protected void Application_AuthenticateRequest(Object sender, EventArgs e) { var context = new HttpContextWrapper(HttpContext.Current); if (!string.IsNullOrEmpty(AuthSettings.EnableAuth) && AuthSettings.EnableAuth.Equals(false.ToString(), StringComparison.OrdinalIgnoreCase)) { context.User = new TryWebsitesPrincipal(new TryWebsitesIdentity("*****@*****.**", null, "Local")); return; } if (!SecurityManager.TryAuthenticateSessionCookie(context)) { // Support requests from non-browsers with bearer headers if (context.IsFunctionsPortalRequest() && !context.IsBrowserRequest() && SecurityManager.TryAuthenticateBearer(context)) { return; } if (SecurityManager.HasToken(context)) { // This is a login redirect SecurityManager.AuthenticateRequest(context); return; } var route = RouteTable.Routes.GetRouteData(context); // If the route is not registerd in the WebAPI RouteTable // then it's not an API route, which means it's a resource (*.js, *.css, *.cshtml), not authenticated. // If the route doesn't have authenticated value assume true var isAuthenticated = route != null && (route.Values["authenticated"] == null || (bool)route.Values["authenticated"]); if (isAuthenticated) { SecurityManager.AuthenticateRequest(context); } else if (context.IsBrowserRequest()) { SecurityManager.HandleAnonymousUser(context); } } }
public HttpResponseMessage LogEvent(string telemetryEvent, JObject properties) { var context = new HttpContextWrapper(HttpContext.Current); if (context.IsBrowserRequest()) { var userName = User != null && User.Identity != null && !string.IsNullOrEmpty(User.Identity.Name) ? User.Identity.Name : "-"; var anonymousUserName = SecurityManager.GetAnonymousUserName(context); if (telemetryEvent.Equals("INIT_USER", StringComparison.OrdinalIgnoreCase)) { var dic = properties != null ? properties.ToObject <Dictionary <string, string> >() : new Dictionary <string, string>(); Func <string, string> cleanUp = (s) => string.IsNullOrEmpty(s) ? "-" : s; var referer = cleanUp(dic.Where(p => p.Key == "origin").Select(p => p.Value).FirstOrDefault()); var cid = cleanUp(dic.Where(p => p.Key == "cid").Select(p => p.Value).FirstOrDefault()); var sv = cleanUp(dic.Where(p => p.Key == "sv").Select(p => p.Value).FirstOrDefault()); SimpleTrace.TraceInformation("{0}; {1}; {2}; {3}; {4}; {5}", AnalyticsEvents.AnonymousUserInit, userName, ExperimentManager.GetCurrentExperiment(), referer, cid, sv ); SimpleTrace.InitializeAnonymousUser(userName, ExperimentManager.GetCurrentExperiment(), referer, cid, sv); } else { SimpleTrace.Analytics.Information(AnalyticsEvents.UiEvent, telemetryEvent, properties); var eventProperties = properties != null ? properties.ToObject <Dictionary <string, string> >().Select(e => e.Value).Aggregate((a, b) => string.Join(",", a, b)) : string.Empty; SimpleTrace.TraceInformation("{0}; {1}; {2}; {3}; {4}", AnalyticsEvents.OldUiEvent, telemetryEvent, userName, eventProperties, anonymousUserName); } } return(Request.CreateResponse(HttpStatusCode.Accepted)); }
protected void Application_AuthenticateRequest(Object sender, EventArgs e) { var context = new HttpContextWrapper(HttpContext.Current); if (!string.IsNullOrEmpty(AuthSettings.EnableAuth) && AuthSettings.EnableAuth.Equals(false.ToString(), StringComparison.OrdinalIgnoreCase)) { context.User = new TryWebsitesPrincipal(new TryWebsitesIdentity("*****@*****.**", null, "Local")); return; } if (!SecurityManager.TryAuthenticateSessionCookie(context)) { // Support requests from non-browsers with bearer headers if (context.IsFunctionsPortalBackendRequest() && !context.IsBrowserRequest() && SecurityManager.TryAuthenticateBearer(context)) { return; } if (SecurityManager.HasToken(context)) { // This is a login SecurityManager.AuthenticateRequest(context); return; } var route = RouteTable.Routes.GetRouteData(context); // If the route is not registered in the WebAPI RouteTable // then it's not an API route, which means it's a resource (*.js, *.css, *.cshtml), not authenticated. // If the route doesn't have authenticated value assume true var isAuthenticated = route != null && (route.Values["authenticated"] == null || (bool)route.Values["authenticated"]); if (isAuthenticated) { SecurityManager.AuthenticateRequest(context); } else if (context.IsBrowserRequest()) { SecurityManager.HandleAnonymousUser(context); } } else //coming in from auth provider . Now lets return to the source (Try Functions) { if (!context.IsBrowserRequest()) { return; } if (context.Request["state"] == null) { return; } if (!context.Request["state"].Contains("appServiceName=Function")) { return; } if (context.User == null) { return; } var cookie = CreateSessionCookieData(context.User); var state = context.Request["state"]; var redirectlocation = state.Split('?')[0]; Response.Redirect($"{redirectlocation}?cookie={cookie}&state={Uri.EscapeDataString(state)}", true); } }