public async Task <IActionResult> GetCurrentAccount()
{
_logger.LogInformation(LoggingEvents.HttpGet, "Begin method " + this.GetType().Name + "." + MethodBase.GetCurrentMethod().ReflectedType.Name);
ViewModels.Account result = null;
// get the current user.
string sessionSettings = _httpContextAccessor.HttpContext.Session.GetString("UserSettings");
UserSettings userSettings = JsonConvert.DeserializeObject <UserSettings>(sessionSettings);
_logger.LogDebug(LoggingEvents.HttpGet, "UserSettings: " + JsonConvert.SerializeObject(userSettings));
// query the Dynamics system to get the account record.
if (userSettings.AccountId != null && userSettings.AccountId.Length > 0)
{
var accountId = GuidUtility.SanitizeGuidString(userSettings.AccountId);
MicrosoftDynamicsCRMaccount account = await _dynamicsClient.GetAccountById(new Guid(accountId));
_logger.LogDebug(LoggingEvents.HttpGet, "Dynamics Account: " + JsonConvert.SerializeObject(account));
if (account == null)
{
// Sometimes we receive the siteminderbusienssguid instead of the account id.
account = await _dynamicsClient.GetAccountBySiteminderBusinessGuid(accountId);
if (account == null)
{
_logger.LogWarning(LoggingEvents.NotFound, "No Account Found.");
return(new NotFoundResult());
}
}
result = account.ToViewModel();
}
else
{
_logger.LogWarning(LoggingEvents.NotFound, "No Account Found.");
return(new NotFoundResult());
}
_logger.LogDebug(LoggingEvents.HttpGet, "Current Account Result: " +
JsonConvert.SerializeObject(result, Formatting.Indented, new JsonSerializerSettings {
ReferenceLoopHandling = ReferenceLoopHandling.Ignore
}));
return(Json(result));
}
/// <summary>
/// Process Authentication Request
/// </summary>
/// <returns></returns>
protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
// get siteminder headers
_logger.LogDebug("Parsing the HTTP headers for SiteMinder authentication credential");
SiteMinderAuthOptions options = new SiteMinderAuthOptions();
bool isDeveloperLogin = false;
bool isBCSCDeveloperLogin = false;
try
{
ClaimsPrincipal principal;
HttpContext context = Request.HttpContext;
IDynamicsClient _dynamicsClient = (IDynamicsClient)context.RequestServices.GetService(typeof(IDynamicsClient));
IHostingEnvironment hostingEnv = (IHostingEnvironment)context.RequestServices.GetService(typeof(IHostingEnvironment));
UserSettings userSettings = new UserSettings();
string userId = null;
string devCompanyId = null;
string siteMinderGuid = "";
string siteMinderBusinessGuid = "";
string siteMinderUserType = "";
// **************************************************
// If this is an Error or Authentiation API - Ignore
// **************************************************
string url = context.Request.GetDisplayUrl().ToLower();
if (url.Contains(".js"))
{
return(AuthenticateResult.NoResult());
}
// **************************************************
// Check if we have a Dev Environment Cookie
// **************************************************
//if (!hostingEnv.IsProduction())
//{
// check for a fake BCeID login in dev mode
string temp = context.Request.Cookies[options.DevAuthenticationTokenKey];
if (string.IsNullOrEmpty(temp)) // could be an automated test user.
{
temp = context.Request.Headers["DEV-USER"];
}
if (!string.IsNullOrEmpty(temp))
{
if (temp.Contains("::"))
{
var temp2 = temp.Split("::");
userId = temp2[0];
if (temp2.Length >= 2)
{
devCompanyId = temp2[1];
}
else
{
devCompanyId = temp2[0];
}
}
else
{
userId = temp;
devCompanyId = temp;
}
isDeveloperLogin = true;
_logger.LogDebug("Got user from dev cookie = " + userId + ", company = " + devCompanyId);
}
else
{
// same set of tests for a BC Services Card dev login
temp = context.Request.Cookies[options.DevBCSCAuthenticationTokenKey];
if (string.IsNullOrEmpty(temp)) // could be an automated test user.
{
temp = context.Request.Headers["DEV-BCSC-USER"];
}
if (!string.IsNullOrEmpty(temp))
{
userId = temp;
isBCSCDeveloperLogin = true;
_logger.LogDebug("Got user from dev cookie = " + userId);
}
}
//}
// **************************************************
// Check if the user session is already created
// **************************************************
try
{
_logger.LogInformation("Checking user session");
userSettings = UserSettings.ReadUserSettings(context);
_logger.LogDebug("UserSettings found: " + userSettings.GetJson());
}
catch
{
//do nothing
_logger.LogDebug("No UserSettings found");
}
// is user authenticated - if so we're done
if ((userSettings.UserAuthenticated && string.IsNullOrEmpty(userId)) ||
(userSettings.UserAuthenticated && !string.IsNullOrEmpty(userId) &&
!string.IsNullOrEmpty(userSettings.UserId) && userSettings.UserId == userId))
{
_logger.LogDebug("User already authenticated with active session: " + userSettings.UserId);
principal = userSettings.AuthenticatedUser.ToClaimsPrincipal(options.Scheme, userSettings.UserType);
return(AuthenticateResult.Success(new AuthenticationTicket(principal, null, Options.Scheme)));
}
string smgov_userdisplayname = context.Request.Headers["smgov_userdisplayname"];
if (!string.IsNullOrEmpty(smgov_userdisplayname))
{
userSettings.UserDisplayName = smgov_userdisplayname;
}
string smgov_businesslegalname = context.Request.Headers["smgov_businesslegalname"];
if (!string.IsNullOrEmpty(smgov_businesslegalname))
{
userSettings.BusinessLegalName = smgov_businesslegalname;
}
// **************************************************
// Authenticate based on SiteMinder Headers
// **************************************************
_logger.LogDebug("Parsing the HTTP headers for SiteMinder authentication credential");
// At this point userID would only be set if we are logging in through as a DEV user
if (string.IsNullOrEmpty(userId))
{
_logger.LogDebug("Getting user data from headers");
userId = context.Request.Headers[options.SiteMinderUserNameKey];
if (string.IsNullOrEmpty(userId))
{
userId = context.Request.Headers[options.SiteMinderUniversalIdKey];
}
siteMinderGuid = context.Request.Headers[options.SiteMinderUserGuidKey];
siteMinderBusinessGuid = context.Request.Headers[options.SiteMinderBusinessGuidKey];
siteMinderUserType = context.Request.Headers[options.SiteMinderUserTypeKey];
// **************************************************
// Validate credentials
// **************************************************
if (string.IsNullOrEmpty(userId))
{
_logger.LogDebug(options.MissingSiteMinderUserIdError);
return(AuthenticateResult.Fail(options.MissingSiteMinderGuidError));
}
if (string.IsNullOrEmpty(siteMinderGuid))
{
_logger.LogDebug(options.MissingSiteMinderGuidError);
return(AuthenticateResult.Fail(options.MissingSiteMinderGuidError));
}
if (string.IsNullOrEmpty(siteMinderUserType))
{
_logger.LogDebug(options.MissingSiteMinderUserTypeError);
return(AuthenticateResult.Fail(options.MissingSiteMinderUserTypeError));
}
}
else // DEV user, setup a fake session and SiteMinder headers.
