public ActionResult LiveId(string action, string stoken)
{
var user = Wll.ProcessLogin(Request.Form);
if (user != null)
{
HalfoxUser.Value = user.Token;
HalfoxUser.OpenId = user.Id;
HalfoxUser.IdType = "live";
var currentProfile = ProfileService.GetInstance().Get();
if (currentProfile != null)
{
HalfoxUser.Name = currentProfile.NickName ?? "Please setting your profile.";
HalfoxUser.Role = currentProfile.Role;
HalfoxUser.Id = currentProfile.Id;
}
if (user.UsePersistentCookie)
{
HalfoxUser.Expires = PersistCookie;
}
}
else
{
HalfoxUser.Expires = ExpireCookie;
}
return(RedirectToAction("Index", "home"));
}
/// <summary>
/// Set the Live ID cookie and redirect to the login destination or the registration destination.
/// </summary>
protected virtual bool TryHandleSignInResponse(HttpContext context)
{
var user = _windowsLiveLogin.ProcessLogin(context.Request.Form);
TraceInformation("TryHandleSignInResponse", "user.Id={0}", user.Id);
if (LiveIdMembershipProvider.Current.ValidateUser(user.Id, user.Id))
{
if (RegistrationSettings != null && !string.IsNullOrEmpty(RegistrationSettings.AccountTransferPath))
{
// go to the account transfer page
TraceInformation("TryHandleSignInResponse", "accountTransferPath={0}", AccountTransferPath);
return(TryHandleAccountTransferPageRedirect(context));
}
// go straight to ACS
return(TryHandleImmediateAcsRedirect(context));
}
// invalid user account
return(TryHandleUnregisteredUser(context));
}
/// <summary>
/// Get user information and logs user (register if no user found)
/// </summary>
private void ProcessLiveIDLogin()
{
// Get authorization code from URL
String code = QueryHelper.GetString("code", String.Empty);
// Additional info page for login
string additionalInfoPage = SettingsKeyInfoProvider.GetValue(siteName + ".CMSLiveIDRequiredUserDataPage");
// Create windows login object
WindowsLiveLogin wwl = new WindowsLiveLogin(siteName);
// Windows live User
WindowsLiveLogin.User liveUser = null;
if (!WindowsLiveLogin.UseServerSideAuthorization)
{
if (!RequestHelper.IsPostBack())
{
// If client authentication, get token displayed in url after # from window.location
String script = ControlsHelper.GetPostBackEventReference(this, "#").Replace("'#'", "window.location");
ScriptHelper.RegisterClientScriptBlock(this, typeof(string), "PostbackScript", ScriptHelper.GetScript(script));
}
else
{
// Try to get full url from event argument
string fullurl = Request[postEventArgumentID];
// Authentication token - use to get uid
String token = ParseToken(fullurl, @"authentication_token=([\w\d.-]+)&");
// User token - this token is used in server auth. scenario. It's stored in user object (for possible further use) so parse it too and store it
String accessToken = ParseToken(fullurl, @"access_token=([%\w\d.-/]+)&");
if (token != String.Empty)
{
// Return context from session
GetLoginInformation();
// Authenticate user by found token
liveUser = wwl.AuthenticateClientToken(token, relativeURL, accessToken);
if (liveUser != null)
{
// Set info to refresh to parent page
ScriptHelper.RegisterWOpenerScript(Page);
CreateCloseScript("");
}
}
}
}
else
{
GetLoginInformation();
// Process login via Live ID
liveUser = wwl.ProcessLogin(code, relativeURL);
}
// Authorization successful
if (liveUser != null)
{
// Find user by ID
UserInfo winUser = UserInfoProvider.GetUserInfoByWindowsLiveID(liveUser.Id);
string error = String.Empty;
// Register new user
if (winUser == null)
{
// Check whether additional user info page is set
// No page set, user can be created/sign
if (additionalInfoPage == String.Empty)
{
// Create new user
UserInfo ui = AuthenticationHelper.AuthenticateWindowsLiveUser(liveUser.Id, siteName, true, ref error);
// Remove live user object from session, won't be needed
