public async Task <IActionResult> AuthnRequestAsync(UpPartyLink partyLink, LoginRequest loginRequest)
{
logger.ScopeTrace("Up, SAML Authn request.");
var partyId = await UpParty.IdFormat(RouteBinding, partyLink.Name);
logger.SetScopeProperty("upPartyId", partyId);
await loginRequest.ValidateObjectAsync();
await sequenceLogic.SaveSequenceDataAsync(new SamlUpSequenceData
{
DownPartyId = loginRequest.DownParty.Id,
DownPartyType = loginRequest.DownParty.Type,
});
var party = await tenantRepository.GetAsync <SamlUpParty>(partyId);
switch (party.AuthnBinding.RequestBinding)
{
case SamlBindingType.Redirect:
return(await AuthnRequestAsync(party, new Saml2RedirectBinding(), loginRequest));
case SamlBindingType.Post:
return(await AuthnRequestAsync(party, new Saml2PostBinding(), loginRequest));
default:
throw new NotSupportedException($"Binding '{party.AuthnBinding.RequestBinding}' not supported.");
}
}
public async Task <IActionResult> AuthnRequestRedirectAsync(UpPartyLink partyLink, LoginRequest loginRequest)
{
logger.ScopeTrace("Up, SAML Authn request redirect.");
var partyId = await UpParty.IdFormatAsync(RouteBinding, partyLink.Name);
logger.SetScopeProperty("upPartyId", partyId);
await loginRequest.ValidateObjectAsync();
await sequenceLogic.SaveSequenceDataAsync(new SamlUpSequenceData
{
DownPartyLink = loginRequest.DownPartyLink,
UpPartyId = partyId,
LoginAction = loginRequest.LoginAction,
UserId = loginRequest.UserId,
MaxAge = loginRequest.MaxAge
});
return(HttpContext.GetUpPartyUrl(partyLink.Name, Constants.Routes.SamlUpJumpController, Constants.Endpoints.UpJump.AuthnRequest, includeSequence: true).ToRedirectResult());
}
public async Task <IActionResult> EndSessionRequestRedirectAsync(UpPartyLink partyLink, LogoutRequest logoutRequest)
{
logger.ScopeTrace("Up, OIDC End session request redirect.");
var partyId = await UpParty.IdFormatAsync(RouteBinding, partyLink.Name);
logger.SetScopeProperty("upPartyId", partyId);
await logoutRequest.ValidateObjectAsync();
await sequenceLogic.SaveSequenceDataAsync(new OidcUpSequenceData
{
DownPartyLink = logoutRequest.DownPartyLink,
UpPartyId = partyId,
SessionId = logoutRequest.SessionId,
RequireLogoutConsent = logoutRequest.RequireLogoutConsent,
PostLogoutRedirect = logoutRequest.PostLogoutRedirect,
});
return(HttpContext.GetUpPartyUrl(partyLink.Name, Constants.Routes.OAuthUpJumpController, Constants.Endpoints.UpJump.EndSessionRequest, includeSequence: true).ToRedirectResult());
}
public async Task <IActionResult> LogoutRedirect(UpPartyLink partyLink, LogoutRequest logoutRequest)
{
logger.ScopeTrace("Down, Logout redirect.");
var partyId = await UpParty.IdFormat(RouteBinding, partyLink.Name);
logger.SetScopeProperty("upPartyId", partyId);
await logoutRequest.ValidateObjectAsync();
await sequenceLogic.SaveSequenceDataAsync(new LoginUpSequenceData
{
DownPartyId = logoutRequest.DownParty.Id,
DownPartyType = logoutRequest.DownParty.Type,
UpPartyId = partyId,
SessionId = logoutRequest.SessionId,
RequireLogoutConsent = logoutRequest.RequireLogoutConsent,
PostLogoutRedirect = logoutRequest.PostLogoutRedirect
});
return(new RedirectResult($"~/{RouteBinding.TenantName}/{RouteBinding.TrackName}/({partyLink.Name})/login/logout/_{HttpContext.GetSequenceString()}"));
}
public async Task <IActionResult> LogoutRedirect(UpPartyLink partyLink, LogoutRequest logoutRequest)
{
logger.ScopeTrace(() => "Down, Logout redirect.");
var partyId = await UpParty.IdFormatAsync(RouteBinding, partyLink.Name);
logger.SetScopeProperty(Constants.Logs.UpPartyId, partyId);
await logoutRequest.ValidateObjectAsync();
await sequenceLogic.SetUiUpPartyIdAsync(partyId);
await sequenceLogic.SaveSequenceDataAsync(new LoginUpSequenceData
{
DownPartyLink = logoutRequest.DownPartyLink,
UpPartyId = partyId,
SessionId = logoutRequest.SessionId,
RequireLogoutConsent = logoutRequest.RequireLogoutConsent,
PostLogoutRedirect = logoutRequest.PostLogoutRedirect
});
return(HttpContext.GetUpPartyUrl(partyLink.Name, Constants.Routes.LoginController, Constants.Endpoints.Logout, includeSequence: true).ToRedirectResult());
}
public async Task <IActionResult> AuthenticationRequestRedirectAsync(UpPartyLink partyLink, LoginRequest loginRequest)
{
logger.ScopeTrace(() => "Up, OIDC Authentication request redirect.");
var partyId = await UpParty.IdFormatAsync(RouteBinding, partyLink.Name);
logger.SetScopeProperty(Constants.Logs.UpPartyId, partyId);