{
if (isDeveloperLogin && _dynamicsClient != null)
{
_logger.LogError("Generating a Development user");
userSettings.BusinessLegalName = devCompanyId + " BusinessProfileName";
userSettings.UserDisplayName = userId + " BCeIDContactType";
// search for a matching user.
var existingContact = _dynamicsClient.GetContactByName(userId, "BCeIDContactType");
if (existingContact != null)
{
siteMinderGuid = existingContact.Externaluseridentifier;
}
else
{
siteMinderGuid = GuidUtility.CreateIdForDynamics("contact", userSettings.UserDisplayName).ToString();
}
var existingBusiness = await _dynamicsClient.GetAccountByLegalName(userSettings.BusinessLegalName);
if (existingBusiness != null)
{
siteMinderBusinessGuid = existingBusiness.BcgovBceid;
}
{
siteMinderBusinessGuid = GuidUtility.CreateIdForDynamics("account", userSettings.BusinessLegalName).ToString();
}
siteMinderUserType = "Business";
}
else if (isBCSCDeveloperLogin)
{
_logger.LogError("Generating a Development BC Services user");
userSettings.BusinessLegalName = null;
userSettings.UserDisplayName = userId + " Associate";
siteMinderGuid = GuidUtility.CreateIdForDynamics("bcsc", userSettings.UserDisplayName).ToString();
siteMinderBusinessGuid = null;
siteMinderUserType = "VerifiedIndividual";
}
}
// Previously the code would do a database lookup here. However there is no backing database for the users table now,
// so we just do a Dynamics lookup on the siteMinderGuid.
_logger.LogDebug("Loading user external id = " + siteMinderGuid);
if (_dynamicsClient != null)
{
userSettings.AuthenticatedUser = await _dynamicsClient.LoadUser(siteMinderGuid, context.Request.Headers, _logger);
}
_logger.LogDebug("After getting authenticated user = "******" (" + userId + ")");
return(AuthenticateResult.Fail(options.InactivegDbUserIdError));
}
if (userSettings.AuthenticatedUser != null && !String.IsNullOrEmpty(siteMinderUserType))
{
userSettings.AuthenticatedUser.UserType = siteMinderUserType;
}
userSettings.UserType = siteMinderUserType;
// This line gets the various claims for the current user.
ClaimsPrincipal userPrincipal = userSettings.AuthenticatedUser.ToClaimsPrincipal(options.Scheme, userSettings.UserType);
// **************************************************
// Create authenticated user
// **************************************************
_logger.LogDebug("Authentication successful: " + userId);
_logger.LogDebug("Setting identity and creating session for: " + userId);
// create session info for the current user
userSettings.UserId = userId;
userSettings.UserAuthenticated = true;
userSettings.IsNewUserRegistration = (userSettings.AuthenticatedUser == null);
// set other session info
userSettings.SiteMinderGuid = siteMinderGuid;
userSettings.SiteMinderBusinessGuid = siteMinderBusinessGuid;
_logger.LogDebug("Before getting contact and account ids = " + userSettings.GetJson());
if (userSettings.AuthenticatedUser != null)
{
userSettings.ContactId = userSettings.AuthenticatedUser.ContactId.ToString();
if (siteMinderBusinessGuid != null) // BCeID user
{
var account = await _dynamicsClient.GetAccountBySiteminderBusinessGuid(siteMinderBusinessGuid);
if (account != null && account.Accountid != null)
{
userSettings.AccountId = account.Accountid;
userSettings.AuthenticatedUser.AccountId = Guid.Parse(account.Accountid);
}
}
}
if (!hostingEnv.IsProduction() && (isDeveloperLogin || isBCSCDeveloperLogin))
{
_logger.LogError("DEV MODE Setting identity and creating session for: " + userId);
if (isDeveloperLogin)
{
userSettings.BusinessLegalName = devCompanyId + " BusinessProfileName";
userSettings.UserDisplayName = userId + " BCeIDContactType";
// add generated guids
userSettings.SiteMinderBusinessGuid = GuidUtility.CreateIdForDynamics("account", userSettings.BusinessLegalName).ToString();
userSettings.SiteMinderGuid = GuidUtility.CreateIdForDynamics("contact", userSettings.UserDisplayName).ToString();
}
else if (isBCSCDeveloperLogin)
{
userSettings.BusinessLegalName = null;
userSettings.UserDisplayName = userId + " Associate";
// add generated guids
userSettings.SiteMinderBusinessGuid = null;
userSettings.SiteMinderGuid = GuidUtility.CreateIdForDynamics("bcsc", userSettings.UserDisplayName).ToString();
}
if (userSettings.IsNewUserRegistration)
{
if (isDeveloperLogin)
{
// add generated guids
userSettings.AccountId = userSettings.SiteMinderBusinessGuid;
userSettings.ContactId = userSettings.SiteMinderGuid;
}
else if (isBCSCDeveloperLogin)
{
// set to null for now
userSettings.AccountId = null;
userSettings.ContactId = null;
}
_logger.LogDebug("New user registration:" + userSettings.UserDisplayName);
_logger.LogDebug("userSettings.SiteMinderBusinessGuid:" + userSettings.SiteMinderBusinessGuid);
_logger.LogDebug("userSettings.SiteMinderGuid:" + userSettings.SiteMinderGuid);
_logger.LogDebug("userSettings.AccountId:" + userSettings.AccountId);
_logger.LogDebug("userSettings.ContactId:" + userSettings.ContactId);
}
// Set account ID from authenticated user
else if (userSettings.AuthenticatedUser != null)
{
// populate the business GUID.
