public async Task <IHttpActionResult> LoginExternal(string signin, string provider)
{
Logger.InfoFormat("External login requested for provider: {0}", provider);
if (provider.IsMissing())
{
Logger.Error("No provider passed");
return(RenderErrorPage(localizationService.GetMessage(MessageIds.NoExternalProvider)));
}
if (signin.IsMissing())
{
Logger.Error("No signin id passed");
return(RenderErrorPage(localizationService.GetMessage(MessageIds.NoSignInCookie)));
}
var signInMessage = signInMessageCookie.Read(signin);
if (signInMessage == null)
{
Logger.Error("No cookie matching signin id found");
return(RenderErrorPage(localizationService.GetMessage(MessageIds.NoSignInCookie)));
}
if (!(await clientStore.IsValidIdentityProviderAsync(signInMessage.ClientId, provider)))
{
Logger.ErrorFormat("Provider {0} not allowed for client: {1}", provider, signInMessage.ClientId);
return(RenderErrorPage());
}
var authProp = new Microsoft.Owin.Security.AuthenticationProperties
{
RedirectUri = Url.Route(Constants.RouteNames.LoginExternalCallback, null)
};
// add the id to the dictionary so we can recall the cookie id on the callback
authProp.Dictionary.Add(Constants.Authentication.SigninId, signin);
authProp.Dictionary.Add(Constants.Authentication.KatanaAuthenticationType, provider);
context.Authentication.Challenge(authProp, provider);
return(Unauthorized());
}
public async Task <IHttpActionResult> LoginExternal(string signin, string provider)
{
Logger.InfoFormat("External login requested for provider: {0}", provider);
if (provider.IsMissing())
{
Logger.Error("No provider passed");
return(RenderErrorPage(localizationService.GetMessage(MessageIds.NoExternalProvider)));
}
if (provider.Length > options.InputLengthRestrictions.IdentityProvider)
{
Logger.Error("Provider parameter passed was larger than max length");
return(RenderErrorPage());
}
if (signin.IsMissing())
{
Logger.Info("No signin id passed");
return(HandleNoSignin());
}
if (signin.Length > MaxSignInMessageLength)
{
Logger.Error("Signin parameter passed was larger than max length");
return(RenderErrorPage());
}
var signInMessage = signInMessageCookie.Read(signin);
if (signInMessage == null)
{
Logger.Info("No cookie matching signin id found");
return(HandleNoSignin());
}
if (!(await clientStore.IsValidIdentityProviderAsync(signInMessage.ClientId, provider)))
{
var msg = String.Format("External login error: provider {0} not allowed for client: {1}", provider, signInMessage.ClientId);
Logger.ErrorFormat(msg);
await eventService.RaiseFailureEndpointEventAsync(EventConstants.EndpointNames.Authenticate, msg);
return(RenderErrorPage());
}
if (context.IsValidExternalAuthenticationProvider(provider) == false)
{
var msg = String.Format("External login error: provider requested {0} is not a configured external provider", provider);
Logger.ErrorFormat(msg);
await eventService.RaiseFailureEndpointEventAsync(EventConstants.EndpointNames.Authenticate, msg);
return(RenderErrorPage());
}
var authProp = new Microsoft.Owin.Security.AuthenticationProperties
{
RedirectUri = Url.Route(Constants.RouteNames.LoginExternalCallback, null)
};
Logger.Info("Triggering challenge for external identity provider");
// add the id to the dictionary so we can recall the cookie id on the callback
authProp.Dictionary.Add(Constants.Authentication.SigninId, signin);
authProp.Dictionary.Add(Constants.Authentication.KatanaAuthenticationType, provider);
context.Authentication.Challenge(authProp, provider);
return(Unauthorized());
}
