public ActionResult GetAccessToken(string code) { var query = new Dictionary<string, string>(); query.Add("client_id", Constants.GITHUB_CLIENT_ID); query.Add("client_secret", Constants.GITHUB_CLIENT_SEC); query.Add("code", code); query.Add("state", Constants.GITHUB_OAUTH_STATE); // send request JObject resp = Utility.MakeJsonHttpRequest(Constants.GITHUB_AK_URL, query); string accessToken = (string)resp["access_token"]; // call sts and return // build cliam var claim = new ClaimsPrincipal(); var id = new ClaimsIdentity(); id.AddClaim(new Claim(Constants.CLAIM_TYPE_GITHUB_AK, accessToken)); claim.AddIdentity(id); // send claim var sigingCredentials = new X509SigningCredentials(Utility.GetCertificate(Constants.CERTIFICATE_NAME)); var config = new SecurityTokenServiceConfiguration(Constants.ISSUER_NAME, sigingCredentials); var sts = new CustomSecurityTokenService(config); var requestMessage = (SignInRequestMessage)WSFederationMessage.CreateFromUri(Request.Url); var responesMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(requestMessage, claim, sts); var formData = responesMessage.WriteFormPost(); return new ContentResult() { Content = formData, ContentType = "text/html" }; }
private string ProcessSignIn(Uri url, ClaimsPrincipal user) { var requestMessage = (SignInRequestMessage)WSFederationMessage.CreateFromUri(url); var config = new SecurityTokenServiceConfiguration(ConfigurationManager.AppSettings["SecurityTokenServiceEndpointUrl"], SecurityHelper.CreateSignupCredentialsFromConfig()); var encryptionCredentials = SecurityHelper.CreateEncryptingCredentialsFromConfig(); var sts = new CustomSecurityTokenService<AppMember>(WebConfigurationManager.AppSettings["LoginProviderName"], config, encryptionCredentials, _userStore); var responseMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(requestMessage, user, sts); return responseMessage.WriteFormPost(); }
public ActionResult Index() { string action = Request.QueryString[WSFederationConstants.Parameters.Action]; try { if (action == WSFederationConstants.Actions.SignIn) { // Process signin request. var requestMessage = (SignInRequestMessage)WSFederationMessage.CreateFromUri(Request.Url); if (User != null && User.Identity.IsAuthenticated) { var issuerName = WebConfigurationManager.AppSettings[Constants.IssuerName]; var signingCertificateName = WebConfigurationManager.AppSettings[Common.Constants.SigningCertificateName]; var encryptingCertificateName = WebConfigurationManager.AppSettings["EncryptingCertificateName"]; SecurityTokenService sts = new CustomSecurityTokenService(CustomSecurityTokenServiceConfiguration.GetCurrent(issuerName, signingCertificateName), encryptingCertificateName); var responseMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(requestMessage, User, sts); FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse(responseMessage, System.Web.HttpContext.Current.Response); } else { throw new UnauthorizedAccessException(); } } else if (action == WSFederationConstants.Actions.SignOut) { // Process signout request. var requestMessage = (SignOutRequestMessage)WSFederationMessage.CreateFromUri(Request.Url); FederatedPassiveSecurityTokenServiceOperations.ProcessSignOutRequest(requestMessage, User, requestMessage.Reply, System.Web.HttpContext.Current.Response); } else { throw new InvalidOperationException( String.Format(CultureInfo.InvariantCulture, "The action '{0}' (Request.QueryString['{1}']) is unexpected. Expected actions are: '{2}' or '{3}'.", String.IsNullOrEmpty(action) ? "<EMPTY>" : action, WSFederationConstants.Parameters.Action, WSFederationConstants.Actions.SignIn, WSFederationConstants.Actions.SignOut)); } } catch (Exception exception) { throw new Exception("An unexpected error occurred when processing the request. See inner exception for details.", exception); } return View(); }
/// <summary> /// Performs WS-Federation Passive Protocol processing. /// </summary> protected void Page_PreRender( object sender, EventArgs e ) { string action = Request.QueryString[WSFederationConstants.Parameters.Action]; try { if ( action == WSFederationConstants.Actions.SignIn ) { // Process signin request. SignInRequestMessage requestMessage = (SignInRequestMessage)WSFederationMessage.CreateFromUri( Request.Url ); if ( User != null && User.Identity != null && User.Identity.IsAuthenticated ) { SecurityTokenService sts = new CustomSecurityTokenService( CustomSecurityTokenServiceConfiguration.Current ); SignInResponseMessage responseMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest( requestMessage, User, sts ); FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse( responseMessage, Response ); } else { throw new UnauthorizedAccessException(); } } else if ( action == WSFederationConstants.Actions.SignOut ) { // Process signout request. SignOutRequestMessage requestMessage = (SignOutRequestMessage)WSFederationMessage.CreateFromUri( Request.Url ); FederatedPassiveSecurityTokenServiceOperations.ProcessSignOutRequest( requestMessage, User, requestMessage.Reply, Response ); } else { throw new InvalidOperationException( String.Format( CultureInfo.InvariantCulture, "The action '{0}' (Request.QueryString['{1}']) is unexpected. Expected actions are: '{2}' or '{3}'.", String.IsNullOrEmpty(action) ? "<EMPTY>" : action, WSFederationConstants.Parameters.Action, WSFederationConstants.Actions.SignIn, WSFederationConstants.Actions.SignOut ) ); } } catch ( Exception exception ) { throw new Exception( "An unexpected error occurred when processing the request. See inner exception for details.", exception ); } }