if (string.IsNullOrEmpty(userSettings.AccountId))
{
userSettings.AccountId = userSettings.AuthenticatedUser.AccountId.ToString();
}
if (string.IsNullOrEmpty(userSettings.ContactId))
{
userSettings.ContactId = userSettings.AuthenticatedUser.ContactId.ToString();
}
_logger.LogDebug("Returning user:"******"userSettings.AccountId:" + userSettings.AccountId);
_logger.LogDebug("userSettings.ContactId:" + userSettings.ContactId);
}
}
// add the worker settings if it is a new user.
if (userSettings.IsNewUserRegistration && userSettings.NewWorker == null)
{
userSettings.NewWorker = new ViewModels.Worker();
userSettings.NewWorker.CopyHeaderValues(context.Request.Headers);
}
// add the worker settings if it is a new user.
if (userSettings.IsNewUserRegistration && userSettings.NewContact == null)
{
userSettings.NewContact = new ViewModels.Contact();
userSettings.NewContact.CopyHeaderValues(context.Request.Headers);
}
// **************************************************
// Update user settings
// **************************************************
UserSettings.SaveUserSettings(userSettings, context);
// done!
principal = userPrincipal;
return(AuthenticateResult.Success(new AuthenticationTicket(principal, null, Options.Scheme)));
}
catch (Exception exception)
{
_logger.LogError(exception.Message);
Console.WriteLine(exception);
throw;
}
}
public async Task <IActionResult> CreateDynamicsAccount([FromBody] ViewModels.Account item)
{
ViewModels.Account result = null;
Boolean updateIfNull = true;
// get UserSettings from the session
string temp = _httpContextAccessor.HttpContext.Session.GetString("UserSettings");
UserSettings userSettings = JsonConvert.DeserializeObject <UserSettings>(temp);
// get account Siteminder GUID
string accountSiteminderGuid = userSettings.SiteMinderBusinessGuid;
if (accountSiteminderGuid == null || accountSiteminderGuid.Length == 0)
{
throw new Exception("Oops no accountSiteminderGuid exernal id");
}
// first check to see that a contact exists.
string contactSiteminderGuid = userSettings.SiteMinderGuid;
if (contactSiteminderGuid == null || contactSiteminderGuid.Length == 0)
{
throw new Exception("Oops no ContactSiteminderGuid exernal id");
}
// get BCeID record for the current user
//var bceidBusiness = await _bceid.ProcessBusinessQuery("44437132CF6B4E919FE6FBFC5594FC44");
var bceidBusiness = await _bceid.ProcessBusinessQuery(userSettings.SiteMinderGuid);
// get the contact record.
MicrosoftDynamicsCRMcontact userContact = null;
// see if the contact exists.
userContact = await _dynamicsClient.GetContactBySiteminderGuid(contactSiteminderGuid);
if (userContact == null)
{
// create the user contact record.
userContact = new MicrosoftDynamicsCRMcontact();
// Adoxio_externalid is where we will store the guid from siteminder.
userContact.AdoxioExternalid = contactSiteminderGuid;
userContact.Fullname = userSettings.UserDisplayName;
userContact.Nickname = userSettings.UserDisplayName;
userContact.Employeeid = userSettings.UserId;
if (bceidBusiness != null)
{
// set contact according to item
userContact.Firstname = bceidBusiness.individualFirstname;
userContact.Middlename = bceidBusiness.individualMiddlename;
userContact.Lastname = bceidBusiness.individualSurname;
userContact.Emailaddress1 = bceidBusiness.contactEmail;
userContact.Telephone1 = bceidBusiness.contactPhone;
}
else
{
userContact.Firstname = userSettings.UserDisplayName.GetFirstName();
userContact.Lastname = userSettings.UserDisplayName.GetLastName();
}
userContact.Statuscode = 1;
}
// this may be an existing account, as this service is used during the account confirmation process.
MicrosoftDynamicsCRMaccount account = await _dynamicsClient.GetAccountBySiteminderBusinessGuid(accountSiteminderGuid);
if (account == null) // do a deep create. create 3 objects at once.
