private void loginButton_Click(object sender, EventArgs e)
{
// AADB2C90118: The user has forgotten their password ==> Login with forgot password policy
if (!string.IsNullOrEmpty(Request["error"]) &&
!string.IsNullOrEmpty(Request["error_description"]) &&
Request["error_description"]?.IndexOf("AADB2C90118") == -1)
{
// AADB2C90091: The user has cancelled entering self-asserted information.
// User clicked on Cancel when resetting the password => Redirect to the login page
if (Request["error_description"]?.IndexOf("AADB2C90091") > -1)
{
Response.Redirect(Common.Utils.GetLoginUrl(PortalSettings.Current, Request), true);
}
else
{
var errorMessage = Localization.GetString("LoginError", LocalResourceFile);
errorMessage = string.Format(errorMessage, Request["error"], Request["error_description"]);
_logger.Error(errorMessage);
UI.Skins.Skin.AddModuleMessage(this, errorMessage, ModuleMessage.ModuleMessageType.RedError);
}
}
else
{
if (Request["error_description"]?.IndexOf("AADB2C90118") > -1)
{
((AzureClient)OAuthClient).Policy = AzureClient.PolicyEnum.PasswordResetPolicy;
}
AuthorisationResult result = OAuthClient.Authorize();
if (result == AuthorisationResult.Denied)
{
UI.Skins.Skin.AddModuleMessage(this, Localization.GetString("PrivateConfirmationMessage", Localization.SharedResourceFile), ModuleMessage.ModuleMessageType.YellowWarning);
}
}
}
protected override void OnInit(EventArgs e)
{
base.OnInit(e);
if (!string.IsNullOrEmpty(Request["error"]) &&
!string.IsNullOrEmpty(Request["error_description"]))
{
// AADB2C90091: The user has cancelled entering self-asserted information.
// User clicked on Cancel when resetting the password => Redirect to the original page
if (Request["error_description"]?.IndexOf("AADB2C90091") > -1)
{
if (!string.IsNullOrEmpty(Request["state"]))
{
var state = new State(Request["state"]);
if (!string.IsNullOrEmpty(state.RedirectUrl))
{
Response.Redirect(state.RedirectUrl, true);
}
}
}
else
{
var errorMessage = Localization.GetString("LoginError", LocalResourceFile);
errorMessage = string.Format(errorMessage, Request["error"], Request["error_description"]);
_logger.Error(errorMessage);
UI.Skins.Skin.AddModuleMessage(this, errorMessage, ModuleMessage.ModuleMessageType.RedError);
}
}
else
{
var identityProvider = UserInfo.Profile.ProfileProperties.GetByName("IdentitySource");
if (identityProvider != null && identityProvider.PropertyValue == "Azure-B2C")
{
var oauthClient = new AzureClient(PortalId, AuthMode.Login);
// Is returning after editing the user profile?
var state = new State(Request["state"]);
if (Request.UrlReferrer?.Host == oauthClient.LogoutEndpoint.Host &&
!string.IsNullOrEmpty(Request["state"]) &&
state.Service == oauthClient.Service &&
!string.IsNullOrEmpty(state.RedirectUrl) &&
oauthClient.HaveVerificationCode())
{
oauthClient.Policy = AzureClient.PolicyEnum.ProfilePolicy;
AuthorisationResult result = oauthClient.Authorize();
if (result != AuthorisationResult.Denied)
{
oauthClient.UpdateUserProfile();
Response.Redirect(state.RedirectUrl);
}
}
else
{
oauthClient.NavigateUserProfile(Request.UrlReferrer);
}
}
}
}
private void loginButton_Click(object sender, EventArgs e)
{
AuthorisationResult result = OAuthClient.Authorize();
if (result == AuthorisationResult.Denied)
{
UI.Skins.Skin.AddModuleMessage(this, Localization.GetString("PrivateConfirmationMessage", Localization.SharedResourceFile), ModuleMessage.ModuleMessageType.YellowWarning);
}
}
protected override void OnInit(EventArgs e)
{
base.OnInit(e);
if (!string.IsNullOrEmpty(Request["error"]) &&
!string.IsNullOrEmpty(Request["error_description"]))
{
// AADB2C90091: The user has cancelled entering self-asserted information.
