private void MakeReplacements(RichTextBox richTextBox, string xaml)
{
if (richTextBox == null || string.IsNullOrEmpty(xaml) || CredentialRequestInfo == null)
{
return;
}
string url = _credentialRequestInfo.ServiceUri;
if (!string.IsNullOrEmpty(url))
{
url = Regex.Replace(url, "\\?.*", "", RegexOptions.IgnoreCase); // remove query parameters
string resourceName = GetResourceName(url);
IdentityManager.ServerInfo serverInfo = IdentityManager.Current.FindServerInfo(url);
string server = serverInfo == null?Regex.Match(url, "https?://[^/]*").ToString() : serverInfo.ServerUri;
xaml = xaml.Replace("$RESOURCENAME", XamlEncode(resourceName));
xaml = xaml.Replace("$URL", XamlEncode(url));
xaml = xaml.Replace("$SERVER", XamlEncode(server));
}
xaml = xaml.Replace("$AUTHENTICATIONTYPE", _credentialRequestInfo.AuthenticationType.ToString());
xaml = xaml.Replace("$ERRORMESSAGE", XamlEncode(ErrorMessage));
string previousError = _credentialRequestInfo.Response != null ? _credentialRequestInfo.Response.ReasonPhrase : null;
xaml = xaml.Replace("$PREVIOUSERROR", XamlEncode(previousError));
var stringReader = new StringReader(xaml);
XmlReader xmlReader = XmlReader.Create(stringReader);
richTextBox.Document = XamlReader.Load(xmlReader) as FlowDocument;
}
private static void ChallengeCertificate(IdentityManager.CredentialRequestInfos credentialRequestInfos, Action <IdentityManager.Credential, Exception> callback)
{
var store = new X509Store(StoreName.My, StoreLocation.CurrentUser);
X509Certificate2Collection certificates;
try
{
const string clientAuthOid = "1.3.6.1.5.5.7.3.2"; // Client Authentication OID
store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);
// Find Client Authentication certificate
certificates = store.Certificates.Find(X509FindType.FindByApplicationPolicy, clientAuthOid, true); // todo true);
}
catch (Exception)
{
certificates = null;
}
finally
{
store.Close();
}
if (certificates != null && certificates.Count >= 1)
{
// Let the user select/validate the certificate
string url = credentialRequestInfos.Url;
string resourceName = GetResourceName(url);
IdentityManager.ServerInfo serverInfo = IdentityManager.Current.FindServerInfo(url);
string server = serverInfo == null?Regex.Match(url, "http.?//[^/]*").ToString() : serverInfo.ServerUrl;
string message = string.Format(Properties.Resources.SignInDialog_CertificateRequired, resourceName, server); // certicate required to access {0} on {1}
certificates = X509Certificate2UI.SelectFromCollection(certificates, null, message, X509SelectionFlag.SingleSelection);
}
IdentityManager.Credential credential = null;
Exception error = null;
if (certificates != null && certificates.Count > 0)
{
credential = new IdentityManager.Credential {
ClientCertificate = certificates[0]
};
}
else
{
// Note : Error type is not that important since the error returned to the user is the initial HTTP error (Authorization Error)
error = new System.Security.Authentication.AuthenticationException();
}
callback(credential, error);
}
private void MakeReplacements(RichTextBox richTextBox, string xaml)
{
if (richTextBox == null || string.IsNullOrEmpty(xaml))
{
return;
}
string url = Url;
if (string.IsNullOrEmpty(url) && DesignerProperties.GetIsInDesignMode(this))
{
url = "http://myServer.com/rest/services/myService"; // Use design Url
}
if (!string.IsNullOrEmpty(url))
{
string resourceName = GetResourceName(url);
IdentityManager.ServerInfo serverInfo = IdentityManager.Current.FindServerInfo(url);
string server = serverInfo == null?Regex.Match(url, "http.?//[^/]*").ToString() : serverInfo.ServerUrl;
xaml = xaml.Replace("$RESOURCENAME", XamlEncode(resourceName));
xaml = xaml.Replace("$URL", XamlEncode(url));
xaml = xaml.Replace("$SERVER", XamlEncode(server));
}
#if !SILVERLIGHT
xaml = xaml.Replace("$AUTHENTICATIONTYPE", _authenticationType.ToString());
#endif
xaml = xaml.Replace("$ERRORMESSAGE", XamlEncode(ErrorMessage));
string previousError = null;
string referer = null;
string proxyUrl = null;
if (GenerateTokenOptions != null)
{
previousError = GenerateTokenOptions.PreviousError.ToString();
referer = GenerateTokenOptions.Referer;
proxyUrl = GenerateTokenOptions.ProxyUrl;
}
xaml = xaml.Replace("$PREVIOUSERROR", XamlEncode(previousError));
xaml = xaml.Replace("$SERVER", XamlEncode(referer));
xaml = xaml.Replace("$PROXYURL", XamlEncode(proxyUrl));
#if SILVERLIGHT
richTextBox.Xaml = xaml;
#else
StringReader stringReader = new StringReader(xaml);
XmlReader xmlReader = XmlReader.Create(stringReader);