await loginRequest.ValidateObjectAsync();
var party = await tenantRepository.GetAsync <TParty>(partyId);
var oidcUpSequenceData = new OidcUpSequenceData
{
DownPartyLink = loginRequest.DownPartyLink,
UpPartyId = partyId,
LoginAction = loginRequest.LoginAction,
UserId = loginRequest.UserId,
MaxAge = loginRequest.MaxAge
};
await sequenceLogic.SaveSequenceDataAsync(oidcUpSequenceData);
return(HttpContext.GetUpPartyUrl(partyLink.Name, Constants.Routes.OAuthUpJumpController, Constants.Endpoints.UpJump.AuthenticationRequest, includeSequence: true, partyBindingPattern: party.PartyBindingPattern).ToRedirectResult());
}
public async Task <IActionResult> LogoutRequestRedirectAsync(UpPartyLink partyLink, LogoutRequest logoutRequest)
{
logger.ScopeTrace(() => "Up, SAML Logout request.");
var partyId = await UpParty.IdFormatAsync(RouteBinding, partyLink.Name);
logger.SetScopeProperty(Constants.Logs.UpPartyId, partyId);
await logoutRequest.ValidateObjectAsync();
var party = await tenantRepository.GetAsync <SamlUpParty>(partyId);
await sequenceLogic.SaveSequenceDataAsync(new SamlUpSequenceData
{
DownPartyLink = logoutRequest.DownPartyLink,
UpPartyId = partyId,
SessionId = logoutRequest.SessionId,
RequireLogoutConsent = logoutRequest.RequireLogoutConsent,
PostLogoutRedirect = logoutRequest.PostLogoutRedirect,
Claims = logoutRequest.Claims.ToClaimAndValues()
});
return(HttpContext.GetUpPartyUrl(partyLink.Name, Constants.Routes.SamlUpJumpController, Constants.Endpoints.UpJump.LogoutRequest, includeSequence: true, partyBindingPattern: party.PartyBindingPattern).ToRedirectResult());
}
public async Task <IActionResult> LoginRedirectAsync(UpPartyLink partyLink, LoginRequest loginRequest)
{
logger.ScopeTrace("Up, Login redirect.");
var partyId = await UpParty.IdFormat(RouteBinding, partyLink.Name);
logger.SetScopeProperty("upPartyId", partyId);
await loginRequest.ValidateObjectAsync();
await sequenceLogic.SaveSequenceDataAsync(new LoginUpSequenceData
{
DownPartyId = loginRequest.DownParty.Id,
DownPartyType = loginRequest.DownParty.Type,
UpPartyId = partyId,
LoginAction = loginRequest.LoginAction,
UserId = loginRequest.UserId,
MaxAge = loginRequest.MaxAge,
EmailHint = loginRequest.EmailHint,
Culture = loginRequest.Culture
});
return(new RedirectResult($"~/{RouteBinding.TenantName}/{RouteBinding.TrackName}/({partyLink.Name})/login/_{SequenceString}"));
}
public async Task <IActionResult> LoginRedirectAsync(UpPartyLink partyLink, LoginRequest loginRequest)
{
logger.ScopeTrace(() => "Up, Login redirect.");
var partyId = await UpParty.IdFormatAsync(RouteBinding, partyLink.Name);
logger.SetScopeProperty(Constants.Logs.UpPartyId, partyId);
await loginRequest.ValidateObjectAsync();
await sequenceLogic.SetUiUpPartyIdAsync(partyId);
await sequenceLogic.SaveSequenceDataAsync(new LoginUpSequenceData
{
DownPartyLink = loginRequest.DownPartyLink,
UpPartyId = partyId,
LoginAction = loginRequest.LoginAction,
UserId = loginRequest.UserId,
MaxAge = loginRequest.MaxAge,
Email = loginRequest.EmailHint,
Acr = GetSupportedAcr(loginRequest),
});
return(HttpContext.GetUpPartyUrl(partyLink.Name, Constants.Routes.LoginController, includeSequence: true).ToRedirectResult());
}
public async Task <(bool, SingleLogoutSequenceData)> InitializeSingleLogoutAsync(UpPartyLink upPartyLink, DownPartySessionLink initiatingDownParty, IEnumerable <DownPartySessionLink> downPartyLinks, IEnumerable <ClaimAndValues> claims, IEnumerable <string> allowIframeOnDomains = null, bool hostedInIframe = false)
{
logger.ScopeTrace(() => "Initialize single logout.");
downPartyLinks = downPartyLinks?.Where(p => p.SupportSingleLogout && (initiatingDownParty == null || p.Id != initiatingDownParty.Id));
if (!(downPartyLinks?.Count() > 0) || !(claims?.Count() > 0))
{
return(false, null);
}
var sequenceData = new SingleLogoutSequenceData
{
UpPartyName = upPartyLink.Name,
UpPartyType = upPartyLink.Type,
DownPartyLinks = downPartyLinks,
HostedInIframe = hostedInIframe,
AllowIframeOnDomains = allowIframeOnDomains
};
if (downPartyLinks.Where(p => p.Type == PartyTypes.Saml2).Any())
{
sequenceData.Claims = claims;
}
else
{
sequenceData.Claims = claims.Where(c => c.Claim == JwtClaimTypes.SessionId);
}
await sequenceLogic.SaveSequenceDataAsync(sequenceData);
return(true, sequenceData);
}
public async Task <IActionResult> AuthenticationRequestAsync(UpPartyLink partyLink)
{
throw new NotImplementedException();
}
