public async Task <IHttpActionResult> LoginExternal(string signin, string provider) { Logger.InfoFormat("External login requested for provider: {0}", provider); if (provider.IsMissing()) { Logger.Error("No provider passed"); return(RenderErrorPage(localizationService.GetMessage(MessageIds.NoExternalProvider))); } if (signin.IsMissing()) { Logger.Error("No signin id passed"); return(RenderErrorPage(localizationService.GetMessage(MessageIds.NoSignInCookie))); } var signInMessage = signInMessageCookie.Read(signin); if (signInMessage == null) { Logger.Error("No cookie matching signin id found"); return(RenderErrorPage(localizationService.GetMessage(MessageIds.NoSignInCookie))); } if (!(await clientStore.IsValidIdentityProviderAsync(signInMessage.ClientId, provider))) { Logger.ErrorFormat("Provider {0} not allowed for client: {1}", provider, signInMessage.ClientId); return(RenderErrorPage()); } var authProp = new Microsoft.Owin.Security.AuthenticationProperties { RedirectUri = Url.Route(Constants.RouteNames.LoginExternalCallback, null) }; // add the id to the dictionary so we can recall the cookie id on the callback authProp.Dictionary.Add(Constants.Authentication.SigninId, signin); authProp.Dictionary.Add(Constants.Authentication.KatanaAuthenticationType, provider); context.Authentication.Challenge(authProp, provider); return(Unauthorized()); }
public async Task <IHttpActionResult> LoginExternal(string signin, string provider) { Logger.InfoFormat("External login requested for provider: {0}", provider); if (provider.IsMissing()) { Logger.Error("No provider passed"); return(RenderErrorPage(localizationService.GetMessage(MessageIds.NoExternalProvider))); } if (provider.Length > options.InputLengthRestrictions.IdentityProvider) { Logger.Error("Provider parameter passed was larger than max length"); return(RenderErrorPage()); } if (signin.IsMissing()) { Logger.Info("No signin id passed"); return(HandleNoSignin()); } if (signin.Length > MaxSignInMessageLength) { Logger.Error("Signin parameter passed was larger than max length"); return(RenderErrorPage()); } var signInMessage = signInMessageCookie.Read(signin); if (signInMessage == null) { Logger.Info("No cookie matching signin id found"); return(HandleNoSignin()); } if (!(await clientStore.IsValidIdentityProviderAsync(signInMessage.ClientId, provider))) { var msg = String.Format("External login error: provider {0} not allowed for client: {1}", provider, signInMessage.ClientId); Logger.ErrorFormat(msg); await eventService.RaiseFailureEndpointEventAsync(EventConstants.EndpointNames.Authenticate, msg); return(RenderErrorPage()); } if (context.IsValidExternalAuthenticationProvider(provider) == false) { var msg = String.Format("External login error: provider requested {0} is not a configured external provider", provider); Logger.ErrorFormat(msg); await eventService.RaiseFailureEndpointEventAsync(EventConstants.EndpointNames.Authenticate, msg); return(RenderErrorPage()); } var authProp = new Microsoft.Owin.Security.AuthenticationProperties { RedirectUri = Url.Route(Constants.RouteNames.LoginExternalCallback, null) }; Logger.Info("Triggering challenge for external identity provider"); // add the id to the dictionary so we can recall the cookie id on the callback authProp.Dictionary.Add(Constants.Authentication.SigninId, signin); authProp.Dictionary.Add(Constants.Authentication.KatanaAuthenticationType, provider); context.Authentication.Challenge(authProp, provider); return(Unauthorized()); }