richTextBox.Document = XamlReader.Load(xmlReader) as FlowDocument;
#endif
}
// Challenge method should prompt for portal oauth username / password if necessary
public static async Task<IdentityManager.Credential> Challenge(IdentityManager.CredentialRequestInfo arg)
{
// Register Portal Server if necessary
var serverInfo = IdentityManager.Current.FindServerInfo(PORTAL_URL);
if (serverInfo == null)
{
serverInfo = new IdentityManager.ServerInfo()
{
ServerUri = PORTAL_URL,
TokenAuthenticationType = IdentityManager.TokenAuthenticationType.OAuthAuthorizationCode,
OAuthClientInfo = new IdentityManager.OAuthClientInfo()
{
ClientId = CLIENT_ID,
RedirectUri = REDIRECT_URI
}
};
IdentityManager.Current.RegisterServer(serverInfo);
}
// Use portal URL always (we know all layers are owned by arcgis.com)
return await IdentityManager.Current.GenerateCredentialAsync(PORTAL_URL);
}
// Challenge method should prompt for portal oauth username / password if necessary
public static async Task <IdentityManager.Credential> Challenge(IdentityManager.CredentialRequestInfo arg)
{
// Register Portal Server if necessary
var serverInfo = IdentityManager.Current.FindServerInfo(PORTAL_URL);
if (serverInfo == null)
{
serverInfo = new IdentityManager.ServerInfo()
{
ServerUri = PORTAL_URL,
TokenAuthenticationType = IdentityManager.TokenAuthenticationType.OAuthAuthorizationCode,
OAuthClientInfo = new IdentityManager.OAuthClientInfo()
{
ClientId = CLIENT_ID,
RedirectUri = REDIRECT_URI
}
};
IdentityManager.Current.RegisterServer(serverInfo);
}
// Use portal URL always (we know all layers are owned by arcgis.com)
return(await IdentityManager.Current.GenerateCredentialAsync(PORTAL_URL));
}
public async Task <bool> SignInUsingIdentityManager(string username, string password)
{
IsSigningIn = true;
// if oauth2 required params are set, register the server for oauth2 authentication.
if (App.IsOrgOAuth2)
{
IdentityManager.ServerInfo si = new IdentityManager.ServerInfo();
si.ServerUri = App.PortalUri.Uri.ToString();
si.TokenAuthenticationType = IdentityManager.TokenAuthenticationType.OAuthAuthorizationCode;
si.OAuthClientInfo = new IdentityManager.OAuthClientInfo()
{
ClientId = App.AppServerId, RedirectUri = App.AppRedirectUri
};
IdentityManager.Current.RegisterServer(si);
//IdentityManager.Current.TokenValidity = 30;
////ToDo: revisist persisting and retreiving the token for OAuth2
//IdentityManager.Credential cr = await RetrieveCredentialAsync();
//if (cr != null)
//{
// IdentityManager.Current.AddCredential(cr);
// _credential = cr;
// IsSigningIn = false;
// return true;
//}
}
// if username and password were retrieved try getting the credentials without challenging the user
else if (!string.IsNullOrEmpty(username) && !string.IsNullOrEmpty(password))
{
try
{
var credential = await IdentityManager.Current.GenerateCredentialAsync(App.PortalUri.Uri.ToString(), username, password);
if (credential != null && !string.IsNullOrEmpty(credential.Token))
{
//set the credential
_credential = credential;
IsSigningIn = false;
return(true);
}
}
catch (Exception ex)
{
IsSigningIn = false;
var _ = App.ShowExceptionDialog(ex);
return(false);
}
}
// Since credential could not be retrieved, try getting it by challenging the user
var credentialRequestInfo = new IdentityManager.CredentialRequestInfo
{
ServiceUri = App.PortalUri.Uri.ToString(),
AuthenticationType = IdentityManager.AuthenticationType.Token,
};
try
{
IdentityManager.Credential credential = await IdentityManager.Current.GetCredentialAsync(credentialRequestInfo, true);
if (credential != null && !string.IsNullOrEmpty(credential.Token)) // && credential.Token != Token)
{
//set the credential
_credential = credential;
//store credentials using PasswordVault
if (!App.IsOrgOAuth2) // && IdentityManager.Current.ChallengeMethodCredentialResults.CredentialSaveOption == Windows.Security.Credentials.UI.CredentialSaveOption.Selected)
{
new PasswordVault().Add(new PasswordCredential(App.OrganizationUrl, credential.UserName, credential.Password));
}
//else
// new PasswordVault().Add(new PasswordCredential(App.OrganizationUrl, credential.UserName, credential.Token)); // for OAuth2 store the token instead of the password.
IsSigningIn = false;
return(true);
}
//if (credential.Credentials != null) // && credential.Credentials != credentials)
//{
// System.Net.ICredentials credentials = credential.Credentials;
// hasChanged = true;
//}
}
catch (Exception)
{
IsSigningIn = false;
}
IsSigningIn = false;
return(false);
}