{
// create a new account
account = new MicrosoftDynamicsCRMaccount();
account.CopyValues(item, updateIfNull);
// business type must be set only during creation, not in update (removed from copyValues() )
account.AdoxioBusinesstype = (int)Enum.Parse(typeof(ViewModels.Adoxio_applicanttypecodes), item.businessType, true);
// ensure that we create an account for the current user.
account.AdoxioExternalid = accountSiteminderGuid;
account.Primarycontactid = userContact;
account.AdoxioAccounttype = (int)Adoxio_accounttypecodes.Applicant;
if (bceidBusiness != null)
{
account.Emailaddress1 = bceidBusiness.contactEmail;
account.Telephone1 = bceidBusiness.contactPhone;
account.Address1City = bceidBusiness.addressCity;
account.Address1Postalcode = bceidBusiness.addressPostal;
account.Address1Line1 = bceidBusiness.addressLine1;
account.Address1Line2 = bceidBusiness.addressLine2;
account.Address1Postalcode = bceidBusiness.addressPostal;
}
// sets Business type with numerical value found in Adoxio_applicanttypecodes
// using account.businessType which is set in bceid-confirmation.component.ts
account.AdoxioBusinesstype = (int)Enum.Parse(typeof(Adoxio_applicanttypecodes), item.businessType, true);
var legalEntity = new MicrosoftDynamicsCRMadoxioLegalentity()
{
AdoxioAccount = account,
AdoxioName = item.name,
AdoxioIsindividual = 0,
AdoxioIsapplicant = true
};
string legalEntityString = JsonConvert.SerializeObject(legalEntity);
_logger.LogError("Legal Entity Before --> " + legalEntityString);
legalEntity = await _dynamicsClient.Adoxiolegalentities.CreateAsync(legalEntity);
account.Accountid = legalEntity._adoxioAccountValue;
// fetch the account and get the created contact.
if (legalEntity.AdoxioAccount == null)
{
legalEntity.AdoxioAccount = await _dynamicsClient.GetAccountById(Guid.Parse(account.Accountid));
}
if (legalEntity.AdoxioAccount.Primarycontactid == null)
{
legalEntity.AdoxioAccount.Primarycontactid = await _dynamicsClient.GetContactById(Guid.Parse(legalEntity.AdoxioAccount._primarycontactidValue));
}
userContact.Contactid = legalEntity.AdoxioAccount._primarycontactidValue;
legalEntityString = JsonConvert.SerializeObject(legalEntity);
_logger.LogError("Legal Entity After --> " + legalEntityString);
}
else // it is a new user only.
{
userContact = await _dynamicsClient.Contacts.CreateAsync(userContact);
}
// always patch the userContact so it relates to the account.
// parent customer id relationship will be created using the method here:
//https://msdn.microsoft.com/en-us/library/mt607875.aspx
MicrosoftDynamicsCRMcontact patchUserContact = new MicrosoftDynamicsCRMcontact();
patchUserContact.ParentCustomerIdAccountODataBind = _dynamicsClient.GetEntityURI("accounts", account.Accountid);
try
{
await _dynamicsClient.Contacts.UpdateAsync(userContact.Contactid, patchUserContact);
}
catch (OdataerrorException odee)
{
_logger.LogError("Error binding contact to account");
_logger.LogError("Request:");
_logger.LogError(odee.Request.Content);
_logger.LogError("Response:");
_logger.LogError(odee.Response.Content);
}
// if we have not yet authenticated, then this is the new record for the user.
if (userSettings.IsNewUserRegistration)
{
userSettings.AccountId = account.Accountid.ToString();
userSettings.ContactId = userContact.Contactid.ToString();
// we can now authenticate.
if (userSettings.AuthenticatedUser == null)
{
Models.User user = new Models.User();
user.Active = true;
user.AccountId = Guid.Parse(userSettings.AccountId);
user.ContactId = Guid.Parse(userSettings.ContactId);
user.SmUserId = userSettings.UserId;
userSettings.AuthenticatedUser = user;
}
userSettings.IsNewUserRegistration = false;
string userSettingsString = JsonConvert.SerializeObject(userSettings);
_logger.LogError("AccountController --> " + userSettingsString);
// add the user to the session.
_httpContextAccessor.HttpContext.Session.SetString("UserSettings", userSettingsString);
}
else
{
throw new Exception("Oops not a new user registration");
}
//account.accountId = id;
result = account.ToViewModel();
return(Json(result));
}
/// <summary>
/// Process Authentication Request
/// </summary>
/// <returns></returns>
protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
// get siteminder headers
_logger.Debug("Parsing the HTTP headers for SiteMinder authentication credential");
string userId = null;
string devCompanyId = null;
string siteMinderGuid = "";
string siteMinderBusinessGuid = "";
string siteMinderUserType = "";
try
{
ClaimsPrincipal principal;
HttpContext context = Request.HttpContext;
UserSettings userSettings = new UserSettings();
IConfiguration _configuration = (IConfiguration)context.RequestServices.GetService(typeof(IConfiguration));
_dynamicsClient = (IDynamicsClient)context.RequestServices.GetService(typeof(IDynamicsClient));
FileManagerClient _fileManagerClient = (FileManagerClient)context.RequestServices.GetService(typeof(FileManagerClient));
IWebHostEnvironment hostingEnv = (IWebHostEnvironment)context.RequestServices.GetService(typeof(IWebHostEnvironment));
// Fail if login disabled
if (!string.IsNullOrEmpty(_configuration["FEATURE_DISABLE_LOGIN"]))
{
return(AuthenticateResult.Fail(_options.LoginDisabledError));
}
// Fail if coming from JS
if (context.Request.GetDisplayUrl().ToLower().Contains(".js"))
{
return(AuthenticateResult.NoResult());
}
// **************************************************
// Check if the user session is already created
// **************************************************
try
{
_logger.Debug("Checking user session");
userSettings = UserSettings.ReadUserSettings(context);
