protected override void OnLoad(EventArgs e) { string action = this.Request.QueryString[WSFederationConstants.Parameters.Action]; if (action == WSFederationConstants.Actions.SignOut || action == WSFederationConstants.Actions.SignOutCleanup) { // Process signout request. SimulatedWindowsAuthenticationOperations.LogOutUser(this.Request, this.Response); WSFederationMessage requestMessage = WSFederationMessage.CreateFromUri(this.Request.Url); FederatedPassiveSecurityTokenServiceOperations.ProcessSignOutRequest(requestMessage, this.User, null, this.Response); this.ActionExplanationLabel.Text = @"Sign out from the issuer has been requested."; this.SignOutRelyingParties(); SingleSignOnManager.Clear(); } else { throw new InvalidOperationException( String.Format( CultureInfo.InvariantCulture, "The action '{0}' (Request.QueryString['{1}']) is unexpected. Expected actions are: '{2}' or '{3}'.", String.IsNullOrEmpty(action) ? "<EMPTY>" : action, WSFederationConstants.Parameters.Action, WSFederationConstants.Actions.SignIn, WSFederationConstants.Actions.SignOut)); } base.OnLoad(e); }
public ActionResult Issue() { Tracing.Verbose("WS-Federation endpoint called."); if (!ConfigurationRepository.Endpoints.WSFederation) { return(new HttpNotFoundResult()); } var message = WSFederationMessage.CreateFromUri(HttpContext.Request.Url); // sign in var signinMessage = message as SignInRequestMessage; if (signinMessage != null) { return(ProcessWSFederationSignIn(signinMessage, HttpContext.User)); } // sign out var signoutMessage = message as SignOutRequestMessage; if (signoutMessage != null) { return(ProcessWSFederationSignOut(signoutMessage)); } return(View("Error")); }
private string GetContextFromRequest() { Uri requestBaseUrl = WSFederationMessage.GetBaseUrl(this.Request.Url); WSFederationMessage message = WSFederationMessage.CreateFromNameValueCollection(requestBaseUrl, this.Request.Form); return(message != null && message.Context != null?Uri.UnescapeDataString(message.Context) : string.Empty); }
/// <summary> /// Process Saml2 request /// </summary> /// <returns></returns> public ActionResult Issue() { Tracing.Verbose("HRD endpoint called."); var message = WSFederationMessage.CreateFromUri(HttpContext.Request.Url); var signinMessage = message as SignInRequestMessage; if (signinMessage != null) { IdentityProvider idp; //hardcoded for testing purpose IdentityProviderRepository.TryGet("OIOSAML", out idp); if (idp == null) { return(View("Error")); } try { if (idp.Type == IdentityProviderTypes.Saml2) { return(ProcessSaml2SignIn(idp, signinMessage)); } } catch (Exception ex) { Tracing.Error(ex.ToString()); } } return(View("Error")); }
public ActionResult Issue() { Tracing.Start("WS-Federation endpoint."); if (!ConfigurationRepository.WSFederation.Enabled && ConfigurationRepository.WSFederation.EnableAuthentication) { return(new HttpNotFoundResult()); } var message = WSFederationMessage.CreateFromUri(HttpContext.Request.Url); // sign in var signinMessage = message as SignInRequestMessage; if (signinMessage != null) { return(ProcessWSFederationSignIn(signinMessage, ClaimsPrincipal.Current)); } // sign out var signoutMessage = message as SignOutRequestMessage; if (signoutMessage != null) { return(ProcessWSFederationSignOut(signoutMessage)); } return(View("Error")); }
protected void Page_Load() { string action = this.Request.QueryString[WSFederationConstants.Parameters.Action]; if (action == WSFederationConstants.Actions.SignIn) { // Process signin request. if (SimulatedWindowsAuthenticationOperations.TryToAuthenticateUser(this.Context, this.Request, this.Response)) { SecurityTokenService sts = new IdentityProviderSecurityTokenService(IdentityProviderSecurityTokenServiceConfiguration.Current); var requestMessage = (SignInRequestMessage)WSFederationMessage.CreateFromUri(this.Request.Url); SignInResponseMessage responseMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(requestMessage, this.User, sts); FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse(responseMessage, this.Response); } } else if (action == WSFederationConstants.Actions.SignOut) { // Process signout request in the default page. this.Response.Redirect("~/?" + this.Request.QueryString, false); } else { throw new InvalidOperationException( String.Format( CultureInfo.InvariantCulture, "The action '{0}' (Request.QueryString['{1}']) is unexpected. Expected actions are: '{2}' or '{3}'.", String.IsNullOrEmpty(action) ? "<EMPTY>" : action, WSFederationConstants.Parameters.Action, WSFederationConstants.Actions.SignIn, WSFederationConstants.Actions.SignOut)); } }
