/// <summary>
/// Gets ReturnURL set by administrator or taken from query string
/// </summary>
/// <returns>
/// ReturnURL to redirect or empty string
/// </returns>
protected string GetReturnURL(LoginFormViewModel input, HttpContextBase context)
{
string redirectUrl = string.Empty;
if (this.LoginRedirectPageId.HasValue)
{
//Get redirectUrl set by administrator. The value is not validated.
redirectUrl = this.GetPageUrl(this.LoginRedirectPageId);
}
else
{
//Get redirectUrl from query string parameter
string redirectUrlFromQS;
this.TryResolveUrlFromUrlReferrer(context, out redirectUrlFromQS);
if (!string.IsNullOrWhiteSpace(redirectUrlFromQS))
{
//validates whether the redirectUrl is allowed in the relying parties.
byte[] key;
if (SWTIssuer.TryGetRelyingPartyKey(redirectUrlFromQS, out key))
{
redirectUrl = redirectUrlFromQS;
}
}
}
return(redirectUrl);
}
public virtual LoginFormViewModel Authenticate(LoginFormViewModel input, HttpContextBase context)
{
input.LoginError = false;
if (Config.Get <SecurityConfig>().AuthenticationMode == SecConfig.AuthenticationMode.Claims)
{
var owinContext = context.Request.GetOwinContext();
var challengeProperties = ChallengeProperties.ForLocalUser(input.UserName, input.Password, this.MembershipProvider, input.RememberMe, context.Request.Url.ToString());
challengeProperties.RedirectUri = this.GetReturnURL(context);
owinContext.Authentication.Challenge(challengeProperties, ClaimsManager.CurrentAuthenticationModule.STSAuthenticationType);
}
else
{
User user;
UserLoggingReason result = SecurityManager.AuthenticateUser(
this.MembershipProvider,
input.UserName,
input.Password,
input.RememberMe,
out user);
if (result != UserLoggingReason.Success)
{
input.LoginError = true;
}
else
{
input.RedirectUrlAfterLogin = this.GetReturnURL(context);
}
}
return(input);
}
/// <inheritDoc/>
public virtual LoginFormViewModel GetLoginFormViewModel()
{
var viewModel = new LoginFormViewModel();
this.InitializeLoginViewModel(viewModel);
return(viewModel);
}
/// <inheritDoc/>
public virtual void InitializeLoginViewModel(LoginFormViewModel viewModel)
{
if (viewModel != null)
{
viewModel.ServiceUrl = this.ServiceUrl;
viewModel.MembershipProvider = this.MembershipProvider;
viewModel.RedirectUrlAfterLogin = this.GetPageUrl(this.LoginRedirectPageId);
viewModel.RegisterPageUrl = this.GetPageUrl(this.RegisterRedirectPageId);
viewModel.ShowRegistrationLink = this.RegisterRedirectPageId.HasValue;
viewModel.ShowForgotPasswordLink = this.AllowResetPassword && (this.EnablePasswordReset || this.EnablePasswordRetrieval) && this.AreSmtpSettingsSet;
viewModel.Realm = ClaimsManager.CurrentAuthenticationModule.GetRealm();
viewModel.CssClass = this.CssClass;
viewModel.ShowRememberMe = this.ShowRememberMe;
if (!string.IsNullOrEmpty(this.serializedExternalProviders))
{
var externalProviders = JsonSerializer.DeserializeFromString <Dictionary <string, string> >(this.serializedExternalProviders);
var availableProviders = ClaimsManager.CurrentAuthenticationModule.ExternalAuthenticationProviders.Where(x => x.Enabled == true && !string.IsNullOrEmpty(x.Title)).Select(x => x.Title).ToList();
var filteredExternalProviders = externalProviders.Where(x => availableProviders.Contains(x.Key));
viewModel.ExternalProviders = new Dictionary <string, string>();
foreach (var kv in filteredExternalProviders)
{
viewModel.ExternalProviders.Add(kv.Key, kv.Value);
}
}
}
}
public virtual LoginFormViewModel Authenticate(LoginFormViewModel input, HttpContextBase context)
{
input.LoginError = false;
if (Config.Get <SecurityConfig>().AuthenticationMode == SecConfig.AuthenticationMode.Claims)
{
var owinContext = context.Request.GetOwinContext();
string errorRedirectUrl;
if (context.Request.UrlReferrer?.AbsoluteUri != null)
{
errorRedirectUrl = context.Request.UrlReferrer.AbsoluteUri;
var param = context.Request.Params[MvcControllerProxy.ControllerKey];
if (param != null)
{
var uriBuilder = new UriBuilder(errorRedirectUrl);
var query = HttpUtility.ParseQueryString(uriBuilder.Query);
query[LoginControllerKey] = param;
uriBuilder.Query = query.ToString();
errorRedirectUrl = uriBuilder.ToString();
}
}
else
{
errorRedirectUrl = context.Request.Url.ToString();
}
