/// <summary>
/// This will locate the FedAuth cookie, add it to the cookie container and return it.
/// </summary>
/// <param name="wctx"></param>
/// <param name="wtrealm"></param>
/// <param name="wreply"></param>
/// <param name="corpStsUrl"></param>
/// <param name="userid"></param>
/// <param name="password"></param>
/// <returns></returns>
public static CookieContainer AttachCookie(string webUrl, string wctx, string wtrealm, string wreply, string corpStsUrl, string userid, string password)
{
if (cc == null || wtrealm != _wtrealm || cc.GetCookies(new Uri(webUrl))["FedAuth"] == null || cc.GetCookies(new Uri(webUrl))["FedAuth"].Expired)
{
try
{
_wtrealm = wtrealm;
cc = new CookieContainer();
Cookie samlAuth = new Cookie("FedAuth", AdfsHelper.GetFedAuthCookie(wctx, wtrealm, wreply, corpStsUrl, userid, password));
samlAuth.Expires = DateTime.Now.AddHours(1);
samlAuth.Path = "/";
samlAuth.Secure = true;
samlAuth.HttpOnly = true;
Uri samlUri = new Uri(webUrl);
samlAuth.Domain = samlUri.Host;
cc.Add(samlAuth);
}
catch
{
/* Invalidate Cookie */
InValidateCookie();
throw;
}
}
return(cc);
}
/// <summary>
/// Make an ADFS call to get the FedAuth cookie
/// </summary>
/// <param name="wctx"></param>
/// <param name="wtrealm"></param>
/// <param name="wreply"></param>
/// <param name="corpStsUrl"></param>
/// <param name="userid"></param>
/// <param name="password"></param>
/// <returns></returns>
private static string GetFedAuthCookie(string wctx, string wtrealm, string wreply, string corpStsUrl, string userid, string password)
{
var sharepointSite = new
{
Wctx = wctx,
Wtrealm = wtrealm,
Wreply = wreply
};
var credentials = new { Username = userid, Password = password };
//
// Get token from STS
//
string stsResponse = AdfsHelper.GetResponse(
corpStsUrl,
sharepointSite.Wtrealm,
credentials.Username,
credentials.Password);
//
// Generate response to Sharepoint
//
string stringData = String.Format("wa=wsignin1.0&wctx={0}&wresult={1}",
Uri.EscapeDataString(sharepointSite.Wctx),
Uri.EscapeDataString(stsResponse));
HttpWebRequest sharepointRequest = HttpWebRequest.Create(sharepointSite.Wreply) as HttpWebRequest;
sharepointRequest.Method = "POST";
sharepointRequest.ContentType = "application/x-www-form-urlencoded";
sharepointRequest.CookieContainer = new CookieContainer();
sharepointRequest.AllowAutoRedirect = false; // This is important
Stream newStream = sharepointRequest.GetRequestStream();
byte[] data = Encoding.UTF8.GetBytes(stringData);
newStream.Write(data, 0, data.Length);
newStream.Close();
HttpWebResponse webResponse = sharepointRequest.GetResponse() as HttpWebResponse;
string fedAuth = webResponse.Cookies["FedAuth"].Value;
webResponse.Close();
//todo: large cookie may be chunked: FedAuth, FedAuth1, FedAuth2, etc
// Need to get all chunks and send back.
return(fedAuth);
}
