public SsoToken SingleSignOn(string subscriptionId, string cloudServiceName, string resourceType, string resourceName)
{
if (!AzureStoreAuthorization.AuthorizeRequest(this.Request.GetClientCertificate()))
{
throw new HttpResponseException(HttpStatusCode.Forbidden);
}
try
{
using (var provider = AccountDataProvider.Instance)
{
if (String.IsNullOrEmpty(cloudServiceName) || String.IsNullOrEmpty(resourceType) || String.IsNullOrEmpty(resourceName))
{
throw new HttpResponseException(HttpStatusCode.BadRequest);
}
var resource = provider.GetAzureStoreResource(
subscriptionId: subscriptionId,
cloudServiceName: cloudServiceName,
resourceType: resourceType,
resourceName: resourceName
);
if (resource == null)
{
Logger.ErrorFormat("SingleSignOn: Unable to find Azure Store resource {1} for subscription {0}.", subscriptionId, resourceName);
throw new HttpResponseException(HttpStatusCode.NotFound);
}
var timestamp = DateTime.UtcNow;
return(new SsoToken
{
TimeStamp = timestamp.Ticks.ToString(),
Token = AzureStoreAuthorization.GetSsoToken(subscriptionId, cloudServiceName, resourceType, resourceName, resource.id_TenantId, timestamp)
});
}
}
catch (Exception ex)
{
if (Utils.IsFatalException(ex) || ex is HttpResponseException)
{
throw;
}
Logger.Error(
message: String.Format(
"SingleSignOn: Unable to find Azure Store resource {1} for subscription {0}.",
subscriptionId,
resourceName
),
exception: ex
);
throw new HttpResponseException(HttpStatusCode.InternalServerError);
}
}
public ActionResult SingleSignOn(string subid, string cloudServiceName, string resourceType, string resourceName, long timestamp, string token)
{
try
{
using (var provider = AccountDataProvider.Instance)
{
if (String.IsNullOrEmpty(cloudServiceName) || String.IsNullOrEmpty(resourceType) || String.IsNullOrEmpty(resourceName))
{
return(new HttpStatusCodeResult((int)HttpStatusCode.BadRequest));
}
var resource = provider.GetAzureStoreResource(
subscriptionId: subid,
cloudServiceName: cloudServiceName,
resourceType: resourceType,
resourceName: resourceName
);
if (resource == null || timestamp.FromTicks() < DateTime.UtcNow.AddMinutes(-10))
{
return(new HttpStatusCodeResult((int)HttpStatusCode.Forbidden));
}
if (token != AzureStoreAuthorization.GetSsoToken(subid, cloudServiceName, resourceType, resourceName, resource.id_TenantId, timestamp.FromTicks()))
{
return(new HttpStatusCodeResult((int)HttpStatusCode.Forbidden));
}
FormsAuthentication.SetAuthCookie("azurestore." + resource.id_TenantId, false);
return(this.RedirectToAction(
actionName: "Index",
controllerName: "Home"
));
}
}
catch (Exception ex)
{
Logger.Error(
message: String.Format(
"Single sign on failed for resource {1} and subscription {0}.",
subid,
resourceName
),
exception: ex
);
throw;
}
}