public override Task <Stream> AuthorizeResponse(AuthorizeResponseViewModel model)
{
var controller = GetController <LoginController>();
var result = RenderAuthorizeResponseAction(controller, model);
return(Task.FromResult(result));
}
/// <summary>
/// Loads the HTML for the authorize response page.
/// </summary>
/// <param name="model">The model.</param>
/// <returns>
/// Stream for the HTML
/// </returns>
public virtual async Task <Stream> AuthorizeResponse(AuthorizeResponseViewModel model)
{
var newModel = new CommonViewModel
{
SiteName = model.SiteName,
SiteUrl = model.SiteUrl,
Custom = model.Custom
};
var scripts = new List <string>();
scripts.AddRange(config.Scripts ?? Enumerable.Empty <string>());
scripts.Add("~/assets/app.FormPostResponse.js");
var data = BuildModelDictionary(newModel, AuthorizeResponseView, config.Stylesheets, scripts);
data.Add("responseUri", model.ResponseFormUri);
data.Add("responseFields", model.ResponseFormFields);
string html = await LoadHtmlTemplate(AuthorizeResponseView);
html = FormatHtmlTemplate(html, data);
return(html.ToStream());
}
public override async Task <HttpResponseMessage> ExecuteAsync(System.Threading.CancellationToken cancellationToken)
{
_request.SetSuppressXfo();
Logger.Info("Posting to " + _response.RedirectUri);
// see if we have a DefaultViewService for the IViewService
// to allow for customization of the authorize response page
var ctx = _request.GetOwinContext();
var defaultViewSvc = ctx.ResolveDependency <IViewService>() as DefaultViewService;
if (defaultViewSvc != null)
{
Logger.Debug("Using DefaultViewService to render authorization response HTML");
var vm = new AuthorizeResponseViewModel
{
SiteName = _response.Request.Options.SiteName,
SiteUrl = _request.GetIdentityServerBaseUrl(),
ResponseFormUri = _response.RedirectUri,
ResponseFormFields = _response.ToNameValueCollection().ToFormPost()
};
var result = new HtmlStreamActionResult(() => defaultViewSvc.AuthorizeResponse(vm));
return(await result.ExecuteAsync(cancellationToken));
}
Logger.Debug("Using AssetManager to render authorization response HTML");
return(await base.ExecuteAsync(cancellationToken));
}
public ActionResult AuthorizeResponse(AuthorizeResponseViewModel model)
{
// Try and stop direct access - probably a better way to do this
if (model == null || string.IsNullOrEmpty(model.ResponseFormFields))
{
return(HttpNotFound());
}
return(View(model));
}
private Stream RenderAuthorizeResponseAction(LoginController controller, AuthorizeResponseViewModel model)
{
using (var outputWriter = new StringWriter())
{
controller.ControllerContext.RequestContext.HttpContext.Response.Output = outputWriter;
controller.ControllerContext.RouteData.Values.Add("action", "AuthorizeResponse");
controller.ControllerContext.RouteData.Values["model"] = model;
var viewResult = controller.AuthorizeResponse(model);
viewResult.ExecuteResult(controller.ControllerContext);
outputWriter.Flush();
var content = outputWriter.ToString();
return(new MemoryStream(Encoding.UTF8.GetBytes(content)));
}
}
private void AddClaim(string type, string value, AuthorizeResponseViewModel viewModel)
{
var claim = new Claim(type, value);
_cookieAuthorizationDataProvider.AddClaim(claim, HttpContext, viewModel.Username);
}
public MediatorResponse <AuthorizeResponseViewModel> Authorize(ClaimsPrincipal principal)
{
var viewModel = new AuthorizeResponseViewModel();
if (string.IsNullOrEmpty(principal?.Identity?.Name))
{
return(GetMediatorResponse(ProviderUserMediatorCodes.Authorize.EmptyUsername, viewModel, AuthorizeMessages.EmptyUsername, UserMessageLevel.Error));
}
var username = principal.Identity.Name;
viewModel.Username = username;
var userProfile = _providerUserProvider.GetUserProfileViewModel(username);
if (userProfile != null)
{
viewModel.EmailAddress = userProfile.EmailAddress;
viewModel.EmailAddressVerified = userProfile.EmailAddressVerified;
}
var ukprn = principal.GetUkprn();
if (string.IsNullOrWhiteSpace(ukprn))
{
return(GetMediatorResponse(ProviderUserMediatorCodes.Authorize.MissingProviderIdentifier, viewModel, AuthorizeMessages.MissingProviderIdentifier, UserMessageLevel.Error));
}
if (!principal.IsInRole(Roles.Faa))
{
return(GetMediatorResponse(ProviderUserMediatorCodes.Authorize.MissingServicePermission, viewModel, AuthorizeMessages.MissingServicePermission, UserMessageLevel.Warning));
}
var provider = _providerProvider.GetProviderViewModel(ukprn);
if (provider == null)
{
return(GetMediatorResponse(ProviderUserMediatorCodes.Authorize.NoProviderProfile, viewModel, AuthorizeMessages.NoProviderProfile, UserMessageLevel.Info));
}
viewModel.ProviderId = provider.ProviderId;
if (provider.ProviderSiteViewModels.Count() < MinProviderSites)
{
return(GetMediatorResponse(ProviderUserMediatorCodes.Authorize.FailedMinimumSitesCountCheck, viewModel, AuthorizeMessages.FailedMinimumSitesCountCheck, UserMessageLevel.Warning));
}
if (userProfile == null)
{
var isFirstUser = !_providerUserProvider.GetProviderUsers(ukprn).Any();
if (isFirstUser)
{
return(GetMediatorResponse(ProviderUserMediatorCodes.Authorize.FirstUser, viewModel, AuthorizeMessages.FirstUser, UserMessageLevel.Info));
}
return(GetMediatorResponse(ProviderUserMediatorCodes.Authorize.NoUserProfile, viewModel, AuthorizeMessages.NoUserProfile, UserMessageLevel.Info));
}
if (!userProfile.EmailAddressVerified)
{
return(GetMediatorResponse(ProviderUserMediatorCodes.Authorize.EmailAddressNotVerified, viewModel,
AuthorizeMessages.EmailAddressNotVerified, UserMessageLevel.Info));
}
if (!provider.IsMigrated)
{
return(GetMediatorResponse(ProviderUserMediatorCodes.Authorize.ProviderNotMigrated, viewModel));
}
return(GetMediatorResponse(ProviderUserMediatorCodes.Authorize.Ok, viewModel));
}