public async Task <IHttpActionResult> Get() { Logger.Info("Start WS-Federation request"); Logger.Debug(Request.RequestUri.AbsoluteUri); WSFederationMessage message; if (WSFederationMessage.TryCreateFromUri(Request.RequestUri, out message)) { var signin = message as SignInRequestMessage; if (signin != null) { Logger.Info("WsFederation signin request"); return(await ProcessSignInAsync(signin)); } var signout = message as SignOutRequestMessage; if (signout != null) { Logger.Info("WsFederation signout request"); return(RedirectToRoute(Constants.RouteNames.LogoutPrompt, null)); } } return(BadRequest("Invalid WS-Federation request")); }
public async Task <IHttpActionResult> Get() { Logger.Info("Start WS-Federation request"); Logger.Debug(Request.RequestUri.AbsoluteUri); WSFederationMessage message; if (WSFederationMessage.TryCreateFromUri(Request.RequestUri, out message)) { var signin = message as SignInRequestMessage; if (signin != null) { Logger.Info("WsFederation signin request"); return(await ProcessSignInAsync(signin)); } var signout = message as SignOutRequestMessage; if (signout != null) { Logger.Info("WsFederation signout request"); var url = this.Request.GetOwinContext().Environment.GetIdentityServerLogoutUrl(); return(Redirect(url)); } } return(BadRequest("Invalid WS-Federation request")); }
public RelyingParty GetRelyingPartyDetailsFromReturnUrl(string returnUrl) { if (string.IsNullOrWhiteSpace(returnUrl)) { return(null); } var url = HttpUtility.UrlDecode(returnUrl); Uri uri; if (Uri.TryCreate("http://foo.com" + url, UriKind.Absolute, out uri)) { WSFederationMessage message; if (WSFederationMessage.TryCreateFromUri(uri, out message)) { var signin = message as SignInRequestMessage; if (signin != null) { return(GetRelyingPartyDetails(signin.Realm)); } } } return(null); }
private string GetContextFromRequest() { Uri requestBaseUrl = WSFederationMessage.GetBaseUrl(this.Request.Url); var message = WSFederationMessage.CreateFromNameValueCollection(requestBaseUrl, this.Request.Form); return(message != null ? message.Context : string.Empty); }
private static void ProcessSignOut(Uri uri, ClaimsPrincipal user, HttpResponse response) { // Prepare url to internal logout page (which signs-out of all relying parties). string url = uri.OriginalString; int index = url.IndexOf("&wreply="); if (index != -1) { index += 8; string baseUrl = url.Substring(0, index); string wreply = url.Substring(index, url.Length - index); // Get the base url (domain and port). string strPathAndQuery = uri.PathAndQuery; string hostUrl = uri.AbsoluteUri.Replace(strPathAndQuery, "/"); wreply = HttpUtility.UrlEncode(hostUrl + "logout?wreply=" + wreply); url = baseUrl + wreply; } // Redirect user to logout page (which signs out of all relying parties and redirects back to originating relying party). uri = new Uri(url); var requestMessage = (SignOutRequestMessage)WSFederationMessage.CreateFromUri(uri); FederatedPassiveSecurityTokenServiceOperations.ProcessSignOutRequest(requestMessage, user, requestMessage.Reply, response); }
public async Task <IHttpActionResult> Get() { Logger.Info("Start WS-Federation request"); Logger.DebugFormat("AbsoluteUri: [{0}]", Request.RequestUri.AbsoluteUri); WSFederationMessage message; Uri publicRequestUri = GetPublicRequestUri(); Logger.DebugFormat("PublicUri: [{0}]", publicRequestUri); if (WSFederationMessage.TryCreateFromUri(publicRequestUri, out message)) { var signin = message as SignInRequestMessage; if (signin != null) { Logger.Info("WsFederation signin request"); return(await ProcessSignInAsync(signin)); } var signout = message as SignOutRequestMessage; if (signout != null) { Logger.Info("WsFederation signout request"); return(await ProcessSignOutAsync(signout)); } } return(BadRequest("Invalid WS-Federation request")); }
