/// <summary>
/// Complete the Federated Login
/// </summary>
/// <param name="session">Server session</param>
/// <returns>Federated Login message collection</returns>
protected virtual TDSMessageCollection OnFederatedAuthenticationCompleted(ITDSServerSession session, byte[] ticket)
{
// Delegate to successful authentication routine
TDSMessageCollection responseMessageCollection = OnAuthenticationCompleted(session);
// Get the last message
TDSMessage targetMessage = responseMessageCollection.Last();
IFederatedAuthenticationTicket decryptedTicket = null;
try
{
// Get the Federated Authentication ticket using RPS
decryptedTicket = FederatedAuthenticationTicketService.DecryptTicket((session as GenericTDSServerSession).FederatedAuthenticationLibrary, ticket);
if (decryptedTicket is RpsTicket)
{
TDSUtilities.Log(Arguments.Log, "RPS ticket session key: ", (decryptedTicket as RpsTicket).sessionKey);
}
else if (decryptedTicket is JwtTicket)
{
TDSUtilities.Log(Arguments.Log, "JWT Ticket Received", null);
}
}
catch (Exception ex)
{
// Prepare ERROR token
TDSErrorToken errorToken = new TDSErrorToken(54879, 1, 20, "Authentication error in Federated Authentication Ticket Service: " + ex.Message, Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", errorToken);
// Create DONE token
TDSDoneToken doneToken = new TDSDoneToken(TDSDoneTokenStatusType.Final | TDSDoneTokenStatusType.Error);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", doneToken);
// Return the message and stop processing request
return new TDSMessageCollection(new TDSMessage(TDSMessageType.Response, errorToken, doneToken));
}
// Create federated authentication extension option
TDSFeatureExtAckFederatedAuthenticationOption federatedAuthenticationOption;
if ((session as GenericTDSServerSession).FederatedAuthenticationLibrary == TDSFedAuthLibraryType.ADAL)
{
// For the time being, fake fedauth tokens are used for ADAL, so decryptedTicket is null.
federatedAuthenticationOption =
new TDSFeatureExtAckFederatedAuthenticationOption((session as GenericTDSServerSession).ClientNonce, null);
}
else
{
federatedAuthenticationOption =
new TDSFeatureExtAckFederatedAuthenticationOption((session as GenericTDSServerSession).ClientNonce,
decryptedTicket.GetSignature((session as GenericTDSServerSession).ClientNonce));
}
// Look for feature extension token
TDSFeatureExtAckToken featureExtActToken = (TDSFeatureExtAckToken)targetMessage.Where(t => t is TDSFeatureExtAckToken).FirstOrDefault();
// Check if response already contains federated authentication
if (featureExtActToken == null)
{
// Create Feature extension Ack token
featureExtActToken = new TDSFeatureExtAckToken(federatedAuthenticationOption);
// Serialize feature extension token into the response
// The last token is Done token, so we should put feautureextack token before done token
targetMessage.Insert(targetMessage.Count - 1, featureExtActToken);
}
else
{
// Update
featureExtActToken.Options.Add(federatedAuthenticationOption);
}
// Log response
TDSUtilities.Log(Arguments.Log, "Response", federatedAuthenticationOption);
// Wrap a message with a collection
return responseMessageCollection;
}
protected virtual TDSMessageCollection OnAuthenticationCompleted(ITDSServerSession session)
{
// Create new database environment change token
TDSEnvChangeToken envChange = new TDSEnvChangeToken(TDSEnvChangeTokenType.Database, session.Database, "master");
// Log response
TDSUtilities.Log(Arguments.Log, "Response", envChange);
// Serialize the login token into the response packet
TDSMessage responseMessage = new TDSMessage(TDSMessageType.Response, envChange);
// Create information token on the change
TDSInfoToken infoToken = new TDSInfoToken(5701, 2, 0, string.Format("Changed database context to '{0}'", envChange.NewValue), Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", infoToken);
// Serialize the login token into the response packet
responseMessage.Add(infoToken);
// Create new collation change token
envChange = new TDSEnvChangeToken(TDSEnvChangeTokenType.SQLCollation, (session as GenericTDSServerSession).Collation);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", envChange);
// Serialize the login token into the response packet
responseMessage.Add(envChange);
// Create new language change token
envChange = new TDSEnvChangeToken(TDSEnvChangeTokenType.Language, LanguageString.ToString((session as GenericTDSServerSession).Language));
// Log response
TDSUtilities.Log(Arguments.Log, "Response", envChange);
// Serialize the login token into the response packet
responseMessage.Add(envChange);
// Create information token on the change
infoToken = new TDSInfoToken(5703, 1, 0, string.Format("Changed language setting to {0}", envChange.NewValue), Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", infoToken);
// Serialize the login token into the response packet
responseMessage.Add(infoToken);
// Create new packet size environment change token
envChange = new TDSEnvChangeToken(TDSEnvChangeTokenType.PacketSize, Arguments.PacketSize.ToString(), Arguments.PacketSize.ToString());
// Log response
TDSUtilities.Log(Arguments.Log, "Response", envChange);
// Serialize the login token into the response packet
responseMessage.Add(envChange);
// Update session packet size
session.PacketSize = (uint)Arguments.PacketSize;
// Create login acknowledgnment packet
TDSLoginAckToken loginResponseToken = new TDSLoginAckToken(Arguments.ServerVersion, session.TDSVersion, TDSLogin7TypeFlagsSQL.SQL, "Microsoft SQL Server"); // Otherwise SNAC yields E_FAIL
// Log response
TDSUtilities.Log(Arguments.Log, "Response", loginResponseToken);
// Serialize the login token into the response packet
responseMessage.Add(loginResponseToken);
// Check if session recovery is enabled
if (session.IsSessionRecoveryEnabled)
{
// Create Feature extension Ack token
TDSFeatureExtAckToken featureExtActToken = new TDSFeatureExtAckToken(new TDSFeatureExtAckSessionStateOption((session as GenericTDSServerSession).Deflate()));
// Log response
TDSUtilities.Log(Arguments.Log, "Response", featureExtActToken);
// Serialize feature extnesion token into the response
responseMessage.Add(featureExtActToken);
}
// Create DONE token
TDSDoneToken doneToken = new TDSDoneToken(TDSDoneTokenStatusType.Final);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", doneToken);
// Serialize DONE token into the response packet
responseMessage.Add(doneToken);
// Wrap a single message in a collection
return new TDSMessageCollection(responseMessage);
}