// User clicked on Cancel when resetting the password => Redirect to the original page
if (Request["error_description"]?.IndexOf("AADB2C90091") > -1)
{
var url = Request["state"].Split('-');
if (url.Length > 1)
{
Response.Redirect(url[1], true);
}
}
else
{
var errorMessage = Localization.GetString("LoginError", LocalResourceFile);
errorMessage = string.Format(errorMessage, Request["error"], Request["error_description"]);
_logger.Error(errorMessage);
UI.Skins.Skin.AddModuleMessage(this, errorMessage, ModuleMessage.ModuleMessageType.RedError);
}
}
else
{
if (UserInfo != null && UserInfo.Username.ToLowerInvariant().StartsWith("azureb2c-"))
{
var oauthClient = new AzureClient(PortalId, AuthMode.Login);
// Is returning after editing the user profile?
if (Request.UrlReferrer?.Host == oauthClient.LogoutEndpoint.Host &&
!string.IsNullOrEmpty(Request["state"]) &&
Request["state"].StartsWith(oauthClient.Service) &&
Request["state"].Length > oauthClient.Service.Length &&
oauthClient.HaveVerificationCode())
{
oauthClient.Policy = AzureClient.PolicyEnum.ProfilePolicy;
AuthorisationResult result = oauthClient.Authorize();
if (result != AuthorisationResult.Denied)
{
oauthClient.UpdateUserProfile();
var url = Request["state"].Split('-');
if (url.Length > 1)
{
Response.Redirect(url[1]);
}
}
}
else
{
oauthClient.NavigateUserProfile(Request.UrlReferrer);
}
}
}
}
private void LoginButton_Click(object sender, EventArgs e)
{
this.OAuthClient.CallbackUri = new Uri(this.OAuthClient.CallbackUri + "?state=Twitter");
AuthorisationResult result = this.OAuthClient.Authorize();
if (result == AuthorisationResult.Denied)
{
UI.Skins.Skin.AddModuleMessage(this, Localization.GetString("PrivateConfirmationMessage", Localization.SharedResourceFile), ModuleMessage.ModuleMessageType.YellowWarning);
}
}
private static async Task <AuthorisationResult> FailOnFirstCall()
{
await Task.CompletedTask;
var result = _hasBeenCalled
? AuthorisationResult.Success()
: AuthorisationResult.Fail("This query can only be used on a Saturday or Sunday");
_hasBeenCalled = true;
return(result);
}
/// <summary>
/// A contrived authorisation policy function
/// </summary>
/// <returns></returns>
private static async Task <AuthorisationResult> WeekendOnlyPolicy()
{
var isWeekend = DateTime.Today.DayOfWeek == DayOfWeek.Saturday ||
DateTime.Today.DayOfWeek == DayOfWeek.Sunday;
//This isn't really an async method
await Task.CompletedTask;
return(isWeekend
? AuthorisationResult.Success()
: AuthorisationResult.Fail("This query can only be used on a Saturday or Sunday"));
}
private static async Task <AuthorisationResult> FailOnFirstCall()
{
await Task.CompletedTask;
var result = _hasBeenCalled
? AuthorisationResult.Success()
: AuthorisationResult.Fail("This query will fail the first time you call it, try again.");
_hasBeenCalled = true;
return(result);
}
/// <summary>
/// Parses the query tokens returned during authorisation process
/// and notifies app of result.
/// </summary>
/// <param name="queryTokens">Query tokens to parse for authorisation.</param>
private void ParseUrl(NameValueCollection queryTokens)
{
AuthorisationResult result = AuthorisationResult.Error;
string reason = null;
string state = null;
if (queryTokens["code"] == null)
{
// app was not authorised for some reason
if (queryTokens["error"] == "access_denied")
{
result = AuthorisationResult.Denied;
}
else
{
// random error so return description value
reason = queryTokens["description"];
}
}
else
{
try
{
// get name of user who logged in from state
state = queryTokens["state"];
var re = new Regex(@"(?<=name;)\w*(\+\w*)?", RegexOptions.IgnoreCase);
var m = re.Match(state);
this.Character = HttpUtility.UrlDecode(m.Value);
state = state.Replace("name;" + m.Value, "").Trim();
// exchange code for a token
this.Token = GetToken(queryTokens["code"]);
result = AuthorisationResult.Authorised;
}
catch (Exception ex)
{
reason = ex.Message;
}
}
// clean up web browser before continuing
_wasAutoClosed = true;
CloseForm(_webBrowserForm);
// notify anyone who is listening of results
OnAuthoriseComplete(new AuthoriseCompleteEventArgs(result, reason, state));
}
private async Task GetUserAsync()
{
if (Client.HaveVerificationCode())
{
try
{
// Step 2: Validate that the state is the same as what was stored in the
// CSRF cookie. Validation failures will throw exceptions.