public ActionResult ProcessRequest() { Tracing.Verbose("HRD endpoint called."); var message = WSFederationMessage.CreateFromUri(HttpContext.Request.Url); // sign in var signinMessage = message as SignInRequestMessage; if (signinMessage != null) { return(ProcessSignInRequest(signinMessage)); } // sign out var signoutMessage = message as SignOutRequestMessage; if (signoutMessage != null) { return(ProcessWSFedSignOutRequest(signoutMessage)); } // sign out cleanup var cleanupMessage = message as SignOutCleanupRequestMessage; if (cleanupMessage != null) { return(ProcessWSFedSignOutCleanupRequest(cleanupMessage)); } return(View("Error")); }
protected override bool IsValidRequestString( HttpContext context, string value, RequestValidationSource requestValidationSource, string collectionKey, out int validationFailureIndex) { validationFailureIndex = 0; if (requestValidationSource == RequestValidationSource.Form && collectionKey.Equals(WSFederationConstants.Parameters.Result, StringComparison.Ordinal)) { //创建登录消息 //SignInResponseMessage message = WSFederationMessage.CreateFromFormPost(context.Request) as SignInResponseMessage; //只要是WSFed的消息都算合法验证 WSFederationMessage message = WSFederationMessage.CreateFromFormPost(context.Request); if (message != null) { return(true); } } return(base.IsValidRequestString(context, value, requestValidationSource, collectionKey, out validationFailureIndex)); }
public Stream Issue(string realm, string wctx, string wct, string wreply) { MemoryStream stream = new MemoryStream(); StreamWriter writer = new StreamWriter(stream, Encoding.UTF8); string fullRequest = Constants.HttpLocalhost + Constants.Port + Constants.WSFedStsIssue + string.Format("?wa=wsignin1.0&wtrealm={0}&wctx={1}&wct={2}&wreply={3}", realm, HttpUtility.UrlEncode(wctx), wct, wreply); SignInRequestMessage requestMessage = (SignInRequestMessage)WSFederationMessage.CreateFromUri(new Uri(fullRequest)); ClaimsIdentity identity = new ClaimsIdentity(AuthenticationTypes.Federation); identity.AddClaim(new Claim(ClaimTypes.Name, "foo")); ClaimsPrincipal principal = new ClaimsPrincipal(identity); SignInResponseMessage responseMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(requestMessage, principal, this.securityTokenService); responseMessage.Write(writer); writer.Flush(); stream.Position = 0; WebOperationContext.Current.OutgoingResponse.ContentType = "text/html"; return(stream); }
public ActionResult LogOn(FormCollection forms) { using (new Service.PerformanceMonitor()) { var newUser = this.Register(User.Identity); var message = WSFederationMessage.CreateFromNameValueCollection(new Uri("http://www.notused.com"), forms); var returnUrl = message != null ? message.Context : null; if (string.IsNullOrWhiteSpace(returnUrl)) { if (newUser) { //return RedirectToAction("Details", "Apps", new { appId = Guid.Empty }); return(RedirectToAction("Profile", "Account")); } else { return(RedirectToAction("Index", "Home")); } } else { return(Redirect(returnUrl)); } } }
public ActionResult Index() { var message = WSFederationMessage.CreateFromUri(Request.Url); var signInMsg = message as SignInRequestMessage; if (signInMsg != null) { var user = GetUser(); if (user != null) { return(ProcessSignIn(signInMsg, user)); } else { return(ShowUserList()); } } var signOutMsg = message as SignOutRequestMessage; if (signOutMsg != null) { return(ProcessSignOut(signOutMsg)); } return(new EmptyResult()); }
public async Task <IActionResult> Index() { // GET + no parameters = metadata request if (!Request.QueryString.HasValue) { _logger.LogDebug("Start WS-Federation metadata request"); var entity = await _metadata.GenerateAsync(Url.Action("Index", "WsFederation", null, Request.Scheme, Request.Host.Value)); return(new MetadataResult(entity)); } var url = Url.Action("Index", "WsFederation", null, Request.Scheme, Request.Host.Value) + Request.QueryString; _logger.LogDebug("Start WS-Federation request: {url}", url); if (WSFederationMessage.TryCreateFromUri(new Uri(url), out WSFederationMessage message)) { if (message is SignInRequestMessage signin) { return(await ProcessSignInAsync(signin, User)); } if (message is SignOutRequestMessage signout) { return(ProcessSignOutAsync(signout)); } } return(BadRequest("Invalid WS-Federation request")); }
public static SignInRequestMessage GetSignInRequestMessage(this IRelyingParty rp, Uri baseUri) { var requestMessage = (SignInRequestMessage)WSFederationMessage.CreateFromUri(baseUri); requestMessage.Realm = requestMessage.Realm ?? rp.Realm; return(requestMessage); }