Session.Remove("windowsliveloginuser");
// If user was found or successfully created
if ((ui != null) && (ui.Enabled))
{
double resolvedConversionValue = ValidationHelper.GetDouble(MacroResolver.Resolve(conversionValue), 0);
// Log user registration into the web analytics and track conversion if set
AnalyticsHelper.TrackUserRegistration(siteName, ui, conversionName, resolvedConversionValue);
MembershipActivityLogger.LogRegistration(ui.UserName, DocumentContext.CurrentDocument);
SetAuthCookieAndRedirect(ui);
}
// User not created
else
{
if (WindowsLiveLogin.UseServerSideAuthorization)
{
WindowsLiveLogin.ClearCookieAndRedirect(loginPage);
}
else
{
CreateCloseScript("clearcookieandredirect");
}
}
}
// Required data page exists
else
{
// Store user object in session for additional info page
SessionHelper.SetValue("windowsliveloginuser", liveUser);
if (WindowsLiveLogin.UseServerSideAuthorization)
{
// Redirect to additional info page
URLHelper.Redirect(UrlResolver.ResolveUrl(additionalInfoPage));
}
else
{
CreateCloseScript("redirectToAdditionalPage");
}
}
}
else
{
UserInfo ui = AuthenticationHelper.AuthenticateWindowsLiveUser(liveUser.Id, siteName, true, ref error);
// If user was found
if ((ui != null) && (ui.Enabled))
{
SetAuthCookieAndRedirect(ui);
}
}
}
}
/// <summary>
/// Get user information and logs user (register if no user found)
/// </summary>
private void ProcessLiveIDLogin()
{
// Get authorization code from URL
String code = QueryHelper.GetString("code", String.Empty);
// Additional info page for login
string additionalInfoPage = SettingsKeyInfoProvider.GetValue(siteName + ".CMSLiveIDRequiredUserDataPage");
// Create windows login object
WindowsLiveLogin wwl = new WindowsLiveLogin(siteName);
// Windows live User
WindowsLiveLogin.User liveUser = null;
if (!WindowsLiveLogin.UseServerSideAuthorization)
{
if (!RequestHelper.IsPostBack())
{
// If client authentication, get token displayed in url after # from window.location
String script = ControlsHelper.GetPostBackEventReference(this, "#").Replace("'#'", "window.location");
ScriptHelper.RegisterClientScriptBlock(this, typeof(string), "PostbackScript", ScriptHelper.GetScript(script));
}
else
{
// Try to get full url from event argument
string fullurl = Request[postEventArgumentID];
// Authentication token - use to get uid
String token = ParseToken(fullurl, @"authentication_token=([\w\d.-]+)&");
// User token - this token is used in server auth. scenario. It's stored in user object (for possible further use) so parse it too and store it
String accessToken = ParseToken(fullurl, @"access_token=([%\w\d.-]+)&");
if (token != String.Empty)
{
// Return context from session
GetLoginInformation();
// Authenticate user by found token
liveUser = wwl.AuthenticateClientToken(token, relativeURL, accessToken);
if (liveUser != null)
{
// Set info to refresh to parent page
ScriptHelper.RegisterWOpenerScript(Page);
CreateCloseScript("");
}
}
}
}
else
{
GetLoginInformation();
// Process login via Live ID
liveUser = wwl.ProcessLogin(code, relativeURL);
}
// Authorization sucesfull
if (liveUser != null)
{
// Find user by ID
UserInfo winUser = UserInfoProvider.GetUserInfoByWindowsLiveID(liveUser.Id);
string error = String.Empty;
// Register new user
if (winUser == null)
{
// Check whether additional user info page is set
// No page set, user can be created/sign
if (additionalInfoPage == String.Empty)
{
// Create new user user
UserInfo ui = AuthenticationHelper.AuthenticateWindowsLiveUser(liveUser.Id, siteName, true, ref error);
// Remove live user object from session, won't be needed
Session.Remove("windowsliveloginuser");
// If user was found or successfuly created
if ((ui != null) && (ui.Enabled))
{
// Send registration e-mails
