private void PostAcquireRequestState(object sender, EventArgs e) { HttpApplication application = (HttpApplication)sender; HttpContext context = application.Context; SSOAgentConfig ssoAgentConfig = (SSOAgentConfig)HttpContext.Current.Application[SSOAgentConstants.CONFIG_BEAN_NAME]; SSOAgentRequestResolver requestResolver = new SSOAgentRequestResolver(context.Request, ssoAgentConfig); // Single logout request, as a result of some other application. if (requestResolver.IsSLORequest()) { SAML2SSOManager samlSSOManager = new SAML2SSOManager(ssoAgentConfig); samlSSOManager.ProcessSAMLRequest(context); context.Response.Clear(); context.Response.StatusCode = 200; context.Response.End(); return; } // Requesting log out by the currently running application. else if (requestResolver.IsSLOURL()) { SAML2SSOManager samlSSOManager = new SAML2SSOManager(ssoAgentConfig); if (ssoAgentConfig.Saml2.HttpBinding == SSOAgentConstants.SAML2SSO.SAML2_REDIRECT_BINDING_URI) { context.Response.Redirect(samlSSOManager.BuildRedirectBindingLogoutRequest()); } else { samlSSOManager.SendPostBindingLogoutRequest(context); } } // Requests with SAMLResponse param is handled by below block. else if (requestResolver.IsSAML2SSOResponse(context.Request)) { SAML2SSOManager samlSSOManager = new SAML2SSOManager(ssoAgentConfig); samlSSOManager.ProcessSAMLResponse(context.Request, context.Response); } else if (requestResolver.IsSAML2SSOURL()) { HttpContext.Current.Session["loginRequestedFrom"] = GetLoginRequstedLocation(context.Request); SAML2SSOManager samlSSOManager = new SAML2SSOManager(ssoAgentConfig); if (ssoAgentConfig.Saml2.HttpBinding == SSOAgentConstants.SAML2SSO.SAML2_REDIRECT_BINDING_URI) { context.Response.Redirect(samlSSOManager.BuildRedirectBindingLoginRequest()); } else { samlSSOManager.SendPostBindingLoginRequest(context); } } }
private void PostAcquireRequestState(object sender, EventArgs e) { HttpApplication application = (HttpApplication)sender; HttpContext context = application.Context; SSOAgentConfig ssoAgentConfig = (SSOAgentConfig)HttpContext.Current.Application[SSOAgentConstants.CONFIG_BEAN_NAME]; SSOAgentRequestResolver requestResolver = new SSOAgentRequestResolver(context.Request, ssoAgentConfig); OIDCManager oidcManager; if (requestResolver.IsOIDCCodeResponse()) { oidcManager = new OIDCManager(ssoAgentConfig); oidcManager.ProcessCodeResponse(context.Request); context.Response.Redirect(HttpContext.Current.Session["loginRequestedFrom"].ToString()); } if (requestResolver.IsOIDCSSOURL()) { oidcManager = new OIDCManager(ssoAgentConfig); HttpContext.Current.Session["loginRequestedFrom"] = GetLoginRequstedLocation(context.Request); context.Response.Redirect(oidcManager.BuildAuthorizationRequest(context.Request)); } if (requestResolver.IsSLOURL()) { oidcManager = new OIDCManager(ssoAgentConfig); context.Response.Redirect(oidcManager.BuildLogoutURL()); } // Following if block is related to oidc single logout. // This block gets hit when passive authentication falis. if (context.Request.Params["error"] != null) { context.Session.Abandon(); context.Response.Redirect(ssoAgentConfig.Oidc.PostLogoutRedirectUri); } //Handling idp redirection to callback url after successful logout. if (requestResolver.IsSLOResponse()) { context.Session.Abandon(); context.Response.Redirect(ssoAgentConfig.Oidc.PostLogoutRedirectUri); } }