_logger.Debug("UserSettings found: " + userSettings.GetJson());
}
catch
{
//do nothing
_logger.Debug("No UserSettings found");
}
// is user authenticated - if so we're done
if ((userSettings.UserAuthenticated && string.IsNullOrEmpty(userId)) ||
(userSettings.UserAuthenticated && !string.IsNullOrEmpty(userId) &&
!string.IsNullOrEmpty(userSettings.UserId) && userSettings.UserId == userId))
{
_logger.Debug("User already authenticated with active session: " + userSettings.UserId);
principal = userSettings.AuthenticatedUser.ToClaimsPrincipal(_options.Scheme, userSettings.UserType);
return(AuthenticateResult.Success(new AuthenticationTicket(principal, null, Options.Scheme)));
}
// **************************************************
// Check if we have a Dev Environment Cookie
// **************************************************
if (!hostingEnv.IsProduction() &&
(!string.IsNullOrEmpty(context.Request.Cookies[_options.DevAuthenticationTokenKey]) ||
!string.IsNullOrEmpty(context.Request.Cookies[_options.DevBCSCAuthenticationTokenKey]) ||
!string.IsNullOrEmpty(context.Request.Headers[_options.DevAuthenticationTokenKey]) ||
!string.IsNullOrEmpty(context.Request.Headers[_options.DevBCSCAuthenticationTokenKey]))
)
{
try
{
return(await LoginDevUser(context, _dynamicsClient));
}
catch (Exception ex)
{
_logger.Information(ex.Message);
_logger.Information("Couldn't successfully login as dev user - continuing as regular user");
}
}
// **************************************************
// Authenticate based on SiteMinder Headers
// **************************************************
_logger.Debug("Parsing the HTTP headers for SiteMinder authentication credential");
_logger.Debug("Getting user data from headers");
if (!string.IsNullOrEmpty(context.Request.Headers[_options.SiteMinderUserDisplayNameKey]))
{
userSettings.UserDisplayName = context.Request.Headers[_options.SiteMinderUserDisplayNameKey];
}
if (!string.IsNullOrEmpty(context.Request.Headers[_options.SiteMinderBusinessLegalNameKey]))
{
userSettings.BusinessLegalName = context.Request.Headers[_options.SiteMinderBusinessLegalNameKey];
}
userId = context.Request.Headers[_options.SiteMinderUserNameKey];
if (string.IsNullOrEmpty(userId))
{
userId = context.Request.Headers[_options.SiteMinderUniversalIdKey];
}
siteMinderGuid = context.Request.Headers[_options.SiteMinderUserGuidKey];
siteMinderBusinessGuid = context.Request.Headers[_options.SiteMinderBusinessGuidKey];
siteMinderUserType = context.Request.Headers[_options.SiteMinderUserTypeKey];
// **************************************************
// Validate credentials
// **************************************************
if (string.IsNullOrEmpty(userId))
{
_logger.Debug(_options.MissingSiteMinderUserIdError);
return(AuthenticateResult.Fail(_options.MissingSiteMinderGuidError));
}
if (string.IsNullOrEmpty(siteMinderGuid))
{
_logger.Debug(_options.MissingSiteMinderGuidError);
return(AuthenticateResult.Fail(_options.MissingSiteMinderGuidError));
}
if (string.IsNullOrEmpty(siteMinderUserType))
{
_logger.Debug(_options.MissingSiteMinderUserTypeError);
return(AuthenticateResult.Fail(_options.MissingSiteMinderUserTypeError));
}
_logger.Debug("Loading user external id = " + siteMinderGuid);
// 3/18/2020 - Note that LoadUser will now work if there is a match on the guid, as well as a match on name in a case where there is no guid.
userSettings.AuthenticatedUser = await _dynamicsClient.LoadUser(siteMinderGuid, context.Request.Headers, _ms_logger);
_logger.Information("After getting authenticated user = "******" (" + userId + ")");
return(AuthenticateResult.Fail(_options.InactivegDbUserIdError));
}
// set the usertype to siteminder
if (userSettings.AuthenticatedUser != null &&
!string.IsNullOrEmpty(siteMinderUserType))
{
userSettings.AuthenticatedUser.UserType = siteMinderUserType;
}
userSettings.UserType = siteMinderUserType;
// Get the various claims for the current user.
ClaimsPrincipal userPrincipal = userSettings.AuthenticatedUser.ToClaimsPrincipal(_options.Scheme, userSettings.UserType);
// **************************************************
// Create authenticated user
// **************************************************
_logger.Debug("Authentication successful: " + userId);
_logger.Debug("Setting identity and creating session for: " + userId);
// create session info for the current user
userSettings.UserId = userId;
userSettings.UserAuthenticated = true;
userSettings.IsNewUserRegistration = userSettings.AuthenticatedUser == null;
// set other session info
userSettings.SiteMinderGuid = siteMinderGuid;
userSettings.SiteMinderBusinessGuid = siteMinderBusinessGuid;
_logger.Debug("Before getting contact and account ids = " + userSettings.GetJson());
if (userSettings.AuthenticatedUser != null)
{
userSettings.ContactId = userSettings.AuthenticatedUser.ContactId.ToString();
// ensure that the given account has a documents folder.
if (siteMinderBusinessGuid != null) // BCeID user
{
var contact = _dynamicsClient.GetActiveContactByExternalId(userSettings.ContactId);
if (contact == null)
{
// try by other means.
var contactVM = new Public.ViewModels.Contact();
contactVM.CopyHeaderValues(context.Request.Headers);
contact = _dynamicsClient.GetContactByContactVmBlankSmGuid(contactVM);
}
if (contact != null && contact.Contactid != null)
{
await CreateContactDocumentLocation(_dynamicsClient, _fileManagerClient, contact);
}
var account = await _dynamicsClient.GetAccountBySiteminderBusinessGuid(siteMinderBusinessGuid);
if (account == null)
{
// try by other means.
