public override void UpdateSettings()
{
if (SettingsEditor.IsValid && SettingsEditor.IsDirty)
{
var config = (Auth0ConfigBase)SettingsEditor.DataSource;
Auth0ConfigBase.UpdateConfig(config);
}
}
protected override void OnLoad(EventArgs e)
{
base.OnLoad(e);
Auth0ConfigBase config = Auth0ConfigBase.GetConfig(AuthSystemApplicationName, PortalId);
SettingsEditor.DataSource = config;
SettingsEditor.DataBind();
}
public void Configuration(IAppBuilder app)
{
try
{
#region "SSL settings"
// Remove insecure protocols (SSL3, TLS 1.0, TLS 1.1)
ServicePointManager.SecurityProtocol &= ~SecurityProtocolType.Ssl3;
ServicePointManager.SecurityProtocol &= ~SecurityProtocolType.Tls;
ServicePointManager.SecurityProtocol &= ~SecurityProtocolType.Tls11;
// Add TLS 1.2
ServicePointManager.SecurityProtocol |= SecurityProtocolType.Tls12;
#endregion
Auth0ConfigBase config = Auth0ConfigBase.GetConfig(Constants.PROVIDER_NAME, Helpers.FirstPortalID);
System.Web.Helpers.AntiForgeryConfig.UniqueClaimTypeIdentifier = System.Security.Claims.ClaimTypes.NameIdentifier;
// Configure Auth0 parameters
string auth0Domain = config.Domain;
string auth0ClientId = config.ClientID;
// Enable the Cookie saver middleware to work around a bug in the OWIN implementation
app.UseKentorOwinCookieSaver();
// Set Cookies as default authentication type
app.SetDefaultSignInAsAuthenticationType(Constants.AUTH_TYPE);
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = Constants.AUTH_TYPE,
CookieName = Constants.AUTH_COOKIE_NAME,
});
// Configure Auth0 authentication
app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
{
AuthenticationType = Constants.AUTH_TYPE,
Authority = $"https://{auth0Domain}",
ClientId = auth0ClientId,
Scope = "openid profile email",
ResponseType = OpenIdConnectResponseType.CodeIdToken,
TokenValidationParameters = new TokenValidationParameters
{
NameClaimType = System.Security.Claims.ClaimTypes.NameIdentifier
},
Notifications = new OpenIdConnectAuthenticationNotifications
{
RedirectToIdentityProvider = notification =>
{
DotNetNuke.Entities.Portals.PortalSettings _portalSettings = null;
#region "Get settings from current DNN portal"
if (notification.OwinContext.Environment["System.Web.HttpContextBase"] != null &&
notification.OwinContext.Environment["System.Web.HttpContextBase"] is System.Web.HttpContextWrapper)
{
System.Web.HttpContextWrapper context = notification.OwinContext.Environment["System.Web.HttpContextBase"] as System.Web.HttpContextWrapper;
if (context.Items["PortalSettings"] != null &&
context.Items["PortalSettings"] is DotNetNuke.Entities.Portals.PortalSettings)
{
_portalSettings = context.Items["PortalSettings"] as DotNetNuke.Entities.Portals.PortalSettings;
}
}
#endregion
#region "Get provider settings"
Auth0ConfigBase _providerConfig = null;
if (_portalSettings != null)
{
_providerConfig = Auth0ConfigBase.GetConfig(Constants.PROVIDER_NAME, _portalSettings.PortalId);
}
else
{
logger.Debug("Can't obtain DNN settings, login process terminated!!");
}
#endregion
#region "Set Auth0 coordinates according to the current DNN portal"
if (_portalSettings != null && notification.ProtocolMessage.RequestType != OpenIdConnectRequestType.Logout)
{
notification.Options.Authority = $"https://{_providerConfig.Domain}";
notification.Options.ClientId = _providerConfig.ClientID;
notification.Options.ClientSecret = _providerConfig.ClientSecret;
notification.Options.RedirectUri = _providerConfig.RedirectUri;
notification.Options.CallbackPath = Microsoft.Owin.PathString.FromUriComponent("/Default.aspx");
notification.ProtocolMessage.ClientId = _providerConfig.ClientID;
notification.ProtocolMessage.ClientSecret = _providerConfig.ClientSecret;
notification.ProtocolMessage.RedirectUri = _providerConfig.RedirectUri;
}
#endregion
#region "Log-off code snippet"
else if (notification.ProtocolMessage.RequestType == OpenIdConnectRequestType.Logout)
{
var logoutUri = $"https://{_providerConfig.Domain}/v2/logout?client_id={_providerConfig.ClientID}";
var postLogoutUri = _providerConfig.PostLogoutRedirectUri;
if (!string.IsNullOrEmpty(postLogoutUri))
{
if (postLogoutUri.StartsWith("/"))
{
// transform to absolute
var request = notification.Request;
postLogoutUri = request.Scheme + "://" + request.Host + request.PathBase + postLogoutUri;
}
logoutUri += $"&returnTo={ Uri.EscapeDataString(postLogoutUri)}";
}
notification.Response.Redirect(logoutUri);
notification.HandleResponse();
}
#endregion
#region "Output some diagnistic info"
if (_providerConfig != null && _providerConfig.IsDiagnosticModeEnabled)
{
logger.Debug(string.Format("Redirecting to '{0}' using following coordinates:", notification.Options.Authority));