// E-mail confirmation is not required as user already provided confirmation by successful login using LiveID
AuthenticationHelper.SendRegistrationEmails(ui, null, null, false, false);
double resolvedConversionValue = ValidationHelper.GetDouble(MacroResolver.Resolve(conversionValue), 0);
// Log user registration into the web analytics and track conversion if set
AnalyticsHelper.TrackUserRegistration(siteName, ui, conversionName, resolvedConversionValue);
Activity activity = new ActivityRegistration(ui, DocumentContext.CurrentDocument, AnalyticsContext.ActivityEnvironmentVariables);
if (activity.Data != null)
{
activity.Data.ContactID = ModuleCommands.OnlineMarketingGetUserLoginContactID(ui);
activity.Log();
}
SetAuthCookieAndRedirect(ui);
}
// User not created
else
{
if (WindowsLiveLogin.UseServerSideAuthorization)
{
WindowsLiveLogin.ClearCookieAndRedirect(loginPage);
}
else
{
CreateCloseScript("clearcookieandredirect");
}
}
}
// Required data page exists
else
{
// Store user object in session for additional info page
SessionHelper.SetValue("windowsliveloginuser", liveUser);
if (WindowsLiveLogin.UseServerSideAuthorization)
{
// Redirect to additional info page
URLHelper.Redirect(URLHelper.ResolveUrl(additionalInfoPage));
}
else
{
CreateCloseScript("redirectToAdditionalPage");
}
}
}
else
{
UserInfo ui = AuthenticationHelper.AuthenticateWindowsLiveUser(liveUser.Id, siteName, true, ref error);
// If user was found
if ((ui != null) && (ui.Enabled))
{
SetAuthCookieAndRedirect(ui);
}
}
}
}
private void DoValidation()
{
string action = Request.QueryString.Get("action");
if (WebConfigSettings.DebugWindowsLive)
{
log.Info("action was " + action);
}
/*
* If action is 'logout', clear the login cookie and redirect
* to the logout page.
*
* If action is 'clearcookie', clear the login cookie and
* return a GIF as response to signify success.
*
* By default, try to process a login. If login was
* successful, cache the user token in a cookie and redirect
* If login failed, clear the cookie and redirect
*/
if (action == "logout")
{
CookieHelper.ExpireCookie(winliveCookieName);
WebUtils.SetupRedirect(this, siteRoot + "/Logoff.aspx");
return;
}
else if (action == "delauth")
{
HandleConsent();
return;
}
else if (action == "clearcookie")
{
CookieHelper.ExpireCookie(winliveCookieName);
string type;
byte[] content;
windowsLive.GetClearCookieResponse(out type, out content);
Response.ContentType = type;
Response.OutputStream.Write(content, 0, content.Length);
Response.End();
}
else
{
// action is login
user = windowsLive.ProcessLogin(Request.Form);
Guid userGuid = Guid.Empty;
if (user != null)
{
// auth succeeded see if its a current mojo user or not
// emtpy guid means new user
userGuid = SiteUser.GetUserGuidFromWindowsLiveId(
siteSettings.SiteId,
user.Id);
persistCookie = user.UsePersistentCookie;
CookieHelper.SetCookie(winliveCookieName,
user.Token,
user.UsePersistentCookie);
}
else
{
// auth failed so clear the cookie
CookieHelper.ExpireCookie(winliveCookieName);
}
if (user != null)
{
if (userGuid == Guid.Empty)
{
// WindowsLiveID Authentication succeeded
// no mojo user found so send to Register
//WebUtils.SetupRedirect(this, "RegisterWithWindowsLiveID.aspx");
if (siteSettings.AllowNewRegistration)
{
WebUtils.SetupRedirect(this, siteRoot + "/Secure/RegisterWithWindowsLiveID.aspx");
return;
}
WebUtils.SetupRedirect(this, siteRoot);
return;
}
else
{
// TODO: use return url cookie if normal login
//WebUtils.SetupRedirect(
// this,
// SiteUtils.GetNavigationSiteRoot());
DoExistingUserLogic(userGuid);
return;
}
}
else
{
// WindowsLiveID Authentication failed
//WebUtils.SetupRedirect(
// this,
// LoginPage);
Response.Redirect(LoginPage);
return;
}
}
}
/// <summary>
/// Set the Live ID cookie and redirect to the login destination or the registration destination.
