public static ContextualSecurityToken OTPGateChallengeResponse(WorkflowAuthenticationResponse gateResponse,
ref AuthenticationRequiredException authNException,
out WorkflowAuthenticationChallenge workflowAuthenticationChallenge)
{
AuthenticationChallengeResponseType[] authenticationChallengeResponses = null;
if (gateResponse != null)
{
AuthenticationChallengeResponseType authenticationChallengeResponse = new AuthenticationChallengeResponseType();
authenticationChallengeResponse.Response = new ClientSerializer(
typeof(WorkflowAuthenticationResponse)).WriteObjectToXmlElement(gateResponse);
authenticationChallengeResponses = new AuthenticationChallengeResponseType[] { authenticationChallengeResponse };
}
ContextualSecurityToken authNSecurityToken = null;
workflowAuthenticationChallenge = null;
try
{
MessageBuffer messageBuffer;
authNSecurityToken = authNException.Authenticate(authenticationChallengeResponses, out messageBuffer);
}
catch (AuthenticationRequiredException exception)
{
authNException = exception;
workflowAuthenticationChallenge = (WorkflowAuthenticationChallenge) new Microsoft.ResourceManagement.Client.ClientSerializer(
typeof(WorkflowAuthenticationChallenge)).ReadObjectFromXmlNode(
authNException.AuthenticationChallenges[0].Challenge);
}
return(authNSecurityToken);
}
internal static void TestOTPBusiness()
{
AuthenticationRequiredException authnException = null;
WorkflowAuthenticationChallenge workflowAuthenticationChallenge = null;
//Initiate OTP Reset
try
{
OTPReset("ilm-vm-serverad", "jdoe", null, null);
}
catch (AuthenticationRequiredException exception)
{
authnException = exception;
}
//Go to STS to get the challenge
Utilities.OTPGateChallengeResponse(null /* we don't have anything to respond yet*/, ref authnException, out workflowAuthenticationChallenge);
Console.WriteLine(UnicodeEncoding.Unicode.GetString(workflowAuthenticationChallenge.data));
//Now send our challenge response aka the OTP Pin
string otpTestPin = Console.ReadLine();
var workflowChallengeResponse = new WorkflowAuthenticationResponse();
workflowChallengeResponse.data = UnicodeEncoding.Unicode.GetBytes(otpTestPin);
var securityToken = Utilities.OTPGateChallengeResponse(workflowChallengeResponse, ref authnException, out workflowAuthenticationChallenge);
//Now we have a security token. Time to go back to the MT to resubmit our initial request
Utilities.OTPReset("ilm-vm-serverad", "jdoe", securityToken, authnException.InitialContextMessageProperty);
//Bi-winning
}
public static ContextualSecurityToken OTPGateChallengeResponse(WorkflowAuthenticationResponse gateResponse,
ref AuthenticationRequiredException authNException,
out WorkflowAuthenticationChallenge workflowAuthenticationChallenge)
{
AuthenticationChallengeResponseType[] authenticationChallengeResponses = null;
if (gateResponse != null)
{
AuthenticationChallengeResponseType authenticationChallengeResponse = new AuthenticationChallengeResponseType();
authenticationChallengeResponse.Response = new ClientSerializer(
typeof(WorkflowAuthenticationResponse)).WriteObjectToXmlElement(gateResponse);
authenticationChallengeResponses = new AuthenticationChallengeResponseType[] { authenticationChallengeResponse };
}
ContextualSecurityToken authNSecurityToken = null;
workflowAuthenticationChallenge = null;
try
{
MessageBuffer messageBuffer;
authNSecurityToken = authNException.Authenticate(authenticationChallengeResponses, out messageBuffer);
}
catch (AuthenticationRequiredException exception)
{
authNException = exception;
workflowAuthenticationChallenge = (WorkflowAuthenticationChallenge)new Microsoft.ResourceManagement.Client.ClientSerializer(
typeof(WorkflowAuthenticationChallenge)).ReadObjectFromXmlNode(
authNException.AuthenticationChallenges[0].Challenge);
}
return authNSecurityToken;
}
protected void sendOTPButton_Click(object sender, EventArgs e)
{
AuthenticationRequiredException authnException = null;
WorkflowAuthenticationChallenge workflowAuthenticationChallenge = null;
string[] userDetails = this.domainUserName.Text.Split('\\');
//Initiate OTP Reset
try
{
Utilities.OTPReset(userDetails[0], userDetails[1], null, null);
}
catch (AuthenticationRequiredException exception)
{
authnException = exception;
}
//Go to STS to get the challenge
Utilities.OTPGateChallengeResponse(null /* we don't have anything to respond yet*/, ref authnException, out workflowAuthenticationChallenge);
this.otpGateInstructions.Text = UnicodeEncoding.Unicode.GetString(workflowAuthenticationChallenge.data);
HttpContext.Current.Cache.Insert("authNExcep", authnException);
stage = 1;
ScriptManager sm = ScriptManager.GetCurrent(Page);
if (sm.IsInAsyncPostBack)
{
ScriptManager.RegisterClientScriptBlock(this.Page, this.GetType(), "anotherKey", "available_indexes.push(" + stage + ");$('#accordion').accordion('activate', " + stage + ");", true);
}
}
public void OnException(ExceptionContext filterContext)
{
if (filterContext.ExceptionHandled)
{
return;
}
var appException = new AppException();
var statusCode = HttpStatusCode.InternalServerError;
if (filterContext.Exception is HttpException)
{
statusCode = (HttpStatusCode)(filterContext.Exception as HttpException).GetHttpCode();
switch (statusCode)
{
case HttpStatusCode.BadRequest:
{
appException = new AppException(filterContext.Exception.Message, "ER400", HttpStatusCode.BadRequest);
break;
}
case HttpStatusCode.Unauthorized:
{
appException = new AuthenticationRequiredException(filterContext.Exception.Message);
break;
}
case HttpStatusCode.Forbidden:
{
appException = new AccessDeniedException(filterContext.Exception.Message);
break;
}
case HttpStatusCode.InternalServerError:
{
appException = new AppException(filterContext.Exception.Message);
break;
}
case HttpStatusCode.NotFound:
{
appException = new EntityNotFoundException(filterContext.Exception.Message);
break;
}
}
}
else
{
try
{
filterContext.Exception.Handle();
}
catch (AppException ex)
{
appException = ex;
}
}
filterContext.Exception = appException;
statusCode = appException.HttpStatus;
var result = CreateActionResult(filterContext, statusCode);
filterContext.Result = result;
// Prepare the response code.
filterContext.ExceptionHandled = true;
filterContext.HttpContext.Response.Clear();
filterContext.HttpContext.Response.StatusCode = (int)statusCode;
filterContext.HttpContext.Response.TrySkipIisCustomErrors = true;
}