protected void Page_Load(object sender, EventArgs e)
{
string token = string.Empty;
try
{
token = Session["access_token"].ToString();
}
catch
{
//not authenticated; browser will invoke oidc signin-redirect to SIS
}
if (token != string.Empty)
{
var jwttoken = SynapseHelpers.DecodeJWTToken(token);
if (!(jwttoken is JwtSecurityToken))
{
Response.Redirect("SessionExpired.aspx");
}
if (((JwtSecurityToken)jwttoken).ValidTo <= DateTime.Now)
{
Response.Redirect("Logout.aspx");
}
string returnURL = "Default.aspx";
try
{
returnURL = Request.Cookies[Session["SynapseUser_UserID"].ToString().ToLower() + "_SynapseStudio_ReturnURL"].Value.ToString();;
}
catch { }
Response.Redirect(returnURL);
}
else
{ //not authenticated; Do Nothing. Browser will invoke oidc signin-redirect to SIS
}
}
protected void btnPostback_Click(object sender, EventArgs e)
{
Session["access_token"] = hTkn.Value;
//Response.Redirect("Login.aspx");
string token = string.Empty;
try
{
token = Session["access_token"].ToString();
}
catch
{
//not authenticated; browser will invoke oidc signin-redirect to SIS
}
if (token != string.Empty)
{
string IPAddress = "";
try
{
IPAddress = GetIPAddress();
}
catch { }
var jwttoken = SynapseHelpers.DecodeJWTToken(token);
if (!(jwttoken is JwtSecurityToken))
{
recordFailedLoginAttempt("-1", IPAddress, "unknown");
Response.Redirect("Logout.aspx");
}
if (((JwtSecurityToken)jwttoken).ValidTo <= DateTime.UtcNow)
{
Response.Redirect("Logout.aspx");
}
if (((JwtSecurityToken)jwttoken).Claims.Count() > 1)
{
var winAccNameClaim = ((JwtSecurityToken)jwttoken).Claims.Where(x => x.Type.ToLower() == "ipuid").FirstOrDefault();
var userFullName = ((JwtSecurityToken)jwttoken).Claims.Where(x => x.Type.ToLower() == "name").FirstOrDefault();
if (((JwtSecurityToken)jwttoken).Claims.Where(x => x.Type.ToLower() == "idp").FirstOrDefault().Value == "local")
{
winAccNameClaim = ((JwtSecurityToken)jwttoken).Claims.Where(x => x.Type.ToLower() == "email").FirstOrDefault();
}
if (winAccNameClaim == null && string.IsNullOrWhiteSpace(winAccNameClaim.Value))
{
recordFailedLoginAttempt("-1", IPAddress, "Studio");
Response.Redirect("Logout.aspx");
}
else
{
Session["SynapseUser_UserID"] = winAccNameClaim.Value;
}
if (userFullName != null)
{
if (userFullName.Value.Split(' ').Length > 1)
{
string firstName = userFullName.Value.Replace(",", "").Split(' ')[1];
string lastName = userFullName.Value.Replace(",", "").Split(' ')[0];
Session["userFullName"] = firstName + " " + lastName;
}
else
{
Session["userFullName"] = userFullName.Value;
}
}
else
{
recordFailedLoginAttempt("-1", IPAddress, "Studio");
Response.Redirect("Logout.aspx");
}
string returnURL = "Default.aspx";
try
{
returnURL = Request.Cookies[Session["SynapseUser_UserID"].ToString().ToLower() + "_SynapseStudio_ReturnURL"].Value.ToString();;
}
catch { }
recordSuccessfulLoginAttempt("0", winAccNameClaim.Value, IPAddress, "Studio");
Response.Redirect(returnURL);
}
}
}
public async Task <IActionResult> Index(string access_token, string code)
{
//if (User.Identity.IsAuthenticated)
//{
// string accessToken = await HttpContext.GetTokenAsync("access_token");
// string idToken = await HttpContext.GetTokenAsync("id_token");
// // Now you can use them. For more info on when and how to use the
// // access_token and id_token, see https://auth0.com/docs/tokens
//}
string token = await HttpContext.GetTokenAsync("id_token");
string accessToken = await HttpContext.GetTokenAsync("access_token");
HttpContext.Session.SetString("access_token", accessToken);
var jwttoken = SynapseHelpers.DecodeJWTToken(accessToken);
//if (!(jwttoken is JwtSecurityToken))
//{
// recordFailedLoginAttempt("-1", IPAddress, "unknown");
// Response.Redirect("Logout.aspx");
//}
//if (((JwtSecurityToken)jwttoken).ValidTo <= DateTime.UtcNow)
//{
// return RedirectToAction("Logout");
//}
if (((JwtSecurityToken)jwttoken).Claims.Count() > 1)
{
var winAccNameClaim = ((JwtSecurityToken)jwttoken).Claims.Where(x => x.Type.ToLower() == "ipuid").FirstOrDefault();
var userFullName = ((JwtSecurityToken)jwttoken).Claims.Where(x => x.Type.ToLower() == "name").FirstOrDefault();
if (((JwtSecurityToken)jwttoken).Claims.Where(x => x.Type.ToLower() == "idp").FirstOrDefault().Value == "local")
{
winAccNameClaim = ((JwtSecurityToken)jwttoken).Claims.Where(x => x.Type.ToLower() == "email").FirstOrDefault();
}
HttpContext.Session.SetString(SynapseSession.IsPharamacist,
((JwtSecurityToken)jwttoken).Claims.Any(x => string.Compare(x.Type, "synapseroles", true) == 0 &&
string.Compare(x.Value, "pharmacist", true) == 0).ToString());
if (winAccNameClaim == null && string.IsNullOrWhiteSpace(winAccNameClaim.Value))
{
//recordFailedLoginAttempt("-1", IPAddress, "Studio");
return(RedirectToAction("Logout"));
}
else
{
HttpContext.Session.SetString(SynapseSession.UserID, winAccNameClaim.Value);
}
if (userFullName != null)
{
if (userFullName.Value.Split(' ').Length > 1)
{
string firstName = userFullName.Value.Replace(",", "").Split(' ')[1];
string lastName = userFullName.Value.Replace(",", "").Split(' ')[0];
HttpContext.Session.SetString(SynapseSession.FullName, firstName + " " + lastName);
}
else
{
HttpContext.Session.SetString(SynapseSession.FullName, userFullName.Value);
}
}
else
{
//recordFailedLoginAttempt("-1", IPAddress, "Studio");
return(RedirectToAction("Logout"));
}
return(RedirectToAction("Index", "Home"));
}
//return RedirectToAction("Index", "Home");
return(RedirectToAction("Logout"));
}