/// <summary> /// check if customer alresdy exists in Personify /// </summary> /// <param name="userName">userName</param> /// <param name="password">password</param> /// <param name="firstName">firstName</param> /// <param name="lastName">lastName</param> /// <returns>the customer token</returns> private string PersonifyRegistered(string userName, string password, string firstName, string lastName) { var customerToken = String.Empty; try { var customer = ssoClient.SSOCustomerGetByUsername(PersonifyVendorName, PersonifyVendorPassword, userName); if (!customer.UserExists) { var newPersonifyCustomer = ssoClient.SSOCustomerRegister(PersonifyVendorName, PersonifyVendorPassword, userName, password, userName, firstName, lastName, true); if (newPersonifyCustomer.Result == false) { //TODO: Need to check all of these errors. lblError.Text = newPersonifyCustomer.Errors.FirstOrDefault(); lblError.Visible = true; return(String.Empty); } customerToken = newPersonifyCustomer.NewCustomerToken; //creating customer presonify info if (!CreateCustomerInf(userName, firstName, lastName)) { customerToken = String.Empty; //error disable customer account ssoClient.SSOEnableDisableCustomerAccount(PersonifyVendorName, PersonifyVendorPassword, userName, true); } } else if (customer.UserExists && customer.DisableAccountFlag)// if customer account is disabled { //enable customer account ssoClient.SSOEnableDisableCustomerAccount(PersonifyVendorName, PersonifyVendorPassword, userName, false); //creating customer presonify info if (!CreateCustomerInf(userName, firstName, lastName)) { customerToken = String.Empty; //error disable customer account ssoClient.SSOEnableDisableCustomerAccount(PersonifyVendorName, PersonifyVendorPassword, userName, true); } } else { customerToken = String.Empty; lblError.Visible = true; lblError.Text = GetString("UserInfo.EmailAlreadyExist"); } } catch (DataServiceClientException dscex) { var messages = dscex.ParseMessages(); var errorMessage = messages.ValidationIssues.ValidationMessage.Aggregate(new StringBuilder(), (x, y) => x.AppendLine(y.Message)).ToString(); customerToken = String.Empty; lblError.Visible = true; lblError.Text = errorMessage; EventLogProvider.LogException(dscex.Source, dscex.Message, dscex); } catch (Exception ex) { customerToken = String.Empty; lblError.Visible = true; lblError.Text = RegistrationErrorMessage; EventLogProvider.LogException(ex.Source, ex.Message, ex); } return(customerToken); }
/// <summary> /// Logic to handle SSO sign in/out and user reauthorization /// </summary> protected void Page_Load(object sender, EventArgs e) { // Did user log out? CheckForLogout(); // Do we need to reauthorize user? ReAuthorizeCheck(); Session[PersonifySessionKey] = null; // Check for empty session values if (Session[UserNameSessionKey] == null || (string)Session[PasswordSessionKey] == null) { ReAuthorizeFail(); } var username = (string)Session[UserNameSessionKey]; var password = (string)Session[PasswordSessionKey]; // Logic to handle retry if (Session[RetryCountSessionKey] == null) { Session[RetryCountSessionKey] = 0; } else if ((int)Session[RetryCountSessionKey] == 5) { Session[RetryCountSessionKey] = null; EventLogProvider.LogException("SSOHandler", "Retry", new Exception("Cannot resolve username and password with autologin. Exceeded retry limit."), SiteContext.CurrentSiteID); URLHelper.Redirect(_loginErrorUrl); } else { var current = (int)Session[RetryCountSessionKey] + 1; Session[RetryCountSessionKey] = current; } // Get customer from Personify var ssoCustomer = ssoClient.SSOCustomerGetByUsername(_personifySsoVendorName, _personifySsoVendorPassword, username); // Check if Customer exists in Personify if (ssoCustomer == null) { EventLogProvider.LogException("SSOHandler", "LookupCustomer", new Exception("ssoCustomer does not exist for given username."), SiteContext.CurrentSiteID); URLHelper.Redirect(_loginErrorUrl); //throw new Exception("ssoCustomer does not exist for given username."); } // Get Token from Personify Request var customerToken = Request.QueryString["ct"]; var decryptedToken = String.Empty; var rememberMe = Session[RememberMeSessionKey] != null ? (bool)Session[RememberMeSessionKey] : false; // If decrypted token is not empty and valid, then proceed to log in if (!string.IsNullOrEmpty(customerToken) && isValidToken(decryptedToken = DecryptCustomerToken(customerToken))) { Session[PersonifySessionKey] = decryptedToken; // Verify Kentico User VerifyKenticoUser(decryptedToken, username); // Log in to Kentico AuthenticationHelper.AuthenticateUser(username, rememberMe); // Set SSO Token cookie var ssoToken = new HttpCookie(SSOTokenCookie, decryptedToken); ssoToken.Expires = DateTime.Now.AddDays(90); Response.Cookies.Add(ssoToken); SessionHelper.Remove("VendorToken"); RedirectToDesiredURL(); } else { //we don't have a valid token, initiate Retry String returnURL = HttpContext.Current.Request.Url.AbsoluteUri; if (!String.IsNullOrEmpty(HttpContext.Current.Request.Url.Query)) { returnURL = returnURL.Replace(HttpContext.Current.Request.Url.Query, ""); } var encryptedVendorToken = RijndaelAlgorithm.GetVendorToken(returnURL, _personifySsoVendorPassword, _personifySsoVendorBlock, username, password, rememberMe); SessionHelper.SetValue("VendorToken", encryptedVendorToken); var url = string.Format("{0}?vi={1}&vt={2}", _personifyAutoLoginUrl, _personifyVendorID, encryptedVendorToken); Response.Redirect(url); } }