/// <summary>
/// Resend the authentication call to the SSO service
/// </summary>
private void RetryAuth()
{
var uName = Convert.ToString(Session["uname"]);
var pwd = Convert.ToString(Session["pwd"]);
var vendorToken = RijndaelAlgorithm.GetVendorToken(Request.Url.AbsoluteUri.Split('&')[0], _personifySsoVendorPassword, _personifySsoVendorBlock, uName, pwd, true);
var url = string.Format("{0}?vi={1}&vt={2}", PersonifyAutoLoginUrl, PersonifyVendorID, vendorToken);
Response.Redirect(url);
}
protected void Page_InIt(object sender, EventArgs e)
{
var vendorPassword = ConfigurationManager.AppSettings["PersonifySSO_Password"].ToString();
var vendorBlock = ConfigurationManager.AppSettings["PersonifySSO_Block"].ToString();
var vendorId = ConfigurationManager.AppSettings["PersonifySSO_VendorID"];
var encryptedVendorToken = RijndaelAlgorithm.GetVendorToken(Request.Url.AbsoluteUri, vendorPassword,
vendorBlock, "Username", "Password", true);
PersonifyControlBase objbase = new PersonifyControlBase();
// var ctrl = new Personify.WebControls.ShoppingCart.UI.CartPreviewControl();
var ctrl = new Personify.WebControls.Profile.UI.PurchaseHistory();
PersonifyControlBase obbase = new PersonifyControlBase();
objbase.InitPersonifyWebControl(ctrl);
phPersonifyControl.Controls.Add(ctrl);
}
public void SSOWebServiceTestHarness2()
{
try
{
var username = "******";
var password = "******";
var service = new com.personifycloud.smemitst.service();
var vendorToken = RijndaelAlgorithm.GetVendorToken("http://testpage.com/", PersonifyVendorPassword, PersonifyVendorBlock, username, password, true);
var url = string.Format("{0}?vi={1}&vt={2}", PersonifyAutoLoginUrl, PersonifyVendorID, vendorToken);
System.Net.HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url);
request.AutomaticDecompression = DecompressionMethods.GZip;
var html = string.Empty;
var querystringDictionary = new Dictionary <string, string>();
using (HttpWebResponse response = (HttpWebResponse)request.GetResponse())
using (Stream stream = response.GetResponseStream())
using (StreamReader reader = new StreamReader(stream))
{
html = reader.ReadToEnd();
var queryString = response.ResponseUri.Query;
if (queryString.StartsWith("?"))
{
queryString = queryString.Substring(1);
foreach (var pair in queryString.Split(new char[] { '&' }))
{
var items = pair.Split(new char[] { '=' });
if (items != null && items.Length == 2)
{
querystringDictionary.Add(items.First(), items.Last());
}
}
}
}
if (querystringDictionary.ContainsKey("ct"))
{
var encryptedCT = querystringDictionary["ct"];
var r = service.CustomerTokenDecrypt(PersonifyVendorName, PersonifyVendorPassword, PersonifyVendorBlock, encryptedCT);
///this should decrypt into a guid looking thing. Sometimes the webservice returns a corrupt string. When that happens, should we just retry?