var challengeProperties = ChallengeProperties.ForLocalUser(input.UserName, input.Password, this.MembershipProvider, input.RememberMe, errorRedirectUrl);
challengeProperties.RedirectUri = this.GetReturnURL(context);
owinContext.Authentication.Challenge(challengeProperties, ClaimsManager.CurrentAuthenticationModule.STSAuthenticationType);
}
else
{
User user;
UserLoggingReason result = SecurityManager.AuthenticateUser(
this.MembershipProvider,
input.UserName,
input.Password,
input.RememberMe,
out user);
if (result != UserLoggingReason.Success)
{
input.LoginError = true;
}
else
{
input.RedirectUrlAfterLogin = this.GetReturnURL(context);
}
}
return(input);
}
public virtual LoginFormViewModel Authenticate(LoginFormViewModel input, HttpContextBase context)
{
input.LoginError = false;
string errorRedirectUrl = GetErrorRedirectUrl(context);
if (Config.Get <SecurityConfig>().AuthenticationMode == SecConfig.AuthenticationMode.Claims && ClaimsManager.CurrentAuthenticationModule.AuthenticationProtocol != "Default")
{
var owinContext = context.Request.GetOwinContext();
var challengeProperties = ChallengeProperties.ForLocalUser(input.UserName, input.Password, this.MembershipProvider, input.RememberMe, errorRedirectUrl);
challengeProperties.RedirectUri = this.GetReturnURL(context);
owinContext.Authentication.Challenge(challengeProperties, ClaimsManager.CurrentAuthenticationModule.STSAuthenticationType);
}
else
{
var redirectUrl = this.GetReturnURL(context);
User user;
UserLoggingReason result = SecurityManager.AuthenticateUser(
this.MembershipProvider,
input.UserName,
input.Password,
input.RememberMe,
out user);
if (result != UserLoggingReason.Success)
{
if (ClaimsManager.CurrentAuthenticationModule.AuthenticationProtocol == "Default")
{
errorRedirectUrl = AddErrorParameterToQuery(errorRedirectUrl);
SFClaimsAuthenticationManager.ProcessRejectedUserForDefaultClaimsLogin(context, result, user, input.RememberMe, redirectUrl, errorRedirectUrl);
}
input.LoginError = true;
}
else
{
if (ClaimsManager.CurrentAuthenticationModule.AuthenticationProtocol == "Default")
{
redirectUrl = RemoveErrorParameterFromQuery(redirectUrl);
}
input.RedirectUrlAfterLogin = redirectUrl;
SystemManager.CurrentHttpContext.GetOwinContext().Authentication.SignIn(new AuthenticationProperties {
RedirectUri = redirectUrl
});
}
}
return(input);
}
/// <inheritDoc/>
public virtual void InitializeLoginViewModel(LoginFormViewModel viewModel)
{
if (viewModel != null)
{
viewModel.ServiceUrl = this.ServiceUrl;
viewModel.MembershipProvider = this.MembershipProvider;
viewModel.RedirectUrlAfterLogin = this.GetPageUrl(this.LoginRedirectPageId);
viewModel.RegisterPageUrl = this.GetPageUrl(this.RegisterRedirectPageId);
viewModel.ShowRegistrationLink = this.RegisterRedirectPageId.HasValue;
viewModel.ShowForgotPasswordLink = this.AllowResetPassword && (this.EnablePasswordReset || this.EnablePasswordRetrieval);
viewModel.Realm = SitefinityClaimsAuthenticationModule.Current.GetRealm();
viewModel.CssClass = this.CssClass;
viewModel.ShowRememberMe = this.ShowRememberMe;
}
}
/// <inheritDoc/>
public virtual LoginFormViewModel Authenticate(LoginFormViewModel input, HttpContextBase context)
{
User user;
UserLoggingReason result = SecurityManager.AuthenticateUser(
this.MembershipProvider,
input.UserName,
input.Password,
input.RememberMe,
out user);
var identity = ClaimsManager.GetCurrentIdentity();
if (user != null && identity != null && identity.OriginalIdentity is SitefinityIdentity)
{
IClaimsPrincipal cp = new ClaimsPrincipal(new[] { new ClaimsIdentity(identity.Claims) });
var wifCredentials = new FederatedServiceCredentials(FederatedAuthentication.ServiceConfiguration);
cp = wifCredentials.ClaimsAuthenticationManager.Authenticate(context.Request.RequestType, cp);
SitefinityClaimsAuthenticationModule.Current.AuthenticatePrincipalWithCurrentToken(cp, input.RememberMe);
}
if (result == UserLoggingReason.Unknown)
{
input.IncorrectCredentials = true;
}
else
{
string redirectUrl;
if (!this.TryResolveUrlFromUrlReferrer(context, out redirectUrl))
{
redirectUrl = this.GetPageUrl(this.LoginRedirectPageId);
}
input.RedirectUrlAfterLogin = redirectUrl;
if (result != UserLoggingReason.Success)
{
SFClaimsAuthenticationManager.ProcessRejectedUser(context, input.RedirectUrlAfterLogin);
}
}
return(input);
}
/// <inheritDoc/>