AntiForgery.ValidateTokens(Request);
// Step 3: The app has redirected back with an Auth0 Code that can
// be used for retrieving a Bearer Token from Auth0.
AuthorisationResult result = await Client.ExchangeCodeForTokenAsync();
switch (result)
{
case AuthorisationResult.Authorized:
// Step 4: We now have a token and can use that to get the
// user profile data from Auth0. The profile data we have
// access to is controlled by the scope passed in the original
// authorization request.
Auth0UserInfo user = await Client.GetCurrentUserAsync();
// Step 5: We need to take the authenticated user profile and use it to
// find the corresponding DNN User. If the user does not exist,
// we create the user and authorize the user according to the portal settings.
Client.AuthenticateDnnUser(user, PortalSettings, IPAddress, base.OnUserAuthenticated);
break;
case AuthorisationResult.Denied:
Skin.AddModuleMessage(this, Localization.GetString("PrivateConfirmationMessage", Localization.SharedResourceFile), ModuleMessage.ModuleMessageType.YellowWarning);
AddEventLog("unknown user", Null.NullInteger, PortalSettings.PortalName, IPAddress, EventLogType.LOGIN_FAILURE, "Unable to get token");
break;
default:
break;
}
}
catch (Exception ex)
{
(new ExceptionLogController()).AddLog(ex);
}
}
}
private void loginButton_Click(object sender, EventArgs e)
{
if (!string.IsNullOrEmpty(Request["error"]))
{
var errorMessage = Localization.GetString("LoginError", LocalResourceFile);
errorMessage = string.Format(errorMessage, Request["error"], Request["error_description"]);
_logger.Error(errorMessage);
UI.Skins.Skin.AddModuleMessage(this, errorMessage, ModuleMessage.ModuleMessageType.RedError);
}
else
{
AuthorisationResult result = OAuthClient.Authorize();
if (result == AuthorisationResult.Denied)
{
UI.Skins.Skin.AddModuleMessage(this, Localization.GetString("PrivateConfirmationMessage", Localization.SharedResourceFile), ModuleMessage.ModuleMessageType.YellowWarning);
}
}
}
public async Task <AuthorisationResult> Verify(string authToken)
{
var dummyAuthResult = new AuthorisationResult();
if (string.IsNullOrEmpty(authToken))
{
return(await Task.Run(() => dummyAuthResult));
}
return(authToken.ToUpperInvariant() switch
{
"TEST_KEY1" => await Task.Run(() => new AuthorisationResult()
{
Valid = true,
Merchant = new Merchant()
{
Id = "M_1111", Name = "Merchant 1"
}
}),
_ => await Task.Run(() => dummyAuthResult),
});
private Token GetTokenSilently(OAuthLowLevel oAuth)
{
Token token = null;
token = oAuth.RetrieveExistingAccessToken(ClientID, Scope, Audience, StoragePartition);
if (token == null)
{
Token refreshToken = oAuth.RetrieveExistingRefreshToken(ClientID, Scope, Audience, StoragePartition);
if (refreshToken != null)
{
Auth0ClientBase client = CreateAuth0Client();
AuthorisationResult result = Task.Run(() => oAuth.RefreshAccessTokenAsync(client, refreshToken, ClientID, Scope, Audience, StoragePartition)).Result;
token = result.AccessToken;
}
}
return(token);
}
private void loginButton_Click(object sender, EventArgs e)
{
if (!string.IsNullOrEmpty(Request["error"]))
{
var errorMessage = Localization.GetString("LoginError", LocalResourceFile);
errorMessage = string.Format(errorMessage, Request["error"], Request["error_description"]);
_logger.Error(errorMessage);
if (string.IsNullOrEmpty(config.OnErrorUri))
{
UI.Skins.Skin.AddModuleMessage(this, errorMessage, ModuleMessage.ModuleMessageType.RedError);
}
else
{
Response.Redirect($"{config.OnErrorUri}?error={Request["error"]}&error_description={HttpContext.Current.Server.UrlEncode(Request["error_description"])}");
}
}
else
{
AuthorisationResult result = OAuthClient.Authorize();
