public void GetUserSsoURL()
{
string userId = _userId;
SsoUrl user = Client.GenerateSsoURLAsync(userId).Result;
Assert.IsNotNull(user);
Assert.IsNotNull(user.Url);
}
public void GetUserSsoURL()
{
string userId = "66da331f7a1c49d98ac8a4ad136c7c64";
SsoUrl user = Client.GenerateSsoURLAsync(userId).Result;
Assert.IsNotNull(user);
Assert.IsNotNull(user.Url);
}
public async Task <ActionResult> Delegate()
{
string key = "A83LOoMIlPULlEBu9GuIoZoT9HSMHhGZTlvjhw6FNgMO0gTSis4u0otFPdcelheOF7asMs6pQUSP66w8EqbBOg==";
string returnUrl = Request.QueryString["returnUrl"];
string productId = Request.QueryString["productId"];
string subscriptionId = Request.QueryString["subscriptionId"];
string userId = Request.QueryString["userId"];
string salt = Request.QueryString["salt"];
string operations = Request.QueryString["operation"];
string signature = string.Empty;
//First, validate the signature of the request
var encoder = new HMACSHA512(Convert.FromBase64String(key));
switch (operations)
{
case "SignIn":
signature = Convert.ToBase64String(encoder.ComputeHash(Encoding.UTF8.GetBytes(salt + "\n" + returnUrl)));
break;
case "Subscribe":
signature = Convert.ToBase64String(encoder.ComputeHash(Encoding.UTF8.GetBytes(salt + "\n" + productId + "\n" + userId)));
break;
case "Unsubscribe":
signature = Convert.ToBase64String(encoder.ComputeHash(Encoding.UTF8.GetBytes(salt + "\n" + subscriptionId)));
break;
case "ChangeProfile":
case "ChangePassword":
signature = Convert.ToBase64String(encoder.ComputeHash(Encoding.UTF8.GetBytes(salt + "\n" + userId)));
break;
default:
break;
}
if (signature == Request.QueryString["sig"])
{
//Signature matches / delegation request is legitimate
//Now, process the request
switch (Request.QueryString["operation"])
{
case "SignIn":
if (!User.Identity.IsAuthenticated)
{
//User not authenticated, so ask them to go through login flow first
return(RedirectToAction("LogIn", "Account"));
}
else
{
//User is authenticated, so get SSO token and login
//create user in APIM as well
using (var client = new HttpClient())
{
client.BaseAddress = new Uri(ApimRestHost);
client.DefaultRequestHeaders.Add("Authorization", ApimRestAuthHeader());
HttpResponseMessage response = await client.PostAsync("users/" + User.Identity.GetUserId() + "/generateSsoUrl?api-version=" + ApimRestApiVersion, this.GetContent(""));
if (response.IsSuccessStatusCode)
{
//We got an SSO token - redirect
HttpContent receiveStream = response.Content;
var SsoUrlJson = await receiveStream.ReadAsStringAsync();
SsoUrl su = DeserializeToJson <SsoUrl>(SsoUrlJson);
//Currently this is returing the old developer portal url, if you want to implement it with new developer portal please use .Replace("portal","developer") or similar to get it to work.
//We have work item for this and should be fixed soon.
//return Redirect(su.value.Replace(".portal.", ".developer."));
return(Redirect(su.value));
}
else
{
@ViewBag.Message = "APIM REST Connection Error: " + response.StatusCode;
return(View());
}
}
}
case "Subscribe":
case "Unsubscribe":
return(RedirectToAction("Product", "Account", new { operation = operations, returnUrl = returnUrl, productId = productId, userId = userId, subscriptionId = subscriptionId }));
case "ChangeProfile":
case "ChangePassword":
return(RedirectToAction("Manage", "Account", new { returnUrl = returnUrl }));
default:
return(View());
}
}
else
{
ViewBag.Message = "Signature validation failed";
return(View());
}
}
public async Task <ActionResult> Delegate()
{
string key = "A83LOoMIlPULlEBu9GuIoZoT9HSMHhGZTlvjhw6FNgMO0gTSis4u0otFPdcelheOF7asMs6pQUSP66w8EqbBOg==";
string returnUrl = Request.QueryString["returnUrl"];
string productId = Request.QueryString["productId"];
string subscriptionId = Request.QueryString["subscriptionId"];
string userId = Request.QueryString["userId"];
string salt = Request.QueryString["salt"];
string signature;
//First, validate the signature of the request
var encoder = new HMACSHA512(Convert.FromBase64String(key));
switch (Request.QueryString["operation"])
{
case "SignIn":
signature = Convert.ToBase64String(encoder.ComputeHash(Encoding.UTF8.GetBytes(salt + "\n" + returnUrl)));
break;
case "Subscribe":
signature = Convert.ToBase64String(encoder.ComputeHash(Encoding.UTF8.GetBytes(salt + "\n" + productId + "\n" + userId)));
break;
case "Unsubscribe":
signature = Convert.ToBase64String(encoder.ComputeHash(Encoding.UTF8.GetBytes(salt + "\n" + subscriptionId)));
break;
case "ChangeProfile":
case "ChangePassword":
signature = Convert.ToBase64String(encoder.ComputeHash(Encoding.UTF8.GetBytes(salt + "\n" + userId)));
break;
default:
signature = "";
break;
}
if (signature == Request.QueryString["sig"])
{
//Signature matches / delegation request is legitimate
//Now, process the request
switch (Request.QueryString["operation"])
{
case "SignIn":
if (!User.Identity.IsAuthenticated)
{
//User not authenticated, so ask them to go through login flow first
return(RedirectToAction("LogIn", "Account"));
}
else
{
//User is authenticated, so get SSO token and login
//create user in APIM as well
using (var client = new HttpClient())
{
client.BaseAddress = new Uri(ApimRestHost);
client.DefaultRequestHeaders.Add("Authorization", ApimRestAuthHeader());
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("text/json"));
HttpResponseMessage response = await client.PostAsync("/users/" + User.Identity.GetUserId() + "/generateSsoUrl?api-version=" + ApimRestApiVersion, new StringContent("", Encoding.UTF8, "text/json"));
if (response.IsSuccessStatusCode)
{
//We got an SSO token - redirect
HttpContent receiveStream = response.Content;
var SsoUrlJson = await receiveStream.ReadAsStringAsync();
SsoUrl su = DeserializeToJson <SsoUrl>(SsoUrlJson);
return(Redirect(su.value));
}
else
{
@ViewBag.Message = "APIM REST Connection Error: " + response.StatusCode;
return(View());
}
}
}
break;
case "Subscribe":
case "Unsubscribe":
return(RedirectToAction("Product", "Account", new { operation = Request.QueryString["operation"], returnUrl = Request.QueryString["returnUrl"], productId = Request.QueryString["productId"], userId = Request.QueryString["userId"], subscriptionId = Request.QueryString["subscriptionId"] }));
break;
case "ChangeProfile":
case "ChangePassword":
return(RedirectToAction("Manage", "Account", new { returnUrl = Request.QueryString["returnUrl"] }));
break;
default:
return(View());
}
}
else
{
ViewBag.Message = "Signature validation failed";
return(View());
}
}
