/// <summary>
/// Use system user token to perform work
/// </summary>
/// <param name="token">Token returned from SuperId and validated</param>
/// <returns>Contact entity created as the system user</returns>
private static ContactEntity DoWorkAsSystemUser(SuperIdToken token)
{
// Enter database context for the customer (enter the right multi-tenant context)
using (var context = SoDatabaseContext.EnterDatabaseContext(token.ContextIdentifier))
{
// set appropriate url for the customer tenant
// ConfigFile.WebServices.RemoteBaseURL = token.NetserverUrl;
// Log in as the system user
using (var session = SoSession.Authenticate(new SoCredentials(token.Ticket)))
{
// Do work as the system user
var principal = SoContext.CurrentPrincipal;
System.Diagnostics.Trace.WriteLine(principal.Associate);
using (var agent = new ContactAgent())
{
var timestamp = (Int32)(DateTime.UtcNow.Subtract(new DateTime(1970, 1, 1))).TotalSeconds;
var entity = agent.CreateDefaultContactEntity();
entity.Name = "SuperId-" + timestamp;
return(agent.SaveContactEntity(entity));
}
}
}
}
public static SuperIdToken GetSystemUserToken(string userToken, string contextIdentifier,
string privateKey, string federationGateway, string applicationToken, string certificateString)
{
var tokenType = SuperOffice.SuperID.Contracts.SystemUser.V1.TokenType.Jwt;
var systemToken = new SystemToken(userToken);
// Get certificate
// sign the system user ticket
var signedSystemToken = systemToken.Sign(privateKey);
// Call the web service to exchange signed system user ticket with claims for the system user
var returnedToken = systemToken.AuthenticateWithSignedSystemToken(federationGateway, signedSystemToken,
applicationToken, contextIdentifier, tokenType);
if (returnedToken != null)
{
// Validate and return SuperId ticket for the system user
var tokenHandler = new SuperIdTokenHandler();
var certificateResolverPath = AppDomain.CurrentDomain.BaseDirectory + "Certificates";
if (tokenType == SuperOffice.SuperID.Contracts.SystemUser.V1.TokenType.Saml)
{
tokenHandler.CertificateValidator = System.IdentityModel.Selectors.X509CertificateValidator.None;
tokenHandler.IssuerTokenResolver = new CertificateFileCertificateStoreTokenResolver(certificateResolverPath);
}
else
{
// byte[] bytes = System.Convert.FromBase64String(certificateString);
byte[] bytes = Encoding.ASCII.GetBytes(certificateString);
tokenHandler.JwtIssuerSigningCertificate =
new System.Security.Cryptography.X509Certificates.X509Certificate2(bytes);
}
tokenHandler.ValidateAudience = false;
SuperIdToken superToken = null;
try
{
superToken = tokenHandler.ValidateToken(returnedToken, tokenType);
}
catch (Exception e)
{
Console.WriteLine(e);
}
return(superToken);
}
return(null);
}
private void btLogin_Click(object sender, EventArgs e)
{
btDoStuff.Enabled = false;
_netServerUrl.Text = string.Empty;
_claims.Items.Clear();
SuperOffice.Configuration.ConfigFile.Services.ApplicationToken = _applicationToken.Text;
var login = new LoginHelper();
var uri = new UriBuilder(_environmentLogin.Text).Uri;
var response = login.TryFederatedLogin(uri, new AuthenticationRequest()
{
ApplicationId = _applicationId.Text,
ApplicationTitle = "Testing win-forms login in demo app",
CustomerContext = string.Empty, // don't cara about which customer in this context
});
if (response.IsSuccessful)
{
var saml = GetClaim(response, "saml");
//var jwt = GetClaim(response, "jwt");
// Validate and parse saml with user authentication
var userTokenHandler = new SuperIdTokenHandler();
_userToken = userTokenHandler.ValidateToken(saml, SuperOffice.SuperID.Contracts.SystemUser.V1.TokenType.Saml);
foreach (var claim in _userToken.Claims)
{
var lvi = new ListViewItem(claim.ClaimType);
lvi.SubItems.Add(claim.Resource as string);
_claims.Items.Add(lvi);
}
_netServerUrl.Text = _userToken.NetserverUrl;
ConfigFile.WebServices.RemoteBaseURL = _userToken.NetserverUrl;
try
{
_session = SoSession.Authenticate(new SoCredentials()
{
Ticket = _userToken.Ticket
});
}
catch (Exception)
{
}
}
btDoStuff.Enabled = _session != null;
}
public void Post([FromBody] NotificationMessage message)
{
try
{
// SuperIdTokenHandler is available in NuGet package: SuperOffice.Crm.Online.Core
SuperIdToken validated = ValidateToken(message.Token);
// process accordingly...
}
catch (Exception ex)
{
// handle invalid token...
throw;
}
}
