//public void RefreshUserMenuState(int userID) { // try { // //using (SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["DBMEdition01"].ToString())) // //{ // // SqlCommand cmd = new SqlCommand("apiMenuState_Update", conn); // // cmd.CommandType = CommandType.StoredProcedure; // // cmd.Parameters.AddWithValue("@UserID", userID); // // conn.Open(); // // cmd.ExecuteNonQuery(); // //} // } // catch (Exception ex) { // throw ex; // } //} public void Authenticate(Models.Authentication userAttributes) { try { using (SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["DBAMP"].ToString())) { SqlCommand cmd = new SqlCommand("usmMenuGetDebugToken", conn); cmd.CommandType = CommandType.StoredProcedure; if (userAttributes.LOCALDEBUG) { cmd.Parameters.AddWithValue("@UserLogonID", userAttributes.UserLogonID); } else { cmd.Parameters.AddWithValue("@UserID", userAttributes.UserID); } conn.Open(); SqlDataReader reader = cmd.ExecuteReader(); if (reader.HasRows) { reader.Read(); userAttributes.UserID = Convert.ToInt32(reader["UserID"].ToString()); userAttributes.AuthToken = reader["AuthToken"].ToString(); } } } catch (Exception ex) { userAttributes.InError = true; userAttributes.ErrorMsg = ex.Message; } }
public IActionResult IndexPost(Models.Authentication authentication) { authentication.State = _state; Uri codeUri = Common.GetCodeUri(authentication.ClientId, authentication.State, Url.Action("Redirect", "Home", null, HttpContext.Request.Scheme)); TempData["State"] = authentication.State; TempData["ClientId"] = authentication.ClientId; return(Redirect(codeUri.ToString())); }
public async Task <IActionResult> CodePost(Models.Authentication authentication) { string tokenUri = "https://login.live.com/oauth20_token.srf"; using (HttpClient client = new HttpClient()) { FormUrlEncodedContent content = new FormUrlEncodedContent(authentication.ToKeyValue()); HttpResponseMessage response = await client.PostAsync(tokenUri, content); Token token = JsonConvert.DeserializeObject <Token>(await response.Content.ReadAsStringAsync()); TempData["ClientId"] = authentication.ClientId; TempData["ClientSecret"] = authentication.ClientSecret; return(View("Token", token)); } }
public IActionResult Redirect(string code, string state) { string clientId = TempData["ClientId"].ToString(); string originalState = TempData["State"].ToString(); if (state != originalState) { throw new UnauthorizedAccessException("State code returned is not the same as that provided"); } Models.Authentication authentication = new Models.Authentication() { ClientId = clientId, State = state, Scope = "bingads.manage", Code = code, GrantType = "authorization_code", RedirectUri = Url.Action("Redirect", "Home", null, HttpContext.Request.Scheme).ToString() }; return(View("Code", authentication)); }
public static void SetUpSession(bool fromportal = false, Models.Authentication objAuthenticationUser = null) { try { var ProductParamDictionary = new StringDictionary(); var objUser = new Models.Authentication(); var menuService = new Services.MenuService(); bool LOCALDEBUG = false; string fromProduct = null; string decryptedProductParams = null; LOCALDEBUG = Convert.ToBoolean(ConfigurationManager.AppSettings["LOCALDEBUG"]); if (LOCALDEBUG == false) { if (HttpContext.Current.Request.QueryString["FromPortal"] != null) { fromProduct = HttpContext.Current.Request.QueryString["FromPortal"]; } if (HttpContext.Current.Request.QueryString["FromProduct"] != null) { fromProduct = HttpContext.Current.Request.QueryString["FromProduct"]; } if (fromProduct == null) { return; } // When decrypted, the decryptProductParams variable looks like this: // UserID|100106|Token|479bb3e7-079a-4a97-950f-41da256c6928|PageID|14|currentUTCtime|09/25/2017 19:56:41 decryptedProductParams = CryptHelpers.Decrypt(fromProduct, WebConstants.ENCRYPT_KEY); using (IEnumerator <string> enumerator = decryptedProductParams.Split('|').AsEnumerable().GetEnumerator()) { while (enumerator.MoveNext()) { string first = enumerator.Current; if (!enumerator.MoveNext()) { break; } ProductParamDictionary.Add(first, enumerator.Current); } } objUser.UserID = Convert.ToInt32(ProductParamDictionary["UserID"]); objUser.AuthToken = ProductParamDictionary["Token"]; objUser.PageID = Convert.ToInt32(ProductParamDictionary["PageID"]); objUser.AdminUserID = Convert.ToInt32(ProductParamDictionary["AdminUserID"]); #region Process currentUTCtime from Querystring. If currentUTCtime not found, log exception & redirect request to login. if (ProductParamDictionary[ProductQueryStringKey.currentUTCtime.ToString()] != null) { var ProductUtCtime = Convert.ToDateTime(ProductParamDictionary[ProductQueryStringKey.currentUTCtime.ToString()]); var currentUtCtime = DateTime.UtcNow.ToString(CultureInfo.InvariantCulture); // 5 minute check between servers if ((DateTime.Parse(currentUtCtime.ToString(CultureInfo.InvariantCulture))) .Subtract(DateTime.Parse(ProductUtCtime.ToString(CultureInfo.InvariantCulture))) .Seconds > 300) { if (Convert.ToBoolean(ConfigurationManager.AppSettings["PortalRedirect"])) { HttpContext.Current.Response.Redirect(string.Format("Transfer.aspx?qs={0}", (int)QueryStringValue.TimeOut), false); HttpContext.Current.Response.End(); } } } else { // ================================================================================================= // If currentUTCtime KVP not found, log error in ExceptionLog and reroute user to login screen. // ================================================================================================= ExceptionService exceptionService = new ExceptionService(); ExceptionLog exLog = new ExceptionLog(); exLog.ExceptionText = "KVP currentUTCtime missing from ecrypted querystring."; exLog.PageName = "JCR.Reports.Common.Security.cs"; exLog.MethodName = "SetUpSession"; exLog.UserID = objUser.UserID; exLog.SiteId = 0; exLog.TransSQL = string.Format("Unencrypted Querystring: {0}", decryptedProductParams); exLog.HttpReferrer = null; exceptionService.LogException(exLog); HttpContext.Current.Response.Redirect("~/Transfer/LogoutRedirect"); } #endregion // Mark Orlando 10/18/2017. When AMP is called from AdminTool, UserOriginalRoleID KVP will contain 5 aka Global Admin. // If UserOriginalRoleID is 5, then AdminTool will pass AMP the GA's User ID in UserOriginalRoleID KVP. // Default values of 0 indicate the real user is not GA, but rather a customer. // When GAdmin logged-in as customer and went from AMP to Reports here's what Querystring looked like: // UserID|100106|Token|28D07930-AF85-42CE-A80D-17CF51DDAF13|PageID|48|AdminUserID|123316|UserOriginalRoleID|5|currentUTCtime|11/27/2017 20:41:25 if (ProductParamDictionary["UserOriginalRoleID"] != null) { objUser.UserOriginalRoleID = Convert.ToInt32(ProductParamDictionary["UserOriginalRoleID"]); objUser.AdminUserID = Convert.ToInt32(ProductParamDictionary["AdminUserID"]); } } else { // Susan Easter has access to 10 sites, each of which has access to AMP & Tracers...except site 4758 // For this site, she has access to AMP, but not Tracers: Michael E. DeBakey VA MC Opioid Treatment Program //objUser.UserLogonID = "*****@*****.**"; //objUser.UserLogonID = "*****@*****.**"; //objUser.UserLogonID = "*****@*****.**"; //objUser.UserLogonID = "*****@*****.**"; //objUser.UserLogonID = "*****@*****.**"; //objUser.UserLogonID = "*****@*****.**"; //objUser.UserLogonID = "*****@*****.**"; //objUser.UserLogonID = "*****@*****.**"; // objUser.UserLogonID = "*****@*****.**"; //objUser.UserLogonID = "*****@*****.**"; //objUser.UserLogonID = "*****@*****.**"; //objUser.UserLogonID = "*****@*****.**"; //objUser.UserLogonID = "*****@*****.**"; // objUser.UserLogonID = "*****@*****.**"; // objUser.UserLogonID = "*****@*****.**"; // Staff Member // objUser.UserLogonID = "*****@*****.**"; // Site Manager // objUser.UserLogonID = "*****@*****.**"; // objUser.UserLogonID = "*****@*****.**"; objUser.UserLogonID = "*****@*****.