예제 #1
0
        public override async Task <bool> InvokeAsync()
        {
            var        Saml2Path = new PathString(Options.SPOptions.ModulePath);
            PathString remainingPath;

            if (Request.Path.StartsWithSegments(Saml2Path, out remainingPath))
            {
                if (remainingPath == new PathString("/" + CommandFactory.AcsCommandName))
                {
                    var ticket = (MultipleIdentityAuthenticationTicket) await AuthenticateAsync();

                    if (ticket.Identities.Any())
                    {
                        Context.Authentication.SignIn(ticket.Properties, ticket.Identities.ToArray());
                        // No need to redirect here. Command result is applied in AuthenticateCoreAsync.
                    }
                    else
                    {
                        Response.Redirect(ticket.Properties.RedirectUri);
                    }
                    return(true);
                }

                try
                {
                    var result = new CommandFactory().GetCommand(remainingPath.Value)
                                 .Run(await Context.ToHttpRequestData(Options.DataProtector.Unprotect), Options);

                    if (!result.HandledResult)
                    {
                        result.Apply(Context, Options.DataProtector);
                    }

                    return(true);
                }
                catch (Exception ex)
                {
                    Options.SPOptions.Logger.WriteError("Error in Saml2 for " + Request.Path, ex);
                    throw;
                }
            }

            return(false);
        }
예제 #2
0
        protected async override Task <AuthenticationTicket> AuthenticateCoreAsync()
        {
            var acsPath = new PathString(Options.SPOptions.ModulePath)
                          .Add(new PathString("/" + CommandFactory.AcsCommandName));

            if (Request.Path != acsPath)
            {
                return(null);
            }

            var httpRequestData = await Context.ToHttpRequestData(Options.DataProtector.Unprotect);

            try
            {
                var result = new CommandFactory().GetCommand(CommandFactory.AcsCommandName)
                             .Run(httpRequestData, Options);

                if (!result.HandledResult)
                {
                    result.Apply(Context, Options.DataProtector);
                }

                var identities = result.Principal.Identities.Select(i =>
                                                                    new ClaimsIdentity(i, null, Options.SignInAsAuthenticationType, i.NameClaimType, i.RoleClaimType));

                var authProperties = new AuthenticationProperties(result.RelayData);
                authProperties.RedirectUri = result.Location.OriginalString;
                if (result.SessionNotOnOrAfter.HasValue)
                {
                    authProperties.AllowRefresh = false;
                    authProperties.ExpiresUtc   = result.SessionNotOnOrAfter.Value;
                }

                return(new MultipleIdentityAuthenticationTicket(identities, authProperties));
            }
            catch (Exception ex)
            {
                return(CreateErrorAuthenticationTicket(httpRequestData, ex));
            }
        }