var customerToken = r.CustomerToken;
var tokenIsValidResult = service.SSOCustomerTokenIsValid(PersonifyVendorName, PersonifyVendorPassword, customerToken);
if (tokenIsValidResult.Valid)
{
customerToken = tokenIsValidResult.NewCustomerToken;
var result = service.SSOCustomerGetByCustomerToken(PersonifyVendorName, PersonifyVendorPassword, customerToken);
if (result != null && result.UserExists)
{
var userExists = result.UserExists;
var userName = result.UserName;
var email = result.Email;
var flag = result.DisableAccountFlag;
//for giggles
var ciResult = service.TIMSSCustomerIdentifierGet(PersonifyVendorName, PersonifyVendorPassword, customerToken);
if (ciResult == null || String.IsNullOrEmpty(ciResult.CustomerIdentifier))
{
var identifier = "0517438|0";
var identifierSetResult = service.TIMSSCustomerIdentifierSet(PersonifyVendorName, PersonifyVendorPassword, userName, identifier);
if (identifierSetResult.CustomerIdentifier == identifier)
{
System.Console.WriteLine(identifierSetResult.CustomerIdentifier);
}
}
var imsService = new com.personifycloud.smemitst1.IMService();
var allRolesResult = imsService.IMSVendorRolesGet(PersonifyVendorName, PersonifyVendorPassword);
var groupResult = imsService.IMSCustomerRoleGet(PersonifyVendorName, PersonifyVendorPassword, customerToken);
if (groupResult != null && groupResult.CustomerRoles != null)
{
foreach (var customerRole in groupResult.CustomerRoles)
{
if (customerRole != null && !String.IsNullOrEmpty(customerRole.Value))
{
var aRole = customerRole.Value;
aRole.Equals(aRole);
}
}
}
}
}
}
}
catch (Exception ex)
{
System.Console.WriteLine(ex.ToString());
}
}
/// <summary>
/// Logic to handle SSO sign in/out and user reauthorization
/// </summary>
protected void Page_Load(object sender, EventArgs e)
{
// Did user log out?
CheckForLogout();
// Do we need to reauthorize user?
ReAuthorizeCheck();
Session[PersonifySessionKey] = null;
// Check for empty session values
if (Session[UserNameSessionKey] == null || (string)Session[PasswordSessionKey] == null)
{
ReAuthorizeFail();
}
var username = (string)Session[UserNameSessionKey];
var password = (string)Session[PasswordSessionKey];
// Logic to handle retry
if (Session[RetryCountSessionKey] == null)
{
Session[RetryCountSessionKey] = 0;
}
else if ((int)Session[RetryCountSessionKey] == 5)
{
Session[RetryCountSessionKey] = null;
EventLogProvider.LogException("SSOHandler", "Retry", new Exception("Cannot resolve username and password with autologin. Exceeded retry limit."), SiteContext.CurrentSiteID);
URLHelper.Redirect(_loginErrorUrl);
}
else
{
var current = (int)Session[RetryCountSessionKey] + 1;
Session[RetryCountSessionKey] = current;
}
// Get customer from Personify
var ssoCustomer = ssoClient.SSOCustomerGetByUsername(_personifySsoVendorName, _personifySsoVendorPassword, username);
// Check if Customer exists in Personify
if (ssoCustomer == null)
{
EventLogProvider.LogException("SSOHandler", "LookupCustomer", new Exception("ssoCustomer does not exist for given username."), SiteContext.CurrentSiteID);
URLHelper.Redirect(_loginErrorUrl);
//throw new Exception("ssoCustomer does not exist for given username.");
}
// Get Token from Personify Request
var customerToken = Request.QueryString["ct"];
var decryptedToken = String.Empty;
var rememberMe = Session[RememberMeSessionKey] != null ? (bool)Session[RememberMeSessionKey] : false;
// If decrypted token is not empty and valid, then proceed to log in
if (!string.IsNullOrEmpty(customerToken) && isValidToken(decryptedToken = DecryptCustomerToken(customerToken)))
{
Session[PersonifySessionKey] = decryptedToken;
// Verify Kentico User
VerifyKenticoUser(decryptedToken, username);
// Log in to Kentico
AuthenticationHelper.AuthenticateUser(username, rememberMe);
// Set SSO Token cookie
var ssoToken = new HttpCookie(SSOTokenCookie, decryptedToken);
