public async Task <ActionResult> CE_Login(string nextUrl) { // check for token string token = Request.Params["Token"]; if (string.IsNullOrWhiteSpace(token)) { SiteMessage msg = new SiteMessage() { Title = "Authorization Failed" }; msg.Message = "A valid authorization token was not found."; Session["SystemMessage"] = msg; return(RedirectToAction("Index", "Message")); } LoggingHelper.DoTrace(6, "CE_Login - start"); string publisherSecretToken = UtilityManager.GetAppKeyValue("finderSecretToken"); var output = new ApiResult(); var accountsAuthorizeApi = UtilityManager.GetAppKeyValue("accountsAuthorizeApi") + "?Token=" + token + "&Secret=" + publisherSecretToken; try { LoggingHelper.DoTrace(6, "CE_Login - MakeAuthorizationRequest"); string rawData = MakeAuthorizationRequest(accountsAuthorizeApi); ApiResult data = new ApiResult(); //check rawdata for {"data" //&& rawData.ToLower().IndexOf( "{\"data\"" ) > 0 if (rawData != null) { data = new JavaScriptSerializer().Deserialize <ApiResult>(rawData); if (data == null) { SiteMessage msg = new SiteMessage() { Title = "Authorization Failed" }; msg.Message = "A valid authorization token was not found."; Session["SystemMessage"] = msg; return(RedirectToAction("Index", "Message")); } else { //do error checking, for error, and existing user. if (data.valid == false) { SiteMessage msg = new SiteMessage() { Title = "Authorization Failed" }; msg.Message = "Reason: " + data.status; Session["SystemMessage"] = msg; return(RedirectToAction("Index", "Message")); } } LoggingHelper.DoTrace(6, "CE_Login - MakeAuthorizationRequest - data is OK"); } else { //check for error string //{"data":null,"valid":false,"status":"Error: Invalid token","extra":null} SiteMessage msg = new SiteMessage() { Title = "Authorization Failed" }; msg.Message = "A valid authorization token was not found.</br>" + rawData; Session["SystemMessage"] = msg; return(RedirectToAction("Index", "Message")); } nextUrl = string.IsNullOrWhiteSpace(nextUrl) ? "~/credentials" : nextUrl; //19-12-17 mp - uncommented this: nextUrl = UtilityManager.FormatAbsoluteUrl(nextUrl); string statusMessage = ""; //now what //login user like external // AppUser user = AccountServices.GetUserByUserName( data.data.Email ); AccountServices acctServices = new AccountServices(); LoggingHelper.DoTrace(6, "CE_Login - GetUserByCEAccountId"); AppUser user = AccountServices.GetUserByCEAccountId(data.data.AccountIdentifier); //note user may not yet exist here, if (user == null || user.Id == 0) { LoggingHelper.DoTrace(4, string.Format("Account.CE_Login. First time login for {0} {1}", data.data.FirstName, data.data.LastName)); //will eventually not want to use AspNetUsers var newUser = new ApplicationUser { UserName = data.data.Email, Email = data.data.Email, FirstName = data.data.FirstName, LastName = data.data.LastName }; var result = await UserManager.CreateAsync(newUser); if (result.Succeeded) { //add mirror account acctServices.Create(data.data.Email, data.data.FirstName, data.data.LastName, data.data.Email, newUser.Id, "", data.data.AccountIdentifier, ref statusMessage, false, true); UserLoginInfo info = new UserLoginInfo("CredentialEngine", data.data.AccessToken); ExternalLoginInfo einfo = new ExternalLoginInfo() { DefaultUserName = data.data.Email, Email = data.data.Email, Login = info }; result = await UserManager.AddLoginAsync(newUser.Id, info); if (result.Succeeded) { await SignInManager.SignInAsync(newUser, isPersistent : false, rememberBrowser : false); //now get user and add to session, will include any orgs if found AppUser thisUser = AccountServices.GetUserByCEAccountId(data.data.AccountIdentifier); //get organizations GetOrganizationsForUser(thisUser); return(RedirectToLocal(nextUrl)); //return RedirectToAction( "Index", "Search" ); } } AddErrors(result); ConsoleMessageHelper.SetConsoleErrorMessage("Error - unexpected issue encountered attempting to sign in.<br/>" + result); LoggingHelper.DoTrace(6, "CE_Login - Error - unexpected issue encountered attempting to add user.<br/>" + result); //where to go for errors? } else { //may want to compare user, and update as needed if (user.Email != data.data.Email || user.FirstName != data.data.FirstName || user.LastName != data.data.LastName) { //update user user.Email = data.data.Email; user.FirstName = data.data.FirstName; user.LastName = data.data.LastName; acctServices.Update(user, false, ref statusMessage); } LoggingHelper.DoTrace(6, "CE_Login - existing user"); ApplicationUser aspUser = this.UserManager.FindByEmail(data.data.Email.Trim()); await SignInManager.SignInAsync(aspUser, isPersistent : false, rememberBrowser : false); AppUser thisUser = AccountServices.SetUserByEmail(aspUser.Email); if (thisUser != null && thisUser.Id > 0) { //get organizations - currently only those who can create widgets GetOrganizationsForUser(thisUser); } ActivityServices.UserExternalAuthentication(appUser, "CE SSO"); string message = string.Format("Email: {0}, provider: {1}", data.data.Email, "CE SSO"); LoggingHelper.DoTrace(5, "AccountController.CE_Login: "******"CE_Login Unable to login user"); } return(View()); }