account = _dynamicsClient.GetAccountByLegalName(userSettings.BusinessLegalName);
}
if (account != null && account.Accountid != null)
{
userSettings.AccountId = account.Accountid;
userSettings.AuthenticatedUser.AccountId = Guid.Parse(account.Accountid);
// ensure that the given account has a documents folder.
await CreateAccountDocumentLocation(_dynamicsClient, _fileManagerClient, account);
}
}
}
// add the worker settings if it is a new user.
if (userSettings.IsNewUserRegistration)
{
userSettings.NewWorker = new Worker();
userSettings.NewWorker.CopyHeaderValues(context.Request.Headers);
userSettings.NewContact = new Contact();
userSettings.NewContact.CopyHeaderValues(context.Request.Headers);
}
else if (siteMinderUserType == "VerifiedIndividual")
{
await HandleVerifiedIndividualLogin(userSettings, context);
if (HttpUtility.ParseQueryString(context.Request.QueryString.ToString()).Get("path") != "cannabis-associate-screening")
{
await HandleWorkerLogin(userSettings, context);
}
}
// **************************************************
// Update user settings
// **************************************************
UserSettings.SaveUserSettings(userSettings, context);
return(AuthenticateResult.Success(new AuthenticationTicket(userPrincipal, null, Options.Scheme)));
}
catch (Exception exception)
{
_logger.Error(exception.Message);
throw;
}
}
/// <summary>
/// Process Authentication Request
/// </summary>
/// <returns></returns>
protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
// get siteminder headers
_logger.LogDebug("Parsing the HTTP headers for SiteMinder authentication credential");
SiteMinderAuthOptions options = new SiteMinderAuthOptions();
bool isDeveloperLogin = false;
bool isBCSCDeveloperLogin = false;
try
{
ClaimsPrincipal principal;
HttpContext context = Request.HttpContext;
IConfiguration _configuration = (IConfiguration)context.RequestServices.GetService(typeof(IConfiguration));
IDynamicsClient _dynamicsClient = (IDynamicsClient)context.RequestServices.GetService(typeof(IDynamicsClient));
FileManagerClient _fileManagerClient = (FileManagerClient)context.RequestServices.GetService(typeof(FileManagerClient));
IWebHostEnvironment hostingEnv = (IWebHostEnvironment)context.RequestServices.GetService(typeof(IWebHostEnvironment));
UserSettings userSettings = new UserSettings();
if (!string.IsNullOrEmpty(_configuration["FEATURE_DISABLE_LOGIN"]))
{
return(AuthenticateResult.Fail(options.LoginDisabledError));
}
string userId = null;
string devCompanyId = null;
string siteMinderGuid = "";
string siteMinderBusinessGuid = "";
string siteMinderUserType = "";
// **************************************************
// If this is an Error or Authentiation API - Ignore
// **************************************************
string url = context.Request.GetDisplayUrl().ToLower();
if (url.Contains(".js"))
{
return(AuthenticateResult.NoResult());
}
// **************************************************
// Check if we have a Dev Environment Cookie
// **************************************************
if (!hostingEnv.IsProduction())
{
// check for a fake BCeID login in dev mode
string temp = context.Request.Cookies[options.DevAuthenticationTokenKey];
if (string.IsNullOrEmpty(temp)) // could be an automated test user.
{
temp = context.Request.Headers["DEV-USER"];
}
if (!string.IsNullOrEmpty(temp))
{
if (temp.Contains("::"))
{
var temp2 = temp.Split("::");
userId = temp2[0];
if (temp2.Length >= 2)
{
devCompanyId = temp2[1];
}
else
{
devCompanyId = temp2[0];
}
}
else
{
userId = temp;
devCompanyId = temp;
}
isDeveloperLogin = true;
_logger.LogDebug("Got user from dev cookie = " + userId + ", company = " + devCompanyId);
}
else
{
// same set of tests for a BC Services Card dev login
temp = context.Request.Cookies[options.DevBCSCAuthenticationTokenKey];
if (string.IsNullOrEmpty(temp)) // could be an automated test user.
{
temp = context.Request.Headers["DEV-BCSC-USER"];
}
if (!string.IsNullOrEmpty(temp))
{
userId = temp;
isBCSCDeveloperLogin = true;
_logger.LogDebug("Got user from dev cookie = " + userId);
}
}
}
// **************************************************
// Check if the user session is already created
// **************************************************
try
{
_logger.LogDebug("Checking user session");
userSettings = UserSettings.ReadUserSettings(context);
_logger.LogDebug("UserSettings found: " + userSettings.GetJson());
}
catch
{
//do nothing
_logger.LogDebug("No UserSettings found");
}
// is user authenticated - if so we're done
if ((userSettings.UserAuthenticated && string.IsNullOrEmpty(userId)) ||
(userSettings.UserAuthenticated && !string.IsNullOrEmpty(userId) &&
!string.IsNullOrEmpty(userSettings.UserId) && userSettings.UserId == userId))
{
_logger.LogDebug("User already authenticated with active session: " + userSettings.UserId);
principal = userSettings.AuthenticatedUser.ToClaimsPrincipal(options.Scheme, userSettings.UserType);
return(AuthenticateResult.Success(new AuthenticationTicket(principal, null, Options.Scheme)));
}
string smgov_userdisplayname = context.Request.Headers["smgov_userdisplayname"];
if (!string.IsNullOrEmpty(smgov_userdisplayname))
{
userSettings.UserDisplayName = smgov_userdisplayname;
}
string smgov_businesslegalname = context.Request.Headers["smgov_businesslegalname"];
if (!string.IsNullOrEmpty(smgov_businesslegalname))
{
userSettings.BusinessLegalName = smgov_businesslegalname;
}
// **************************************************
// Authenticate based on SiteMinder Headers
// **************************************************
_logger.LogDebug("Parsing the HTTP headers for SiteMinder authentication credential");
// At this point userID would only be set if we are logging in through as a DEV user
if (string.IsNullOrEmpty(userId))
{
_logger.LogDebug("Getting user data from headers");
userId = context.Request.Headers[options.SiteMinderUserNameKey];
if (string.IsNullOrEmpty(userId))
{
userId = context.Request.Headers[options.SiteMinderUniversalIdKey];
}
siteMinderGuid = context.Request.Headers[options.SiteMinderUserGuidKey];
siteMinderBusinessGuid = context.Request.Headers[options.SiteMinderBusinessGuidKey];
siteMinderUserType = context.Request.Headers[options.SiteMinderUserTypeKey];
// **************************************************
// Validate credentials
// **************************************************
if (string.IsNullOrEmpty(userId))
{
_logger.LogDebug(options.MissingSiteMinderUserIdError);
return(AuthenticateResult.Fail(options.MissingSiteMinderGuidError));
}
if (string.IsNullOrEmpty(siteMinderGuid))
{
_logger.LogDebug(options.MissingSiteMinderGuidError);
return(AuthenticateResult.Fail(options.MissingSiteMinderGuidError));
}
if (string.IsNullOrEmpty(siteMinderUserType))
{
_logger.LogDebug(options.MissingSiteMinderUserTypeError);
return(AuthenticateResult.Fail(options.MissingSiteMinderUserTypeError));
}
}
else // DEV user, setup a fake session and SiteMinder headers.