/// </summary>
private static void ProcessLogin(HttpContext context)
{
WindowsLiveLogin.User user = WindowsLiveLogin.ProcessLogin(context.Request.Form);
if (user == null)
{
SignOutAndRedirectToSignedOutUrl(context);
return;
}
if (LiveIdMembershipProvider.Current.ValidateUser(user.Id, user.Id))
{
Tracing.FrameworkInformation(ClassName, "ProcessLogin", "User is registered -- redirecting to login destination");
FormsAuthentication.SetAuthCookie(user.Id, user.UsePersistentCookie);
context.Response.Redirect(SafeUrl(user.Context.LoginDestinationPath));
}
else
{
if (string.IsNullOrEmpty(user.Context.RegistrationDestinationPath) && !WindowsLiveLogin.AutoRegister)
{
Tracing.FrameworkInformation(ClassName, "ProcessLogin", "User not registered -- registration destination not provided -- automatic registration not permitted -- signing out");
SignOutAndRedirectToSignedOutUrl(context);
return;
}
if (string.IsNullOrEmpty(user.Context.RegistrationDestinationPath) && WindowsLiveLogin.AutoRegister)
{
Tracing.FrameworkInformation(ClassName, "ProcessLogin", "User not registered -- registration destination not provided -- automatically registering and redirecting");
MembershipCreateStatus status;
var membershipUser = LiveIdMembershipProvider.Current.CreateUser(user.Id, user.Id, null, null, null, true, null, out status);
if (membershipUser == null)
{
throw new MembershipCreateUserException(status);
}
FormsAuthentication.SetAuthCookie(user.Id, user.UsePersistentCookie);
context.Response.Redirect(SafeUrl(user.Context.LoginDestinationPath));
}
else
{
Tracing.FrameworkInformation(ClassName, "ProcessLogin", "User not registered -- posting to registration destination");
var autoPostFormToRegistrationDestinationHtml = @"
<html>
<head>
<title></title>
<script type=""text/javascript"">
function OnBack() {{ }}
function DoSubmit() {{
var submitted = false;
if (!submitted) {{ submitted = true; document.fmHF.submit(); }}
}}
</script>
</head>
<body onload=""javascript:DoSubmit();"">
<form name=""fmHF"" id=""fmHF"" action=""{0}"" method=""post"" target=""_top"">
<input type=""hidden"" name=""live-id-token"" id=""live-id-token"" value=""{1}"">
<input type=""hidden"" name=""live-id-context"" id=""live-id-context"" value=""{2}"">
<input type=""hidden"" name=""live-id-action"" id=""live-id-action"" value=""register"">
</form>
</body>
</html>" .FormatWith(
BuildSafeUrlForRegistrationDestinationWithLoginUrlOnQueryString(user.Context.RegistrationDestinationPath, user.Context.LoginDestinationPath),
Encoder.XmlAttributeEncode(context.Request["stoken"]),
Encoder.XmlAttributeEncode(context.Request["appctx"]));
context.Response.Write(autoPostFormToRegistrationDestinationHtml);
}
}
}
/// <summary>
/// Get user information and logs user (register if no user found)
/// </summary>
private void ProcessLiveIDLogin()
{
// Get authorization code from URL
String code = QueryHelper.GetString("code", String.Empty);
// Additional info page for login
string additionalInfoPage = SettingsKeyProvider.GetStringValue(siteName + ".CMSLiveIDRequiredUserDataPage");
// Create windows login object
WindowsLiveLogin wwl = new WindowsLiveLogin(siteName);
// Windows live User
WindowsLiveLogin.User liveUser = null;
if (!WindowsLiveLogin.UseServerSideAuthorization)
{
if (!RequestHelper.IsPostBack())
{
