protected override void OnLoad(EventArgs e)
        {
            string action = this.Request.QueryString[WSFederationConstants.Parameters.Action];

            if (action == WSFederationConstants.Actions.SignIn)
            {
                // Process signin request.
                this.Response.Redirect("~/HomeRealmDiscovery.aspx" + "?" + this.Request.QueryString, false);
            }
            else if (action == WSFederationConstants.Actions.SignOut || action == WSFederationConstants.Actions.SignOutCleanup)
            {
                // Process signout request.
                WSFederationMessage requestMessage = WSFederationMessage.CreateFromUri(this.Request.Url);
                FederatedPassiveSecurityTokenServiceOperations.ProcessSignOutRequest(requestMessage, this.User, null, this.Response);
                this.ActionExplanationLabel.Text = @"Sign out from the issuer has been requested.";

                var signedInUrls = SingleSignOnManager.SignOutRelyingParties();
                if (signedInUrls.Length > 0)
                {
                    this.RelyingPartyLabel.Visible = true;
                    foreach (string url in signedInUrls)
                    {
                        this.RelyingPartySignOutLinks.Controls.Add(
                            new LiteralControl(string.Format("<p><a href='{0}'>{0}</a>&nbsp;<img src='{0}?wa=wsignoutcleanup1.0' title='Signout request: {0}?wa=wsignoutcleanup1.0'/></p>", url)));
                    }
                }

                signedInUrls = SingleSignOnManager.SignOutIssuers();
                if (signedInUrls.Length > 0)
                {
                    this.IssuerLabel.Visible = true;
                    foreach (string url in signedInUrls)
                    {
                        this.IssuerSignOutLinks.Controls.Add(
                            new LiteralControl(string.Format("<p>{0}&nbsp;<img src='{0}?wa=wsignoutcleanup1.0' title='Signout request: {0}?wa=wsignoutcleanup1.0'/></p>", url)));
                    }
                }

                SingleSignOnManager.Clear();
            }
            else
            {
                throw new InvalidOperationException(
                          String.Format(
                              CultureInfo.InvariantCulture,
                              "The action '{0}' (Request.QueryString['{1}']) is unexpected. Expected actions are: '{2}' or '{3}'.",
                              String.IsNullOrEmpty(action) ? "<EMPTY>" : action,
                              WSFederationConstants.Parameters.Action,
                              WSFederationConstants.Actions.SignIn,
                              WSFederationConstants.Actions.SignOut));
            }

            base.OnLoad(e);
        }
예제 #2
0
        protected override IClaimsIdentity GetOutputClaimsIdentity(IClaimsPrincipal principal, RequestSecurityToken request, Scope scope)
        {
            var output = new ClaimsIdentity();

            if (null == principal)
            {
                throw new InvalidRequestException("The caller's principal is null.");
            }

            SingleSignOnManager.RegisterRelyingParty(scope.ReplyToAddress);

            var input  = (ClaimsIdentity)principal.Identity;
            var issuer = input.Claims.First().Issuer.ToUpperInvariant();

            switch (issuer)
            {
            case "LITWARE":
                CopyClaims(input, new[] { WSIdentityConstants.ClaimTypes.Name }, output);

                TransformClaims(input, AllOrganizations.ClaimTypes.Group, Litware.Groups.Sales, ClaimTypes.Role, Adatum.Roles.OrderTracker, output);

                output.Claims.Add(new Claim(Adatum.ClaimTypes.Organization, Litware.OrganizationName));

                SingleSignOnManager.RegisterIssuer("https://localhost/Litware.SimulatedIssuer.6/");

                break;

            case "ADATUM":
                output = input;
                SingleSignOnManager.RegisterIssuer("https://localhost/Adatum.SimulatedIssuer.6");

                break;

            default:
                if (issuer == TrustedIssuers.Instance.AcsIssuerName.ToUpperInvariant())
                {
                    CopySocialClaims(input, output);
                    output.Claims.Add(new Claim(ClaimTypes.Role, Adatum.Roles.OrderTracker));
                    output.Claims.Add(new Claim(Adatum.ClaimTypes.Organization, "MaryInc"));

                    SingleSignOnManager.RegisterIssuer(TrustedIssuers.Instance.AcsIssuerEndpoint);
                }
                else
                {
                    throw new InvalidOperationException("Issuer not trusted.");
                }
                break;
            }

            return(output);
        }