(DateTime.UtcNow.Subtract(new DateTime(1970, 1, 1))).TotalSeconds; var entity = agent.CreateDefaultContactEntity(); entity.Name = "SuperId-" + timestamp; return(agent.SaveContactEntity(entity)); } } } }
public static SuperIdToken GetSystemUserToken(string userToken, string contextIdentifier, string privateKey, string federationGateway, string applicationToken, string certificateString) { var tokenType = SuperOffice.SuperID.Contracts.SystemUser.V1.TokenType.Jwt; var systemToken = new SystemToken(userToken); // Get certificate // sign the system user ticket var signedSystemToken = systemToken.Sign(privateKey); // Call the web service to exchange signed system user ticket with claims for the system user var returnedToken = systemToken.AuthenticateWithSignedSystemToken(federationGateway, signedSystemToken, applicationToken, contextIdentifier, tokenType); if (returnedToken != null) { // Validate and return SuperId ticket for the system user var tokenHandler = new SuperIdTokenHandler(); var certificateResolverPath = AppDomain.CurrentDomain.BaseDirectory + "Certificates"; if (tokenType == SuperOffice.SuperID.Contracts.SystemUser.V1.TokenType.Saml) { tokenHandler.CertificateValidator = System.IdentityModel.Selectors.X509CertificateValidator.None; tokenHandler.IssuerTokenResolver = new CertificateFileCertificateStoreTokenResolver(certificateResolverPath); } else { // byte[] bytes = System.Convert.FromBase64String(certificateString); byte[] bytes = Encoding.ASCII.GetBytes(certificateString); tokenHandler.JwtIssuerSigningCertificate = new System.Security.Cryptography.X509Certificates.X509Certificate2(bytes); } tokenHandler.ValidateAudience = false; SuperIdToken superToken = null; try { superToken = tokenHandler.ValidateToken(returnedToken, tokenType); } catch (Exception e) { Console.WriteLine(e); } return(superToken); } return(null); }
private void btLogin_Click(object sender, EventArgs e) { btDoStuff.Enabled = false; _netServerUrl.Text = string.Empty; _claims.Items.Clear(); SuperOffice.Configuration.ConfigFile.Services.ApplicationToken = _applicationToken.Text; var login = new LoginHelper(); var uri = new UriBuilder(_environmentLogin.Text).Uri; var response = login.TryFederatedLogin(uri, new AuthenticationRequest() { ApplicationId = _applicationId.Text, ApplicationTitle = "Testing win-forms login in demo app", CustomerContext = string.Empty, // don't cara about which customer in this context }); if (response.IsSuccessful) { var saml = GetClaim(response, "saml"); //var jwt = GetClaim(response, "jwt"); // Validate and parse saml with user authentication var userTokenHandler = new SuperIdTokenHandler(); _userToken = userTokenHandler.ValidateToken(saml, SuperOffice.SuperID.Contracts.SystemUser.V1.TokenType.Saml); foreach (var claim in _userToken.Claims) { var lvi = new ListViewItem(claim.ClaimType); lvi.SubItems.Add(claim.Resource as string); _claims.Items.Add(lvi); } _netServerUrl.Text = _userToken.NetserverUrl; ConfigFile.WebServices.RemoteBaseURL = _userToken.NetserverUrl; try { _session = SoSession.Authenticate(new SoCredentials() { Ticket = _userToken.Ticket }); } catch (Exception) { } } btDoStuff.Enabled = _session != null; }
public void Post([FromBody] NotificationMessage message) { try { // SuperIdTokenHandler is available in NuGet package: SuperOffice.Crm.Online.Core SuperIdToken validated = ValidateToken(message.Token); // process accordingly... } catch (Exception ex) { // handle invalid token... throw; } }