/// <summary> /// Handles the click event on the logon button. /// </summary> /// <param name="sender">The sender.</param> /// <param name="e">The event arguments.</param> private void _logonButton_Click(object sender, EventArgs e) { // Get the user provider. var userProvider = this.Container.Resolve <IUserProvider>(); // Get the principal object for the current user. IPrincipal principal; try { principal = userProvider.Logon(this._loginTextBox.Text, this._passwordTextBox.Text); } catch (SecurityException) { return; } // Create the sign in request. var signInRequestMessage = (SignInRequestMessage)WSFederationMessage.CreateFromUri(this.Request.Url); // Create the security token service. var securityTokenService = new SecurityTokenService(new SecurityTokenServiceConfiguration()); // Send the sign request to the security token service and get a sign in response. var signInResponseMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest( signInRequestMessage, principal, securityTokenService); // Redirect based on the sign in response. FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse( signInResponseMessage, this.Response); }
public ActionResult Return() { if (!Thread.CurrentPrincipal.Identity.IsAuthenticated) { return(RedirectToAction("Index")); } var formData = ControllerContext.HttpContext.Request.Unvalidated.Form; string contextQuery = null; if (formData["wresult"] != null) { var baseUrl = FederationMessage.GetBaseUrl(ControllerContext.HttpContext.Request.Url); var signInResponseMessage = WSFederationMessage.CreateFromNameValueCollection(baseUrl, formData) as SignInResponseMessage; if (signInResponseMessage != null) { contextQuery = signInResponseMessage.Context; } } var returnUrl = GetReturnUrl(contextQuery); return(Redirect(string.IsNullOrWhiteSpace(returnUrl) ? "~/" : returnUrl)); }
private static void ValidateWsFederationMessage(WSFederationMessage wsFederationMessage) { var signInRequestMessage = wsFederationMessage as SignInRequestMessage; if (signInRequestMessage == null) { throw new SecurityException("The WSFederationMessage is not a SignIn Message."); } }
protected override void OnLoad(EventArgs e) { string action = this.Request.QueryString[WSFederationConstants.Parameters.Action]; if (action == WSFederationConstants.Actions.SignIn) { // Process signin request. var requestMessage = (SignInRequestMessage)WSFederationMessage.CreateFromUri(this.Request.Url); if (this.User != null && this.User.Identity.IsAuthenticated) { SecurityTokenService sts = new IdentityProviderSecurityTokenService(IdentityProviderSecurityTokenServiceConfiguration.Current); SignInResponseMessage responseMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(requestMessage, this.User, sts); FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse(responseMessage, this.Response); } else { throw new UnauthorizedAccessException(); } } else if (action == WSFederationConstants.Actions.SignOut || action == WSFederationConstants.Actions.SignOutCleanup) { // Process signout request. WSFederationMessage requestMessage = WSFederationMessage.CreateFromUri(this.Request.Url); FederatedPassiveSecurityTokenServiceOperations.ProcessSignOutRequest(requestMessage, this.User, null, this.Response); // Simulate what happens when you sign out of WIF to send a response that everything was Ok var signOutImage = new byte[] { 71, 73, 70, 56, 57, 97, 17, 0, 13, 0, 162, 0, 0, 255, 255, 255, 169, 240, 169, 125, 232, 125, 82, 224, 82, 38, 216, 38, 0, 0, 0, 0, 0, 0, 0, 0, 0, 33, 249, 4, 5, 0, 0, 5, 0, 44, 0, 0, 0, 0, 17, 0, 13, 0, 0, 8, 84, 0, 11, 8, 28, 72, 112, 32, 128, 131, 5, 19, 22, 56, 24, 128, 64, 0, 0, 10, 13, 54, 116, 8, 49, 226, 193, 1, 4, 6, 32, 36, 88, 113, 97, 0, 140, 26, 11, 30, 68, 8, 64, 0, 129, 140, 29, 5, 2, 56, 73, 209, 36, 202, 132, 37, 79, 14, 112, 73, 81, 97, 76, 150, 53, 109, 210, 36, 32, 32, 37, 76, 151, 33, 35, 26, 20, 16, 84, 168, 65, 159, 9, 3, 2, 0, 59 }; this.Response.Cache.SetCacheability(HttpCacheability.NoCache); this.Response.ClearContent(); this.Response.ContentType = "image/gif"; this.Response.BinaryWrite(signOutImage); } else { throw new InvalidOperationException( String.Format( CultureInfo.InvariantCulture, "The action '{0}' (Request.QueryString['{1}']) is unexpected. Expected actions are: '{2}' or '{3}'.", String.IsNullOrEmpty(action) ? "<EMPTY>" : action, WSFederationConstants.Parameters.Action, WSFederationConstants.Actions.SignIn, WSFederationConstants.Actions.SignOut)); } base.OnLoad(e); }