{
if (isDeveloperLogin)
{
_logger.LogDebug("Generating a Development user");
userSettings.BusinessLegalName = devCompanyId + " TestBusiness";
userSettings.UserDisplayName = userId + " TestUser";
siteMinderGuid = GuidUtility.CreateIdForDynamics("contact", userSettings.UserDisplayName).ToString();
siteMinderBusinessGuid = GuidUtility.CreateIdForDynamics("account", userSettings.BusinessLegalName).ToString();
siteMinderUserType = "Business";
}
else if (isBCSCDeveloperLogin)
{
_logger.LogDebug("Generating a Development BC Services user");
userSettings.BusinessLegalName = null;
userSettings.UserDisplayName = userId + " Associate";
siteMinderGuid = GuidUtility.CreateIdForDynamics("bcsc", userSettings.UserDisplayName).ToString();
siteMinderBusinessGuid = null;
siteMinderUserType = "VerifiedIndividual";
}
}
// Previously the code would do a database lookup here. However there is no backing database for the users table now,
// so we just do a Dynamics lookup on the siteMinderGuid.
_logger.LogDebug("Loading user external id = " + siteMinderGuid);
// 3/18/2020 - Note that LoadUser will now work if there is a match on the guid, as well as a match on name in a case where there is no guid.
userSettings.AuthenticatedUser = await _dynamicsClient.LoadUser(siteMinderGuid, context.Request.Headers, _logger);
_logger.LogDebug("After getting authenticated user = "******" (" + userId + ")");
return(AuthenticateResult.Fail(options.InactivegDbUserIdError));
}
if (userSettings.AuthenticatedUser != null && !String.IsNullOrEmpty(siteMinderUserType))
{
userSettings.AuthenticatedUser.UserType = siteMinderUserType;
}
userSettings.UserType = siteMinderUserType;
// This line gets the various claims for the current user.
ClaimsPrincipal userPrincipal = userSettings.AuthenticatedUser.ToClaimsPrincipal(options.Scheme, userSettings.UserType);
// **************************************************
// Create authenticated user
// **************************************************
_logger.LogDebug("Authentication successful: " + userId);
_logger.LogDebug("Setting identity and creating session for: " + userId);
// create session info for the current user
userSettings.UserId = userId;
userSettings.UserAuthenticated = true;
userSettings.IsNewUserRegistration = userSettings.AuthenticatedUser == null;
// set other session info
userSettings.SiteMinderGuid = siteMinderGuid;
userSettings.SiteMinderBusinessGuid = siteMinderBusinessGuid;
_logger.LogDebug("Before getting contact and account ids = " + userSettings.GetJson());
if (userSettings.AuthenticatedUser != null)
{
userSettings.ContactId = userSettings.AuthenticatedUser.ContactId.ToString();
// ensure that the given account has a documents folder.
if (siteMinderBusinessGuid != null) // BCeID user
{
var contact = _dynamicsClient.GetContactByExternalId(userSettings.ContactId);
if (contact == null)
{
// try by other means.
var contactVM = new Public.ViewModels.Contact();
contactVM.CopyHeaderValues(context.Request.Headers);
contact = _dynamicsClient.GetContactByContactVmBlankSmGuid(contactVM);
}
if (contact != null && contact.Contactid != null)
{
await CreateContactDocumentLocation(_dynamicsClient, _fileManagerClient, contact);
}
var account = await _dynamicsClient.GetAccountBySiteminderBusinessGuid(siteMinderBusinessGuid);
if (account == null)
{
// try by other means.
account = _dynamicsClient.GetAccountByLegalName(userSettings.BusinessLegalName);
}
if (account != null && account.Accountid != null)
{
userSettings.AccountId = account.Accountid;
userSettings.AuthenticatedUser.AccountId = Guid.Parse(account.Accountid);
// ensure that the given account has a documents folder.
