public async Task <IActionResult> AssertionConsumerService()
{
// Receive and process the SAML assertion contained in the SAML response.
// The SAML response is received either as part of IdP-initiated or SP-initiated SSO.
var ssoResult = await _samlServiceProvider.ReceiveSsoAsync();
if (string.IsNullOrEmpty(ssoResult.RelayState))
{
// This was a test initiated from the manage page
return(RedirectToAction("Index", "Manage", new { Message = ManageController.ManageMessageId.TestSamlSuccess }));
}
// This is a mess, but there's no other way to find the current user because
// this controller hides the current identity for some reason
var user = await _userManager.FindByIdAsync(ssoResult.RelayState.Split(',')[0]);
var universityService = new UniversityService(new SqlUniversityRepository(_dbContext));
var university = await universityService.FindByIdAsync(int.Parse(ssoResult.RelayState.Split(',')[1]));
var authConfigService = new AuthConfigService(new SqlAuthConfigRepository(_dbContext), null);
var authConfig = await authConfigService.GetConfigAsync(university);
await universityService.JoinAsync(user, university, authConfig.OverrideUsernames?ssoResult.UserID : null);
return(RedirectToAction("Index", "Chat"));
}
public async Task <IActionResult> AssertionConsumerService()
{
var ssoResult = await _samlServiceProvider.ReceiveSsoAsync();
var user = await _userManager.FindByNameAsync(ssoResult.UserID);
if (user == null)
{
user = new IdentityUser {
UserName = ssoResult.UserID, Email = ssoResult.UserID
};
var result = await _userManager.CreateAsync(user);
if (!result.Succeeded)
{
throw new Exception($"The user {ssoResult.UserID} couldn't be created - {result}");
}
}
await _signInManager.SignInAsync(user, isPersistent : false);
bool flag = _signInManager.IsSignedIn(User);
if (!string.IsNullOrEmpty(ssoResult.RelayState))
{
return(LocalRedirect(ssoResult.RelayState));
}
return(LocalRedirect("/index"));
}
public async Task <IActionResult> AssertionConsumerService()
{
// Receive and process the SAML assertion contained in the SAML response.
// The SAML response is received either as part of IdP-initiated or SP-initiated SSO.
var ssoResult = await _samlServiceProvider.ReceiveSsoAsync();
// Automatically provision the user.
// If the user doesn't exist locally then create the user.
// Automatic provisioning is an optional step.
var user = await _userManager.FindByEmailAsync(ssoResult.UserID);
//ApplicationUser user = null;
//if (user == null)
//{
// user = new ApplicationUser { UserName = ssoResult.UserID, Email = ssoResult.UserID };
// var result = await _userManager.CreateAsync(user);
// if (!result.Succeeded)
// {
// throw new Exception($"The user {ssoResult.UserID} couldn't be created - {result}");
// }
// // For demonstration purposes, create some additional claims.
// if (ssoResult.Attributes != null)
// {
// var samlAttribute = ssoResult.Attributes.SingleOrDefault(a => a.Name == ClaimTypes.Email);
// if (samlAttribute != null)
// {
// await _userManager.AddClaimAsync(user, new Claim(ClaimTypes.Email, samlAttribute.ToString()));
// }
// samlAttribute = ssoResult.Attributes.SingleOrDefault(a => a.Name == ClaimTypes.GivenName);
// if (samlAttribute != null)
// {
// await _userManager.AddClaimAsync(user, new Claim(ClaimTypes.GivenName, samlAttribute.ToString()));
// }
// samlAttribute = ssoResult.Attributes.SingleOrDefault(a => a.Name == ClaimTypes.Surname);
// if (samlAttribute != null)
// {
// await _userManager.AddClaimAsync(user, new Claim(ClaimTypes.Surname, samlAttribute.ToString()));
// }
// }
//}
//// Automatically login using the asserted identity.
// await _signInManager.SignInAsync(user, isPersistent: true);
var claims = new List <Claim>
{
new Claim(ClaimTypes.Email, user.Email),
new Claim(ClaimTypes.NameIdentifier, user.UserName),
new Claim("UserID", user.UserID.ToString()),
new Claim("RoleID", user.RoleID.ToString()),
};
var authProperties = new AuthenticationProperties
{
AllowRefresh = true,
IsPersistent = true
};
await _signInManager.SignInWithClaimsAsync(user, authProperties, claims);
//var claimsIdentity = new ClaimsIdentity(
// claims, CookieAuthenticationDefaults.AuthenticationScheme);
//var authProperties = new AuthenticationProperties
//{
// AllowRefresh = <bool>,
// Refreshing the authentication session should be allowed.
// ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(10),
// The time at which the authentication ticket expires. A
// value set here overrides the ExpireTimeSpan option of
// CookieAuthenticationOptions set with AddCookie.
// IsPersistent = true,
// Whether the authentication session is persisted across
// multiple requests. When used with cookies, controls
// whether the cookie's lifetime is absolute (matching the
// lifetime of the authentication ticket) or session-based.
// IssuedUtc = <DateTimeOffset>,
// The time at which the authentication ticket was issued.
// RedirectUri = <string>
// The full path or absolute URI to be used as an http
// redirect response value.
//};
//await HttpContext.SignInAsync(
// CookieAuthenticationDefaults.AuthenticationScheme,
// new ClaimsPrincipal(claimsIdentity),
// authProperties);
// Redirect to the target URL if specified.
if (!string.IsNullOrEmpty(ssoResult.RelayState))
{
return(LocalRedirect(ssoResult.RelayState));
}
return(RedirectToAction("Index", "Home"));
}
public async Task <IActionResult> AssertionConsumerService()
{
// Receive and process the SAML assertion contained in the SAML response.
// The SAML response is received either as part of IdP-initiated or SP-initiated SSO.
var ssoResult = await _samlServiceProvider.ReceiveSsoAsync();
// Automatically provision the user.
// If the user doesn't exist locally then create the user.
// Automatic provisioning is an optional step.
var user = await _userManager.FindByNameAsync(ssoResult.UserID);
if (user == null)
{
user = new IdentityUser {
UserName = ssoResult.UserID, Email = ssoResult.UserID
};
var result = await _userManager.CreateAsync(user);
if (!result.Succeeded)
{
throw new Exception($"The user {ssoResult.UserID} couldn't be created - {result}");
}
// For demonstration purposes, create some additional claims.
if (ssoResult.Attributes != null)
{
var samlAttribute = ssoResult.Attributes.SingleOrDefault(a => a.Name == ClaimTypes.Email);
if (samlAttribute != null)
{
await _userManager.AddClaimAsync(user, new Claim(ClaimTypes.Email, samlAttribute.ToString()));
}
samlAttribute = ssoResult.Attributes.SingleOrDefault(a => a.Name == ClaimTypes.GivenName);
if (samlAttribute != null)
{
await _userManager.AddClaimAsync(user, new Claim(ClaimTypes.GivenName, samlAttribute.ToString()));
}
samlAttribute = ssoResult.Attributes.SingleOrDefault(a => a.Name == ClaimTypes.Surname);
if (samlAttribute != null)
{
await _userManager.AddClaimAsync(user, new Claim(ClaimTypes.Surname, samlAttribute.ToString()));
}
}
}
// Automatically login using the asserted identity.
await _signInManager.SignInAsync(user, isPersistent : false);
// Redirect to the target URL if specified.
if (!string.IsNullOrEmpty(ssoResult.RelayState))
{
return(LocalRedirect(ssoResult.RelayState));
}
return(Ok(new { message = " User logged in " }));
}