if (result == AuthorisationResult.Denied)
{
if (string.IsNullOrEmpty(config.OnErrorUri))
{
UI.Skins.Skin.AddModuleMessage(this, Localization.GetString("PrivateConfirmationMessage", Localization.SharedResourceFile), ModuleMessage.ModuleMessageType.YellowWarning);
}
else
{
Response.Redirect($"{config.OnErrorUri}?error=Denied&error_description={HttpContext.Current.Server.UrlEncode(Localization.GetString("PrivateConfirmationMessage", Localization.SharedResourceFile))}");
}
}
else
{
if (!string.IsNullOrEmpty(((AzureClient)OAuthClient).RedirectUrl))
{
RedirectURL = ((AzureClient)OAuthClient).RedirectUrl;
}
}
}
}
public AuthoriseCompleteEventArgs(AuthorisationResult result, string state)
: this(result, result.GetDescription(), state)
{
}
public AuthoriseCompleteEventArgs(AuthorisationResult result, string deniedReason, string state)
{
_result = result;
_reason = String.IsNullOrWhiteSpace(deniedReason) ? result.GetDescription() : deniedReason;
this.State = state;
}
public AuthoriseCompleteEventArgs(AuthorisationResult result, string state) : this(result, result.GetDescription(), state)
{
}
protected override void OnInit(EventArgs e)
{
base.OnInit(e);
if (!string.IsNullOrEmpty(Request["error"]) &&
!string.IsNullOrEmpty(Request["error_description"]))
{
// AADB2C90091: The user has cancelled entering self-asserted information.
// User clicked on Cancel when resetting the password => Redirect to the original page
if (Request["error_description"]?.IndexOf("AADB2C90091") > -1)
{
if (!string.IsNullOrEmpty(Request["state"]))
{
var state = new State(Request["state"]);
if (!string.IsNullOrEmpty(state.RedirectUrl))
{
Response.Redirect(state.RedirectUrl, true);
}
else
{
Response.Redirect("/", true);
}
}
else
{
Response.Redirect("/", true);
}
}
else
{
var errorMessage = Localization.GetString("LoginError", LocalResourceFile);
errorMessage = string.Format(errorMessage, Request["error"], Request["error_description"]);
_logger.Error(errorMessage);
UI.Skins.Skin.AddModuleMessage(this, errorMessage, ModuleMessage.ModuleMessageType.RedError);
}
}
else
{
var identityProvider = UserInfo.Profile.ProfileProperties.GetByName("IdentitySource");
if (identityProvider != null && identityProvider.PropertyValue == "Azure-B2C")
{
var oauthClient = new AzureClient(PortalId, AuthMode.Login);
if (HttpContext.Current.Request.Cookies.AllKeys.Contains("AzureB2CUserToken"))
{
// Logout on B2C to clear the cached B2C login. This will redirect back to here after the logout
oauthClient.Logout();
return;
}
// Is returning after running the impersonation on B2C?
var state = new State(Request["state"]);
if (Request.UrlReferrer?.Host == oauthClient.LogoutEndpoint.Host &&
!string.IsNullOrEmpty(Request["state"]) &&
state.Service == oauthClient.Service &&
!string.IsNullOrEmpty(state.RedirectUrl) &&
oauthClient.HaveVerificationCode())
{
oauthClient.Policy = AzureClient.PolicyEnum.ImpersonatePolicy;
AuthorisationResult result = oauthClient.Authorize();
if (result != AuthorisationResult.Denied)
{
if (User != null)
{
var url = oauthClient.Impersonate();
if (string.IsNullOrEmpty(url))
{
Response.Redirect($"{Request.Url.Scheme}://{PortalSettings.PortalAlias.HTTPAlias}"); // Redirect to homepage after impersonation
}
else
{
Response.Redirect(url);
}
}
}
}
else
{
var uri = oauthClient.NavigateImpersonation(Request.UrlReferrer, UserInfo.Email);
Response.Redirect(uri.ToString(), false);
}
}
}
}
public AuthoriseCompleteEventArgs(AuthorisationResult result, string deniedReason, string state)
{
_result = result;
_reason = String.IsNullOrWhiteSpace(deniedReason) ? result.GetDescription() : deniedReason;
this.State = state;
}
