public async Task <IActionResult> AssertionConsumerService() { // Receive and process the SAML assertion contained in the SAML response. // The SAML response is received either as part of IdP-initiated or SP-initiated SSO. var ssoResult = await _samlServiceProvider.ReceiveSsoAsync(); if (string.IsNullOrEmpty(ssoResult.RelayState)) { // This was a test initiated from the manage page return(RedirectToAction("Index", "Manage", new { Message = ManageController.ManageMessageId.TestSamlSuccess })); } // This is a mess, but there's no other way to find the current user because // this controller hides the current identity for some reason var user = await _userManager.FindByIdAsync(ssoResult.RelayState.Split(',')[0]); var universityService = new UniversityService(new SqlUniversityRepository(_dbContext)); var university = await universityService.FindByIdAsync(int.Parse(ssoResult.RelayState.Split(',')[1])); var authConfigService = new AuthConfigService(new SqlAuthConfigRepository(_dbContext), null); var authConfig = await authConfigService.GetConfigAsync(university); await universityService.JoinAsync(user, university, authConfig.OverrideUsernames?ssoResult.UserID : null); return(RedirectToAction("Index", "Chat")); }
public async Task <IActionResult> AssertionConsumerService() { var ssoResult = await _samlServiceProvider.ReceiveSsoAsync(); var user = await _userManager.FindByNameAsync(ssoResult.UserID); if (user == null) { user = new IdentityUser { UserName = ssoResult.UserID, Email = ssoResult.UserID }; var result = await _userManager.CreateAsync(user); if (!result.Succeeded) { throw new Exception($"The user {ssoResult.UserID} couldn't be created - {result}"); } } await _signInManager.SignInAsync(user, isPersistent : false); bool flag = _signInManager.IsSignedIn(User); if (!string.IsNullOrEmpty(ssoResult.RelayState)) { return(LocalRedirect(ssoResult.RelayState)); } return(LocalRedirect("/index")); }
public async Task <IActionResult> AssertionConsumerService() { // Receive and process the SAML assertion contained in the SAML response. // The SAML response is received either as part of IdP-initiated or SP-initiated SSO. var ssoResult = await _samlServiceProvider.ReceiveSsoAsync(); // Automatically provision the user. // If the user doesn't exist locally then create the user. // Automatic provisioning is an optional step. var user = await _userManager.FindByEmailAsync(ssoResult.UserID); //ApplicationUser user = null; //if (user == null) //{ // user = new ApplicationUser { UserName = ssoResult.UserID, Email = ssoResult.UserID }; // var result = await _userManager.CreateAsync(user); // if (!result.Succeeded) // { // throw new Exception($"The user {ssoResult.UserID} couldn't be created - {result}"); // } // // For demonstration purposes, create some additional claims. // if (ssoResult.Attributes != null) // { // var samlAttribute = ssoResult.Attributes.SingleOrDefault(a => a.Name == ClaimTypes.Email); // if (samlAttribute != null) // { // await _userManager.AddClaimAsync(user, new Claim(ClaimTypes.Email, samlAttribute.ToString())); // } // samlAttribute = ssoResult.Attributes.SingleOrDefault(a => a.Name == ClaimTypes.GivenName); // if (samlAttribute != null) // { // await _userManager.AddClaimAsync(user, new Claim(ClaimTypes.GivenName, samlAttribute.ToString())); // } // samlAttribute = ssoResult.Attributes.SingleOrDefault(a => a.Name == ClaimTypes.Surname); // if (samlAttribute != null) // { // await _userManager.AddClaimAsync(user, new Claim(ClaimTypes.Surname, samlAttribute.ToString())); // } // } //} //// Automatically login using the asserted identity. // await _signInManager.SignInAsync(user, isPersistent: true); var claims = new List <Claim> { new Claim(ClaimTypes.Email, user.Email), new Claim(ClaimTypes.NameIdentifier, user.UserName), new Claim("UserID", user.UserID.ToString()), new Claim("RoleID", user.RoleID.ToString()), }; var authProperties = new AuthenticationProperties { AllowRefresh = true, IsPersistent = true }; await _signInManager.SignInWithClaimsAsync(user, authProperties, claims); //var claimsIdentity = new ClaimsIdentity( // claims, CookieAuthenticationDefaults.AuthenticationScheme); //var authProperties = new AuthenticationProperties //{ // AllowRefresh = <bool>, // Refreshing the authentication session should be allowed. // ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(10), // The time at which the authentication ticket expires. A // value set here overrides the ExpireTimeSpan option of // CookieAuthenticationOptions set with AddCookie. // IsPersistent = true, // Whether the authentication session is persisted across // multiple requests. When used with cookies, controls // whether the cookie's lifetime is absolute (matching the // lifetime of the authentication ticket) or session-based. // IssuedUtc = <DateTimeOffset>, // The time at which the authentication ticket was issued. // RedirectUri = <string> // The full path or absolute URI to be used as an http // redirect response value. //}; //await HttpContext.SignInAsync( // CookieAuthenticationDefaults.AuthenticationScheme, // new ClaimsPrincipal(claimsIdentity), // authProperties); // Redirect to the target URL if specified. if (!string.IsNullOrEmpty(ssoResult.RelayState)) { return(LocalRedirect(ssoResult.RelayState)); } return(RedirectToAction("Index", "Home")); }
public async Task <IActionResult> AssertionConsumerService() { // Receive and process the SAML assertion contained in the SAML response. // The SAML response is received either as part of IdP-initiated or SP-initiated SSO. var ssoResult = await _samlServiceProvider.ReceiveSsoAsync(); // Automatically provision the user. // If the user doesn't exist locally then create the user. // Automatic provisioning is an optional step. var user = await _userManager.FindByNameAsync(ssoResult.UserID); if (user == null) { user = new IdentityUser { UserName = ssoResult.UserID, Email = ssoResult.UserID }; var result = await _userManager.CreateAsync(user); if (!result.Succeeded) { throw new Exception($"The user {ssoResult.UserID} couldn't be created - {result}"); } // For demonstration purposes, create some additional claims. if (ssoResult.Attributes != null) { var samlAttribute = ssoResult.Attributes.SingleOrDefault(a => a.Name == ClaimTypes.Email); if (samlAttribute != null) { await _userManager.AddClaimAsync(user, new Claim(ClaimTypes.Email, samlAttribute.ToString())); } samlAttribute = ssoResult.Attributes.SingleOrDefault(a => a.Name == ClaimTypes.GivenName); if (samlAttribute != null) { await _userManager.AddClaimAsync(user, new Claim(ClaimTypes.GivenName, samlAttribute.ToString())); } samlAttribute = ssoResult.Attributes.SingleOrDefault(a => a.Name == ClaimTypes.Surname); if (samlAttribute != null) { await _userManager.AddClaimAsync(user, new Claim(ClaimTypes.Surname, samlAttribute.ToString())); } } } // Automatically login using the asserted identity. await _signInManager.SignInAsync(user, isPersistent : false); // Redirect to the target URL if specified. if (!string.IsNullOrEmpty(ssoResult.RelayState)) { return(LocalRedirect(ssoResult.RelayState)); } return(Ok(new { message = " User logged in " })); }