public virtual void InitializeLoginViewModel(LoginFormViewModel viewModel)
{
if (viewModel != null)
{
viewModel.ServiceUrl = this.ServiceUrl;
viewModel.MembershipProvider = this.MembershipProvider;
viewModel.RedirectUrlAfterLogin = this.GetPageUrl(this.LoginRedirectPageId);
viewModel.RegisterPageUrl = this.GetPageUrl(this.RegisterRedirectPageId);
viewModel.ShowRegistrationLink = this.RegisterRedirectPageId.HasValue;
viewModel.ShowForgotPasswordLink = this.AllowResetPassword && (this.EnablePasswordReset || this.EnablePasswordRetrieval);
viewModel.Realm = ClaimsManager.CurrentAuthenticationModule.GetRealm();
viewModel.CssClass = this.CssClass;
viewModel.ShowRememberMe = this.ShowRememberMe;
if (!string.IsNullOrEmpty(this.serializedExternalProviders))
{
viewModel.ExternalProviders = JsonSerializer.DeserializeFromString <Dictionary <string, string> >(this.serializedExternalProviders);
}
}
}
/// <inheritDoc/>
public virtual void InitializeLoginViewModel(LoginFormViewModel viewModel)
{
if (viewModel != null)
{
viewModel.ServiceUrl = this.ServiceUrl;
viewModel.MembershipProvider = this.MembershipProvider;
viewModel.RedirectUrlAfterLogin = this.GetPageUrl(this.LoginRedirectPageId);
viewModel.RegisterPageUrl = this.GetPageUrl(this.RegisterRedirectPageId);
viewModel.ShowRegistrationLink = this.RegisterRedirectPageId.HasValue;
viewModel.ShowForgotPasswordLink = this.AllowResetPassword && (this.EnablePasswordReset || this.EnablePasswordRetrieval);
viewModel.Realm = SitefinityClaimsAuthenticationModule.Current.GetRealm();
viewModel.CssClass = this.CssClass;
viewModel.ShowRememberMe = this.ShowRememberMe;
}
}
/// <inheritDoc/>
public virtual LoginFormViewModel GetLoginFormViewModel()
{
var viewModel = new LoginFormViewModel();
this.InitializeLoginViewModel(viewModel);
return viewModel;
}
/// <inheritDoc/>
public virtual LoginFormViewModel Authenticate(LoginFormViewModel input, HttpContextBase context)
{
User user;
UserLoggingReason result = SecurityManager.AuthenticateUser(
this.MembershipProvider,
input.UserName,
input.Password,
input.RememberMe,
out user);
var identity = ClaimsManager.GetCurrentIdentity();
if (user != null && identity != null && identity.OriginalIdentity is SitefinityIdentity)
{
IClaimsPrincipal cp = new ClaimsPrincipal(new[] { new ClaimsIdentity(identity.Claims) });
var wifCredentials = new FederatedServiceCredentials(FederatedAuthentication.ServiceConfiguration);
cp = wifCredentials.ClaimsAuthenticationManager.Authenticate(context.Request.RequestType, cp);
SitefinityClaimsAuthenticationModule.Current.AuthenticatePrincipalWithCurrentToken(cp, input.RememberMe);
}
if (result == UserLoggingReason.Unknown)
{
input.IncorrectCredentials = true;
}
else
{
string redirectUrl;
if (!this.TryResolveUrlFromUrlReferrer(context, out redirectUrl))
{
redirectUrl = this.GetPageUrl(this.LoginRedirectPageId);
}
input.RedirectUrlAfterLogin = redirectUrl;
if (result != UserLoggingReason.Success)
{
SFClaimsAuthenticationManager.ProcessRejectedUser(context, input.RedirectUrlAfterLogin);
}
}
return input;
}
public ActionResult Index(LoginFormViewModel model)
{
if (ModelState.IsValid)
{
model = this.Model.Authenticate(model, this.ControllerContext.HttpContext);
if (!model.IncorrectCredentials && !string.IsNullOrWhiteSpace(model.RedirectUrlAfterLogin))
{
return this.Redirect(model.RedirectUrlAfterLogin);
}
else if (!model.IncorrectCredentials && this.Request.UrlReferrer != null)
{
var returnUrlFromQS = System.Web.HttpUtility.ParseQueryString(this.Request.UrlReferrer.Query)["ReturnUrl"];
if (!string.IsNullOrEmpty(returnUrlFromQS))
return this.Redirect(returnUrlFromQS);
}
}
this.Model.InitializeLoginViewModel(model);
var fullTemplateName = this.loginFormTemplatePrefix + this.LoginFormTemplate;
return this.View(fullTemplateName, model);
}
public ActionResult Index(LoginFormViewModel model)
{
if (ModelState.IsValid)
{
model = this.Model.Authenticate(model, this.ControllerContext.HttpContext);
if (!model.IncorrectCredentials && !string.IsNullOrWhiteSpace(model.RedirectUrlAfterLogin))
return this.Redirect(model.RedirectUrlAfterLogin);
}
this.Model.InitializeLoginViewModel(model);
var fullTemplateName = this.loginFormTemplatePrefix + this.LoginFormTemplate;
return this.View(fullTemplateName, model);
}