logger.Debug("Client id: " + notification.Options.ClientId);
logger.Debug("Redirect uri: " + notification.Options.RedirectUri);
logger.Debug("Callback path: " + notification.Options.CallbackPath);
}
#endregion
return(Task.FromResult(0));
},
AuthorizationCodeReceived = async context =>
{
DotNetNuke.Entities.Portals.PortalSettings _portalSettings = null;
#region "Get settings from current DNN portal"
if (context.OwinContext.Environment["System.Web.HttpContextBase"] != null &&
context.OwinContext.Environment["System.Web.HttpContextBase"] is System.Web.HttpContextWrapper)
{
System.Web.HttpContextWrapper _context = context.OwinContext.Environment["System.Web.HttpContextBase"] as System.Web.HttpContextWrapper;
if (_context.Items["PortalSettings"] != null &&
_context.Items["PortalSettings"] is DotNetNuke.Entities.Portals.PortalSettings)
{
_portalSettings = _context.Items["PortalSettings"] as DotNetNuke.Entities.Portals.PortalSettings;
}
}
#endregion
#region "Get provider settings"
Auth0ConfigBase _providerConfig = null;
if (_portalSettings != null)
{
_providerConfig = Auth0ConfigBase.GetConfig(Constants.PROVIDER_NAME, _portalSettings.PortalId);
}
else
{
throw new ArgumentNullException("Can't obtain DNN settings, login process terminated!!");
}
#endregion
GS.Auth0.Components.UserController userController = new GS.Auth0.Components.UserController();
//get or create DNN user
DotNetNuke.Entities.Users.UserInfo _userInfo = userController.User_Create(context.AuthenticationTicket.Identity.Name, _portalSettings, _providerConfig.IsDiagnosticModeEnabled);
if (_userInfo != null)
{
//update DNN user profile
userController.User_Update(
_userInfo,
context.AuthenticationTicket.Identity?.FindFirst(c => c.Type == "nickname")?.Value,
context.AuthenticationTicket.Identity?.FindFirst(c => c.Type == System.Security.Claims.ClaimTypes.Email)?.Value,
_portalSettings.PortalId,
_providerConfig.IsDiagnosticModeEnabled);
DotNetNuke.Security.Membership.UserLoginStatus loginStatus = DotNetNuke.Security.Membership.UserLoginStatus.LOGIN_FAILURE;
UserInfo objUserInfo = DotNetNuke.Entities.Users.UserController.ValidateUser(_portalSettings.PortalId, context.AuthenticationTicket.Identity.Name, "",
Constants.PROVIDER_NAME, "",
_portalSettings.PortalName, "",
ref loginStatus);
//set type of current authentication provider
DotNetNuke.Services.Authentication.AuthenticationController.SetAuthenticationType(Constants.AUTH_TYPE);
DotNetNuke.Entities.Users.UserController.UserLogin(_portalSettings.PortalId, _userInfo, _portalSettings.PortalName, context.OwinContext.Request.RemoteIpAddress, false);
}
else
{
throw new ArgumentNullException(string.Format("Can't create or get user '{0}' from DNN.", context.AuthenticationTicket.Identity.Name));
}
await Task.FromResult(0);
},
AuthenticationFailed = (context) =>
{
//get the error message and send it to the DNN login page
DotNetNuke.Entities.Portals.PortalSettings _portalSettings = null;
#region "Get settings from current DNN portal"
if (context.OwinContext.Environment["System.Web.HttpContextBase"] != null &&
context.OwinContext.Environment["System.Web.HttpContextBase"] is System.Web.HttpContextWrapper)
{
System.Web.HttpContextWrapper _context = context.OwinContext.Environment["System.Web.HttpContextBase"] as System.Web.HttpContextWrapper;
if (_context.Items["PortalSettings"] != null &&
_context.Items["PortalSettings"] is DotNetNuke.Entities.Portals.PortalSettings)
{
_portalSettings = _context.Items["PortalSettings"] as DotNetNuke.Entities.Portals.PortalSettings;
}
}
#endregion
#region "Get provider settings"
Auth0ConfigBase _providerConfig = null;
if (_portalSettings != null)
{
_providerConfig = Auth0ConfigBase.GetConfig(Constants.PROVIDER_NAME, _portalSettings.PortalId);
}
else
{
logger.Error("Can't obtain DNN settings from 'AuthenticationFailed' event, login process terminated!!");
}
#endregion
if (_providerConfig.IsDiagnosticModeEnabled)
{
logger.Error(string.Format("OIDC authentication failed, details: {0}", context.Exception));
}
string redirectUrl = DotNetNuke.Common.Globals.NavigateURL(_portalSettings.LoginTabId, "Login", new string[] { Constants.ALERT_QUERY_STRING + "=" + context.Exception.Message });
context.Response.Redirect(redirectUrl);
context.HandleResponse();
return(Task.FromResult(0));
},
#region "Rest of 'Notification' methods, not in use for now."
//SecurityTokenValidated = notification =>
//{
// return Task.FromResult(0);
//},
//MessageReceived = (context) =>
//{
// return Task.FromResult(0);
//},
#endregion
},
});
}
catch (Exception ex)
{
logger.Error(ex);
}
}