/// <summary> /// Performs WS-Federation Passive Protocol processing. /// </summary> protected void Page_PreRender(object sender, EventArgs e) { string action = Request.QueryString[WSFederationConstants.Parameters.Action]; try { if (action == WSFederationConstants.Actions.SignIn) { // Process signin request. SignInRequestMessage requestMessage = (SignInRequestMessage)WSFederationMessage.CreateFromUri(Request.Url); if (User != null && User.Identity != null && User.Identity.IsAuthenticated) { SecurityTokenService sts = new CustomSecurityTokenService(CustomSecurityTokenServiceConfiguration.Current); SignInResponseMessage responseMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(requestMessage, User, sts); FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse(responseMessage, Response); } else { throw new UnauthorizedAccessException(); } } else if (action == WSFederationConstants.Actions.SignOut) { // Process signout request. SignOutRequestMessage requestMessage = (SignOutRequestMessage)WSFederationMessage.CreateFromUri(Request.Url); FederatedPassiveSecurityTokenServiceOperations.ProcessSignOutRequest(requestMessage, User, requestMessage.Reply, Response); } else if (action == null && SocialAuthUser.IsLoggedIn()) { string originalUrl = SocialAuthUser.GetCurrentUser().GetConnection(SocialAuthUser.CurrentProvider).GetConnectionToken().UserReturnURL; //replace ru value int wctxBeginsFrom = originalUrl.IndexOf("wctx="); int wctxEndsAt = originalUrl.IndexOf("&wct="); string wctxContent = originalUrl.Substring(wctxBeginsFrom + 5, wctxEndsAt - (wctxBeginsFrom + 5)); originalUrl = originalUrl.Replace(wctxContent, Server.UrlEncode(wctxContent)); //replace wtrealm value int wtrealmBeginsFrom = originalUrl.IndexOf("wtrealm="); int wtrealmEndsAt = originalUrl.IndexOf("&", wtrealmBeginsFrom); string wtrealmContent = originalUrl.Substring(wtrealmBeginsFrom + 8, wtrealmEndsAt - (wtrealmBeginsFrom + 8)); originalUrl = originalUrl.Replace(wtrealmContent, Server.UrlEncode(wtrealmContent)); SignInRequestMessage requestMessage = (SignInRequestMessage)WSFederationMessage.CreateFromUri(new Uri(originalUrl)); if (User != null && User.Identity != null && User.Identity.IsAuthenticated) { SecurityTokenService sts = new CustomSecurityTokenService(CustomSecurityTokenServiceConfiguration.Current); SignInResponseMessage responseMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(requestMessage, User, sts); FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse(responseMessage, Response); } } else { throw new InvalidOperationException( String.Format(CultureInfo.InvariantCulture, "The action '{0}' (Request.QueryString['{1}']) is unexpected. Expected actions are: '{2}' or '{3}'.", String.IsNullOrEmpty(action) ? "<EMPTY>" : action, WSFederationConstants.Parameters.Action, WSFederationConstants.Actions.SignIn, WSFederationConstants.Actions.SignOut)); } } catch (Exception exception) { throw new Exception("An unexpected error occurred when processing the request. See inner exception for details.", exception); } }
protected void Page_PreRender(object sender, EventArgs e) { string action = Request.QueryString[WSFederationConstants.Parameters.Action]; try { if (action == WSFederationConstants.Actions.SignIn) { var requestMessage = (SignInRequestMessage)WSFederationMessage.CreateFromUri(Request.Url); // need to get the LEA home page URL out of the request message in case the user does not have any claims // Process sign in request. try { if (User != null && User.Identity.IsAuthenticated) { Microsoft.IdentityModel.SecurityTokenService.SecurityTokenService sts = new CustomSecurityTokenService(CustomSecurityTokenServiceConfiguration.Current); SignInResponseMessage responseMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(requestMessage, User, sts); FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse(responseMessage, Response); } else { // append the LEA home page Response.Redirect("UserAccessDenied.aspx", true); } } catch (DashboardsAuthenticationException dae) { RedirectToUserAccessDenied(dae); } catch (UserAccessDeniedException ex) { RedirectToUserAccessDenied(ex); } } else if (action == WSFederationConstants.Actions.SignOut) { // Process sign out request. var requestMessage = (SignOutRequestMessage)WSFederationMessage.CreateFromUri(Request.Url); FederatedPassiveSecurityTokenServiceOperations.ProcessSignOutRequest(requestMessage, User, requestMessage.Reply, Response); } else { throw new InvalidOperationException( String.Format(CultureInfo.InvariantCulture, "The action '{0}' (Request.QueryString['{1}']) is unexpected. Expected actions are: '{2}' or '{3}'.", String.IsNullOrEmpty(action) ? "<EMPTY>" : action, WSFederationConstants.Parameters.Action, WSFederationConstants.Actions.SignIn, WSFederationConstants.Actions.SignOut)); } } catch (ThreadAbortException) { // [System.Threading.ThreadAbortException] = {Unable to evaluate expression because the code is optimized or a native frame is on top of the call stack.} // This appears to be happening because of a Response.Redirect being invoked by the FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest call, // causing the subsequent call to ProcessSignInResponse to fail. However, the token is issued correctly and the redirect occurs, so we have decided to place // a low priority on resolving this. } }