// If client authentication, get token displayed in url after # from window.location
String script = ControlsHelper.GetPostBackEventReference(this, "#").Replace("'#'", "window.location");
ScriptHelper.RegisterClientScriptBlock(this, typeof(string), "PostbackScript", ScriptHelper.GetScript(script));
}
else
{
// Try to get full url from event argument
string fullurl = Request["__EVENTARGUMENT"];
// Authentication token - use to get uid
String token = ParseToken(fullurl, @"authentication_token=([\w\d.-]+)&");
// User token - this token is used in server auth. scenario. It's stored in user object (for possible further use) so parse it too and store it
String accessToken = ParseToken(fullurl, @"access_token=([%\w\d.-]+)&");
if (token != String.Empty)
{
// Return context from session
GetLoginInformation();
// Authenticate user by found token
liveUser = wwl.AuthenticateClientToken(token, relativeURL, accessToken);
if (liveUser != null)
{
// Set info to refresh to parent page
ScriptHelper.RegisterWOpenerScript(Page);
CreateCloseScript("");
}
}
}
}
else
{
GetLoginInformation();
// Process login via Live ID
liveUser = wwl.ProcessLogin(code, relativeURL);
}
// Authorization sucesfull
if (liveUser != null)
{
// Find user by ID
UserInfo winUser = UserInfoProvider.GetUserInfoByWindowsLiveID(liveUser.Id);
string error = String.Empty;
// Register new user
if (winUser == null)
{
// Check whether additional user info page is set
// No page set, user can be created/sign
if (additionalInfoPage == String.Empty)
{
// Create new user user
UserInfo ui = UserInfoProvider.AuthenticateWindowsLiveUser(liveUser.Id, siteName, true, ref error);
// Remove live user object from session, won't be needed
Session.Remove("windowsliveloginuser");
// If user was found or successfuly created
if ((ui != null) && (ui.Enabled))
{
// Send registration e-mails
// E-mail confirmation is not required as user already provided confirmation by successful login using LiveID
UserInfoProvider.SendRegistrationEmails(ui, null, null, false, false);
// Track registration into analytics
double val = ValidationHelper.GetDouble(CMSContext.CurrentResolver.ResolveMacros(conversionValue), 0);
UserInfoProvider.TrackUserRegistration(conversionName, val, siteName, ui);
// Log registration activity
if ((CMSContext.ViewMode == ViewModeEnum.LiveSite) && ActivitySettingsHelper.ActivitiesEnabledAndModuleLoaded(siteName) && ActivitySettingsHelper.ActivitiesEnabledForThisUser(CMSContext.CurrentUser) &&
ActivitySettingsHelper.UserRegistrationEnabled(siteName))
{
int contactId = ModuleCommands.OnlineMarketingGetUserLoginContactID(ui);
TreeNode currentDoc = CMSContext.CurrentDocument;
ActivityLogProvider.LogRegistrationActivity(contactId,
ui, URLHelper.CurrentRelativePath, (currentDoc != null ? currentDoc.NodeID : 0), siteName, CMSContext.Campaign, (currentDoc != null ? currentDoc.DocumentCulture : null));
}
SetAuthCookieAndRedirect(ui);
}
// User not created
else
{
if (WindowsLiveLogin.UseServerSideAuthorization)
{
WindowsLiveLogin.ClearCookieAndRedirect(loginPage);
}
else
{
CreateCloseScript("clearcookieandredirect");
}
}
}
// Required data page exists
else
{
// Store user object in session for additional info page
SessionHelper.SetValue("windowsliveloginuser", liveUser);
if (WindowsLiveLogin.UseServerSideAuthorization)
{