**"; //objUser.PageID = 14; // PageID 14 is 'Reports Menu|Compliance' aka AMP objUser.PageID = 48; // PageID 48 is 'Reports Menu|Tracers' //objUser.PageID = 49; // PageID 49 is 'Reports Menu|ER Tracers' } if (objAuthenticationUser != null) { objUser = objAuthenticationUser; } menuService.Authenticate(objUser); if (objUser.InError) { HttpContext ctx = HttpContext.Current; ctx.Response.Redirect("~/Transfer/Error"); } else { if (LOCALDEBUG) { menuService.CreateStateWhenLocalDebugIsTrue(objUser.UserID); } AppSession.CreateSession(); AppSession.UserID = objUser.UserID; AppSession.AuthToken = objUser.AuthToken; AppSession.PageID = objUser.PageID; AppSession.AdminUserID = objUser.AdminUserID; AppSession.UserOriginalRoleID = objUser.UserOriginalRoleID; AppSession.WebApiUrl = ConfigurationManager.AppSettings["JCRAPI"].ToString(); var menuState = menuService.GetState(AppSession.UserID.GetValueOrDefault(), AppSession.AuthToken); AppSession.EmailAddress = menuState.UserLogonID; AppSession.FirstName = menuState.FirstName; AppSession.LastName = menuState.LastName; AppSession.FullName = String.Format("{0} {1}", menuState.FirstName, menuState.LastName); AppSession.RoleID = menuState.UserRoleID; AppSession.SelectedSiteId = menuState.SiteID; AppSession.SelectedSiteName = menuState.SiteName; AppSession.SelectedProgramId = menuState.ProgramID; AppSession.SelectedProgramName = menuState.ProgramName; AppSession.CycleID = menuState.CycleID; AppSession.IsCorporateSite = menuState.AccessToMockSurvey; AppSession.ProgramGroupTypeID = menuState.ProgramGroupTypeID; AppSession.IsCMSProgram = menuState.AccessToCMS; AppSession.HasTracersAccess = menuState.AccessToTracers; AppSession.SelectedCertificationItemID = menuState.CertificationItemID; if (AppSession.SelectedCertificationItemID > 0) { var lstPrograms = UserCustom.GetProgramBySites(AppSession.SelectedSiteId); if (lstPrograms != null && lstPrograms.Count > 0) { var queryBaseProgramID = lstPrograms.Where(prg => prg.ProgramID == AppSession.SelectedProgramId && prg.AdvCertListTypeID == AppSession.SelectedCertificationItemID).FirstOrDefault(); if (queryBaseProgramID != null) { AppSession.SelectedProgramId = (int)queryBaseProgramID.BaseProgramID; } } } switch (AppSession.PageID) { case 50: // PageID 50 is My Saved Reports ● Tracers case 15: // PageID 15 is is My Saved Reports ● Compliance case 51: // PageID 51 is is My Saved Reports ● ER Tracers AppSession.DirectView = "MyReports"; break; case 52: // PageID 52 is My Site's Saved Reports ● Tracers case 16: // PageID 16 is My Site's Saved Reports ● Compliance case 53: // PageID 53 is My Site's Saved Reports ● ER Tracers AppSession.DirectView = "SearchReports"; break; } var commonService = new CommonService(); SearchInputService searchInputService = new SearchInputService(); AppSession.CycleID = commonService.GetLatestCycleByProgram(AppSession.SelectedProgramId).CycleID; //if (AppSession.LinkType != 11) { // AppSession.Sites = searchInputService.SelectTracerSitesByUser(Convert.ToInt32(AppSession.UserID)); // AppSession.CycleID = commonService.GetLatestCycleByProgram(AppSession.SelectedProgramId).CycleID; //} else { // var SiteList = CorporateFinding.GetSitesByUser(Convert.ToInt32(AppSession.UserID)).Select(x => new UserSite() { SiteID = x.SiteID, SiteName = x.SiteName, RoleID = x.RoleID, SiteFullName = x.SiteFullName, IsCorporateAccess = x.IsCorporateAccess }).ToList(); // AppSession.Sites = SiteList; //} //if (AppSession.Sites.Count == 0) { // AppSession.Sites = searchInputService.SelectTracerSitesByUser(Convert.ToInt32(AppSession.UserID)); //} AppSession.Sites = SearchInputService.GetSitesByUser(AppSession.UserID); foreach (var site in AppSession.Sites.ToList()) { //site.Programs = new List<ProgramVM>(); //site.Programs.AddRange(new SearchInputService().SelectAllTracerProgramsBySiteAndUser(Convert.ToInt32(AppSession.UserID), site.SiteID, Convert.ToInt32(AppSession.CycleID))); site.Programs = UserCustom.GetProgramBySites(site.SiteID); } commonService.GetHelpLink(); UpdateAppLogin(); } } catch (Exception ex) { throw ex; } }
public IActionResult CodeGet(Models.Authentication authentication) { return(View(authentication)); }