public Task AuthenticateAsync(HttpAuthenticationContext context, System.Threading.CancellationToken cancellationToken) { var req = context.Request; if (context.Principal.Identity.IsAuthenticated) { return(Task.FromResult(0)); } if (context.Request.Headers.Authorization != null && context.Request.Headers.Authorization.Scheme == "Bearer") { using (IObjectRepository tdb = DBContext.Create()) { var userInfo = OAuth2UserInfo.GetUserInfo(context.Request.Headers.Authorization.Parameter); var foundUser = tdb.Users.SingleOrDefault(y => y.UserName == userInfo.user_id); if (foundUser != null) { var identity = new TrifoliaApiIdentity(foundUser.UserName); var currentPrincipal = new GenericPrincipal(identity, null); context.Principal = currentPrincipal; Thread.CurrentPrincipal = currentPrincipal; } } } return(Task.FromResult(0)); }
private ActionResult OAuthCallback() { if (!string.IsNullOrEmpty(this.Request.QueryString["session_state"])) { Log.For(this).Trace("Removing the session_state param from the auth request"); var uri = new Uri(this.Request.Url.ToString()); // this gets all the query string key value pairs as a collection var newQueryString = HttpUtility.ParseQueryString(uri.Query); // this removes the key if exists newQueryString.Remove("session_state"); // this gets the page path from root without QueryString string pagePathWithoutQueryString = uri.GetLeftPart(UriPartial.Path); var newUrl = newQueryString.Count > 0 ? String.Format("{0}?{1}", pagePathWithoutQueryString, newQueryString) : pagePathWithoutQueryString; Log.For(this).Trace("Redirecting the user back to this route without the session_state param"); return(Redirect(newUrl)); } Log.For(this).Trace("Processing user authorization: " + this.Request.RawUrl); var auth = this.authClient.ProcessUserAuthorization(this.Request); var userInfo = OAuth2UserInfo.GetUserInfo(auth.AccessToken); var foundUser = this.tdb.Users.SingleOrDefault(y => y.UserName == userInfo.user_id); // If the user has migration information (the account that they are moving from) in their // profile, update trifolia so that it has the same userName/user_id. if (foundUser == null && userInfo.app_metadata != null && userInfo.app_metadata.migrated_account != null) { var migratingUser = this.tdb.Users.SingleOrDefault(y => y.Id == userInfo.app_metadata.migrated_account.internalId && y.UserName == userInfo.app_metadata.migrated_account.userName); if (migratingUser != null) { migratingUser.UserName = userInfo.user_id; foundUser = migratingUser; } this.tdb.SaveChanges(); } string userData = string.Format("{0}={1}", CheckPoint.AUTH_DATA_OAUTH2_TOKEN, auth.AccessToken); FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket( 2, userInfo.user_id, DateTime.Now, DateTime.Now.AddDays(20), true, userData); string encAuthTicket = FormsAuthentication.Encrypt(authTicket); HttpCookie faCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encAuthTicket); if (auth.AccessTokenExpirationUtc != null) { faCookie.Expires = auth.AccessTokenExpirationUtc.Value; } Response.Cookies.Set(faCookie); if (foundUser == null) { return(NewProfile("/", userInfo.given_name, userInfo.family_name, userInfo.email, userInfo.phone)); } // If the user was trying to go somewhere specific, redirect the user there instead var returnUrlCookie = this.Request.Cookies[AUTH_RETURN_URL_COOKIE_NAME]; if (returnUrlCookie != null && !string.IsNullOrEmpty(returnUrlCookie.Value)) { return(Redirect(returnUrlCookie.Value)); } return(Redirect("/")); }