await CreateAccountDocumentLocation(_dynamicsClient, _fileManagerClient, account);
}
}
}
if (!hostingEnv.IsProduction() && (isDeveloperLogin || isBCSCDeveloperLogin))
{
_logger.LogDebug("DEV MODE Setting identity and creating session for: " + userId);
if (isDeveloperLogin)
{
userSettings.BusinessLegalName = devCompanyId + " TestBusiness";
userSettings.UserDisplayName = userId + " TestUser";
// add generated guids
userSettings.SiteMinderBusinessGuid = GuidUtility.CreateIdForDynamics("account", userSettings.BusinessLegalName).ToString();
userSettings.SiteMinderGuid = GuidUtility.CreateIdForDynamics("contact", userSettings.UserDisplayName).ToString();
}
else if (isBCSCDeveloperLogin)
{
userSettings.BusinessLegalName = null;
userSettings.UserDisplayName = userId + " Associate";
// add generated guids
userSettings.SiteMinderBusinessGuid = null;
userSettings.SiteMinderGuid = GuidUtility.CreateIdForDynamics("bcsc", userSettings.UserDisplayName).ToString();
}
if (userSettings.IsNewUserRegistration)
{
if (isDeveloperLogin)
{
// add generated guids
// set to null to indicate that the user is still registering the account
userSettings.AccountId = null;
userSettings.ContactId = null;
}
else if (isBCSCDeveloperLogin)
{
// set to null for now
userSettings.AccountId = null;
userSettings.ContactId = null;
}
_logger.LogDebug("New user registration:" + userSettings.UserDisplayName);
_logger.LogDebug("userSettings.SiteMinderBusinessGuid:" + userSettings.SiteMinderBusinessGuid);
_logger.LogDebug("userSettings.SiteMinderGuid:" + userSettings.SiteMinderGuid);
_logger.LogDebug("userSettings.AccountId:" + userSettings.AccountId);
_logger.LogDebug("userSettings.ContactId:" + userSettings.ContactId);
}
// Set account ID from authenticated user
else if (userSettings.AuthenticatedUser != null)
{
// populate the business GUID.
if (string.IsNullOrEmpty(userSettings.AccountId))
{
userSettings.AccountId = userSettings.AuthenticatedUser.AccountId.ToString();
}
if (string.IsNullOrEmpty(userSettings.ContactId))
{
userSettings.ContactId = userSettings.AuthenticatedUser.ContactId.ToString();
}
_logger.LogDebug("Returning user:"******"userSettings.AccountId:" + userSettings.AccountId);
_logger.LogDebug("userSettings.ContactId:" + userSettings.ContactId);
}
}
// add the worker settings if it is a new user.
if (userSettings.IsNewUserRegistration)
{
userSettings.NewWorker = new ViewModels.Worker();
userSettings.NewWorker.CopyHeaderValues(context.Request.Headers);
userSettings.NewContact = new ViewModels.Contact();
userSettings.NewContact.CopyHeaderValues(context.Request.Headers);
if (isBCSCDeveloperLogin)
{
userSettings.NewWorker.firstname = userId;
userSettings.NewWorker.lastname = "Associate";
userSettings.NewContact.firstname = userId;
userSettings.NewContact.lastname = "Associate";
}
}
else if (siteMinderUserType == "VerifiedIndividual")
{
// Verified individual is from BC Service Card which means it's a worker
// Update contact and worker with latest info from BC Service Card
MicrosoftDynamicsCRMadoxioWorkerCollection workerCollection = _dynamicsClient.Workers.Get(filter: $"_adoxio_contactid_value eq {userSettings.ContactId}");
if (workerCollection.Value.Count > 0)
{
MicrosoftDynamicsCRMadoxioWorker savedWorker = workerCollection.Value[0];
ViewModels.Contact contact = new ViewModels.Contact();
contact.CopyHeaderValues(context.Request.Headers);
MicrosoftDynamicsCRMcontact savedContact = _dynamicsClient.Contacts.GetByKey(userSettings.ContactId);
if (savedContact.Address1Line1 != null && savedContact.Address1Line1 != contact.address1_line1)
{
MicrosoftDynamicsCRMadoxioPreviousaddress prevAddress = new MicrosoftDynamicsCRMadoxioPreviousaddress()
{
AdoxioStreetaddress = savedContact.Address1Line1,
AdoxioProvstate = savedContact.Address1Stateorprovince,
AdoxioCity = savedContact.Address1City,
AdoxioCountry = savedContact.Address1Country,
AdoxioPostalcode = savedContact.Address1Postalcode,
ContactIdODataBind = _dynamicsClient.GetEntityURI("contacts", savedContact.Contactid)
};
_dynamicsClient.Previousaddresses.Create(prevAddress);
}
_dynamicsClient.Contacts.Update(userSettings.ContactId, contact.ToModel());
ViewModels.Worker worker = new ViewModels.Worker();
worker.CopyHeaderValues(context.Request.Headers);
MicrosoftDynamicsCRMadoxioWorker patchWorker = new MicrosoftDynamicsCRMadoxioWorker()
{
AdoxioFirstname = worker.firstname,
AdoxioLastname = worker.lastname,
AdoxioMiddlename = worker.middlename
};
if (worker.gender != 0)
{
patchWorker.AdoxioGendercode = (int)worker.gender;
}
_dynamicsClient.Workers.Update(savedWorker.AdoxioWorkerid, patchWorker);
var updatedWorker = await _dynamicsClient.GetWorkerByIdWithChildren(savedWorker.AdoxioWorkerid);
// only create the worker document location if the FEATURE_NO_WET_SIGNATURE setting is blank
if (string.IsNullOrEmpty(_configuration["FEATURE_NO_WET_SIGNATURE"]))
{
// ensure that the worker has a documents folder.
await CreateWorkerDocumentLocation(_dynamicsClient, _fileManagerClient, updatedWorker);
}
}
}
// **************************************************
// Update user settings
// **************************************************
UserSettings.SaveUserSettings(userSettings, context);
// done!
principal = userPrincipal;
return(AuthenticateResult.Success(new AuthenticationTicket(principal, null, Options.Scheme)));
}
catch (Exception exception)
{
_logger.LogError(exception.Message);
throw;
}
}