// Redirect to additional info page
URLHelper.Redirect(URLHelper.ResolveUrl(additionalInfoPage));
}
else
{
CreateCloseScript("redirectToAdditionalPage");
}
}
}
else
{
UserInfo ui = UserInfoProvider.AuthenticateWindowsLiveUser(liveUser.Id, siteName, true, ref error);
// If user was found
if ((ui != null) && (ui.Enabled))
{
SetAuthCookieAndRedirect(ui);
}
}
}
}
/// <summary>
/// Get user information and logs user (register if no user found)
/// </summary>
private void ProcessLiveIDLogin()
{
// Get authorization code from URL
String code = QueryHelper.GetString("code", String.Empty);
// Create windows login object
WindowsLiveLogin wwl = new WindowsLiveLogin(siteName);
// Get login parameters
String[] parameters = SessionHelper.GetValue("LiveIDInformtion") as String[];
ParseParameters(parameters);
Session.Remove("LiveIDInformtion");
// Process login via Live ID
WindowsLiveLogin.User liveUser = wwl.ProcessLogin(code, relativeURL);
// Authorization sucesfull
if (liveUser != null)
{
// Find user by ID
UserInfo winUser = UserInfoProvider.GetUserInfoByWindowsLiveID(liveUser.Id);
string error = String.Empty;
// Register new user
if (winUser == null)
{
// Check whether additional user info page is set
string additionalInfoPage = SettingsKeyProvider.GetStringValue(siteName + ".CMSLiveIDRequiredUserDataPage");
// No page set, user can be created/sign
if (additionalInfoPage == String.Empty)
{
// Create new user user
UserInfo ui = UserInfoProvider.AuthenticateWindowsLiveUser(liveUser.Id, siteName, true, ref error);
// Remove live user object from session, won't be needed
Session.Remove("windowsliveloginuser");
// If user was found or successfuly created
if ((ui != null) && (ui.Enabled))
{
// Send registration e-mails
// E-mail confirmation is not required as user already provided confirmation by successful login using LiveID
UserInfoProvider.SendRegistrationEmails(ui, null, null, false, false);
// Track registration into analytics
double val = ValidationHelper.GetDouble(CMSContext.CurrentResolver.ResolveMacros(conversionValue), 0);
UserInfoProvider.TrackUserRegistration(conversionName, val, siteName, ui);
// Log registration activity
if ((CMSContext.ViewMode == ViewModeEnum.LiveSite) && ActivitySettingsHelper.ActivitiesEnabledAndModuleLoaded(siteName) && ActivitySettingsHelper.ActivitiesEnabledForThisUser(CMSContext.CurrentUser)
&& ActivitySettingsHelper.UserRegistrationEnabled(siteName))
{
int contactId = ModuleCommands.OnlineMarketingGetUserLoginContactID(ui);
TreeNode currentDoc = CMSContext.CurrentDocument;
ActivityLogProvider.LogRegistrationActivity(contactId,
ui, URLHelper.CurrentRelativePath, (currentDoc != null ? currentDoc.NodeID : 0), siteName, CMSContext.Campaign, (currentDoc != null ? currentDoc.DocumentCulture : null));
}
SetAuthCookieAndRedirect(ui);
}
// User not created
else
{
ClearCookieAndRedirect();
}
}
// Required data page exists
else
{
// Store user object in session for additional info page
SessionHelper.SetValue("windowsliveloginuser", liveUser);
// Redirect to additional info page
URLHelper.Redirect(URLHelper.ResolveUrl(additionalInfoPage));
}
}
else
{
UserInfo ui = UserInfoProvider.AuthenticateWindowsLiveUser(liveUser.Id, siteName, true, ref error);
// If user was found
if ((ui != null) && (ui.Enabled))
{
SetAuthCookieAndRedirect(ui);
}
}
}
}