private ActionResult HandleSignOutRequest() { SignOutRequestMessage requestMessage = (SignOutRequestMessage)WSFederationMessage.CreateFromUri(this.Request.Url); FederatedPassiveSecurityTokenServiceOperations.ProcessSignOutRequest(requestMessage, this.User, null, this.HttpContext.ApplicationInstance.Response); this.ViewData["ActionExplanation"] = "Sign out from the issuer has been requested."; this.ViewData["ReturnUrl"] = Encoder.HtmlAttributeEncode(this.Request.QueryString["wreply"]); return(this.View()); }
private static void ValidateWsFederationMessage(WSFederationMessage wsFederationMessage) { var signInRequestMessage = wsFederationMessage as SignInRequestMessage; if (signInRequestMessage == null) { throw new SecurityException("The WSFederationMessage is not a SignIn Message."); } }
private static WSFederationMessage ValidateRequestType() { WSFederationMessage wsFederationMessage; if (!WSFederationMessage.TryCreateFromUri(System.Web.HttpContext.Current.Request.Url, out wsFederationMessage)) { throw new SecurityException("This is not a WsFederation compliant request"); } return(wsFederationMessage); }
private string ProcessSignIn(Uri url, ClaimsPrincipal user) { var requestMessage = (SignInRequestMessage)WSFederationMessage.CreateFromUri(url); var config = new SecurityTokenServiceConfiguration(ConfigurationManager.AppSettings["SecurityTokenServiceEndpointUrl"], SecurityHelper.CreateSignupCredentialsFromConfig()); var encryptionCredentials = SecurityHelper.CreateEncryptingCredentialsFromConfig(); var sts = new CustomSecurityTokenService <AppMember>(WebConfigurationManager.AppSettings["LoginProviderName"], config, encryptionCredentials, _userStore); var responseMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(requestMessage, user, sts); return(responseMessage.WriteFormPost()); }
private static string ProcessSignIn(Uri url, ClaimsPrincipal user) { var requestMessage = (SignInRequestMessage)WSFederationMessage.CreateFromUri(url); var signingCredentials = new X509SigningCredentials(CustomSecurityTokenService.GetCertificate(ConfigurationManager.AppSettings["SigningCertificateName"])); var config = new SecurityTokenServiceConfiguration(ConfigurationManager.AppSettings["IssuerName"], signingCredentials); var sts = new CustomSecurityTokenService(config); var responseMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(requestMessage, user, sts); return(responseMessage.WriteFormPost()); }
public static string ProcessSignIn(Uri url, ClaimsPrincipal user) { var requestMessage = (SignInRequestMessage)WSFederationMessage.CreateFromUri(url); var signingCredentials = new X509SigningCredentials(CustomSecurityTokenService.GetCertificate2()); var config = new SecurityTokenServiceConfiguration($"{url.Scheme}://{url.Authority}/FederatedLogin/", signingCredentials); var sts = new CustomSecurityTokenService(config); var responseMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(requestMessage, user, sts); return(responseMessage.WriteFormPost()); }
static string GetPathAndQuery(WSFederationMessage request) { StringBuilder strb = new StringBuilder(128); using (StringWriter writer = new StringWriter(strb, CultureInfo.InvariantCulture)) { request.Write(writer); return(strb.ToString()); } }
protected override async Task <AuthenticationTicket> AuthenticateCoreAsync() { if (!string.Equals(Request.Method, "POST", StringComparison.OrdinalIgnoreCase)) { return(null); } var form = await Request.ReadFormAsync(); var nameValueForm = ConvertToNameValueCollection(form); WSFederationMessage message = WSFederationMessage.CreateFromNameValueCollection( new Uri(_federationConfiguration.WsFederationConfiguration.Realm), nameValueForm); var signIn = message as SignInResponseMessage; if (signIn == null) { return(null); } var extra = Options.StateDataFormat.Unprotect(message.Context); if (extra == null) { return(null); } // OAuth2 10.12 CSRF if (!ValidateCorrelationId(extra, _logger)) { return(new AuthenticationTicket(null, extra)); } XmlDictionaryReader xmlReader = XmlDictionaryReader.CreateTextReader(Encoding.UTF8.GetBytes(signIn.Result), XmlDictionaryReaderQuotas.Max); var federationSerializer = new WSFederationSerializer(xmlReader); var serializationContext = new WSTrustSerializationContext(_federationConfiguration.IdentityConfiguration.SecurityTokenHandlerCollectionManager); RequestSecurityTokenResponse securityTokenResponse = federationSerializer.CreateResponse(signIn, serializationContext); string xml = securityTokenResponse.RequestedSecurityToken.SecurityTokenXml.OuterXml; SecurityToken securityToken = ReadToken(xml); var securityTokenReceivedContext = new SecurityTokenReceivedContext(securityToken); await Options.Provider.SecurityTokenReceived(securityTokenReceivedContext); ClaimsPrincipal principal = AuthenticateToken(securityToken, Request.Uri.AbsoluteUri); var securityTokenValidatedContext = new SecurityTokenValidatedContext(principal); await Options.Provider.SecurityTokenValidated(securityTokenValidatedContext); return(new AuthenticationTicket( securityTokenValidatedContext.ClaimsPrincipal.Identities.FirstOrDefault(), extra)); }
/// <summary> /// Processes a WS-Federation request. /// </summary> /// <param name="request">The WS-Federation request message.</param> /// <param name="principal">The client principal.</param> /// <param name="configuration">The token service configuration.</param> public static void ProcessRequest(WSFederationMessage request, IClaimsPrincipal principal, SecurityTokenServiceConfiguration configuration) { Contract.Requires(request != null); Contract.Requires(principal != null); Contract.Requires(configuration != null); HttpContext context = HttpContext.Current; if (request.Action == WSFederationConstants.Actions.SignIn) { var response = ProcessSignInRequest( (SignInRequestMessage)request, principal, configuration); response.Write(context.Response.Output); context.Response.Flush(); context.Response.End(); } else if (request.Action == WSFederationConstants.Actions.SignOut) { var signOut = (SignOutRequestMessage)request; ProcessSignOutRequest(); if (!String.IsNullOrEmpty(signOut.Reply)) { context.Response.Redirect(signOut.Reply); } else { context.Response.Redirect("~/"); } } else if (request.Action == WSFederationConstants.Actions.SignOutCleanup) { var signOut = (SignOutCleanupRequestMessage)request; ProcessSignOutRequest(); if (!String.IsNullOrEmpty(signOut.Reply)) { context.Response.Redirect(signOut.Reply); } else { context.Response.Redirect("~/"); } } else { throw new InvalidOperationException(String.Format( CultureInfo.InvariantCulture, "Unsupported Action: {0}", request.Action)); } }
public ActionResult Index(WSFederationMessage message) { try { if (message != null) { if (message.Action == WSFederationConstants.Actions.SignIn) { var requestMessage = (SignInRequestMessage) WSFederationMessage.CreateFromUri(Request.Url); if (User != null && User.Identity != null && User.Identity.IsAuthenticated) { SecurityTokenService sts = new CustomSecurityTokenService(CustomSecurityTokenServiceConfiguration.Current); SignInResponseMessage responseMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(requestMessage, User, sts); FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse(responseMessage, System.Web.HttpContext.Current.Response); } else { throw new UnauthorizedAccessException(); } } else { if (message.Action == WSFederationConstants.Actions.SignOut) { var requestMessage = (SignOutRequestMessage) WSFederationMessage.CreateFromUri(Request.Url); FederatedPassiveSecurityTokenServiceOperations.ProcessSignOutRequest(requestMessage, User, requestMessage.Reply, System.Web.HttpContext.Current.Response); } else { throw new InvalidOperationException(String.Format(CultureInfo.InvariantCulture, "The action '{0}' (Request.QueryString['{1}']) is unexpected. Expected actions are: '{2}' or '{3}'.", String.IsNullOrEmpty(message.Action) ? "<EMPTY>" : message.Action, WSFederationConstants.Parameters.Action, WSFederationConstants.Actions.SignIn, WSFederationConstants.Actions.SignOut)); } } } } catch (Exception exception) { throw new Exception("An unexpected error occurred when processing the request. See inner exception for details.", exception); } return View(); }
public WSFederationResult(WSFederationMessage message) { Content = message.WriteFormPost(); }