ssoToken.Expires = DateTime.Now.AddDays(90);
Response.Cookies.Add(ssoToken);
SessionHelper.Remove("VendorToken");
RedirectToDesiredURL();
}
else
{
//we don't have a valid token, initiate Retry
String returnURL = HttpContext.Current.Request.Url.AbsoluteUri;
if (!String.IsNullOrEmpty(HttpContext.Current.Request.Url.Query))
{
returnURL = returnURL.Replace(HttpContext.Current.Request.Url.Query, "");
}
var encryptedVendorToken = RijndaelAlgorithm.GetVendorToken(returnURL, _personifySsoVendorPassword, _personifySsoVendorBlock, username, password, rememberMe);
SessionHelper.SetValue("VendorToken", encryptedVendorToken);
var url = string.Format("{0}?vi={1}&vt={2}", _personifyAutoLoginUrl, _personifyVendorID, encryptedVendorToken);
Response.Redirect(url);
}
}
private void LoginMember(string Username, string Password, bool RememberMember)
{
try
{
var vendorPassword = ConfigurationManager.AppSettings["PersonifySSO_Password"].ToString();
var vendorBlock = ConfigurationManager.AppSettings["PersonifySSO_Block"].ToString();
var vendorId = ConfigurationManager.AppSettings["PersonifySSO_VendorID"];
string returnURl = Request.Url.AbsoluteUri;
string fullUrl = Request.RawUrl;
if (Request.QueryString["ReturnUrl"] != null)
{
// string url = Request.Url.ToString();
// Uri originalUrl = new Uri(url); // Request.Url
// string domainUrl = String.Concat(originalUrl.Scheme, Uri.SchemeDelimiter, originalUrl.Host); // http://www.mydomain.com
//// UrlParameterHelper.ConstructURLWithExistingQueryString(Step2Url, Request.QueryString, QueryStringParametersToPreserve);
// returnURl = domainUrl + "/CMSPages/PortalTemplate.aspx?aliaspath=" + Request.QueryString["ReturnUrl"].ToString();
string Rurl = fullUrl.Replace("?site=sme&", "?");
Rurl = Rurl.ToLower().Replace("/memberredirect/default.aspx?returnurl=", "");
Rurl = Rurl.Replace("&site=sme", "");
if (Request.QueryString["ReturnUrl"].ToString().ToLower().Contains("personifyebusiness"))
{
if ((Request.QueryString["ReturnUrl"].ToString().ToLower().Contains("http://")))///check if user is redirected from Personify Pages
{
string urlRed = Server.UrlDecode(Request.QueryString["ReturnUrl"].ToString().ToLower());
string login = "******";
urlRed.Replace("http://smemi.personifycloud.com/", "");
Session["redirectUrl"] = login + (urlRed);
// Session["redirectUrl"] = Request.QueryString["ReturnUrl"].ToString();//Server.UrlEncode(Rurl) ;//Request.QueryString["ReturnUrl"].ToString();
}
else
{
Session["redirectUrl"] = Server.UrlEncode(Rurl);//Request.QueryString["ReturnUrl"].ToString();
}
}
else
{
Session["redirectUrl"] = Request.QueryString["ReturnUrl"].ToString();//Server.UrlDecode(Rurl);
}
}
else if (Request.QueryString["rurl"] != null)
{
string Rurl = fullUrl.Replace("?site=sme&", "?");
Rurl = Rurl.Replace("/memberredirect/default.aspx?rurl=", "");
Rurl = Rurl.Replace("&site=sme", "");
string login = "******";
Session["redirectUrl"] = login + (Session["rurlValues"]);
//Response.Write(Request.QueryString["rurl"] +" <br/>") ;
}
else if (Request.QueryString["loginurl"] != null)
{
Session["redirectUrl"] = Request.QueryString["loginurl"];
}
else
{
Session["redirectUrl"] = null;
}
var encryptedVendorToken = RijndaelAlgorithm.GetVendorToken(returnURl, vendorPassword,
vendorBlock, Username, Password, RememberMember);
string URL = string.Format("{0}?vi={1}&vt={2}", PersonifyAutoLoginUrl, vendorId, encryptedVendorToken);
// var ssoRedirect = "http://smemitst.personifycloud.com/SSO/autologin.aspx" + "?vi=" + vendorId + "&vt=" + encryptedVendorToken;
LoginUsertokentico.WriteError("URL which is sent via Autologin --->", URL);
Response.Redirect(URL);
}
catch (Exception exception)
{
// ApplicationEngine.HandleException(exception);
Response.Write(exception.ToString());
// LoginUsertokentico.WriteError("LoginMember", exception.ToString());
EventLogProvider.LogException("LoginMember", "Get", exception);
}
}