protected override EwfSafeRequestHandler getOrHead() =>
new EwfSafeResponseWriter(
EwfResponse.CreateFromAspNetResponse(
aspNetResponse => ExternalFunctionalityStatics.ExternalSamlProvider.WriteLogInResponse(
aspNetResponse,
identityProvider.EntityId,
identityProvider == AuthenticationStatics.GetUserLastIdentityProvider(),
ReturnUrl)));
protected override PageContent getContent()
{
var clientTime = new DataValue <string>();
var content = new UiPageContent(
contentFootActions: verificationFailed()
? new ButtonSetup(
"Proceed Anyway",
behavior: new PostBackBehavior(
postBack: PostBack.CreateFull(actionGetter: () => new PostBackAction(new ExternalResource(ReturnUrl)))))
.ToCollection()
: Enumerable.Empty <ButtonSetup>().Materialize(),
pageLoadPostBack: verificationFailed()
? null
: PostBack.CreateFull(
modificationMethod: () => {
if (AuthenticationStatics.TestCookieMissing())
{
parametersModification.CookiesDisabled = true;
}
if (AuthenticationStatics.ClockNotSynchronized(clientTime))
{
parametersModification.ClockWrong = true;
}
},
actionGetter: () => new PostBackAction(verificationFailed() ? null : new ExternalResource(ReturnUrl))));
if (verificationFailed())
{
if (CookiesDisabled)
{
content.Add(new Paragraph(Translation.YourBrowserHasCookiesDisabled.ToComponents()));
}
if (ClockWrong)
{
content.Add(new Paragraph(AuthenticationStatics.GetClockWrongMessage().ToComponents()));
}
}
else
{
content.Add(new Paragraph("Please wait.".ToComponents())).Add(AuthenticationStatics.GetLogInHiddenFieldsAndSetUpClientSideLogic(clientTime));
}
return(content);
}
protected override PageContent getContent()
{
Action <int> passwordUpdater = null;
return(FormState.ExecuteWithDataModificationsAndDefaultAction(
PostBack.CreateFull(
modificationMethod: () => {
passwordUpdater(AppTools.User.UserId);
AddStatusMessage(StatusMessageType.Info, "Your password has been successfully changed. Use it the next time you log in.");
},
actionGetter: () => new PostBackAction(new ExternalResource(ReturnAndDestinationUrl)))
.ToCollection(),
() => new UiPageContent(
pageActions: new HyperlinkSetup(new ExternalResource(ReturnAndDestinationUrl), "Back").ToCollection(),
contentFootActions: new ButtonSetup("Change Password").ToCollection()).Add(
FormItemList.CreateStack(
items: AuthenticationStatics.GetPasswordModificationFormItems(
out passwordUpdater,
firstLabel: "New password".ToComponents(),
secondLabel: "Re-type new password".ToComponents())))));
}
protected override EwfResponse post()
{
var assertion = ExternalFunctionalityStatics.ExternalSamlProvider.ReadAssertion(HttpContext.Current.Request);
var identityProvider =
AuthenticationStatics.SamlIdentityProviders.Single(i => string.Equals(i.EntityId, assertion.identityProvider, StringComparison.Ordinal));
User user;
DataAccessState.Current.DisableCache();
try {
user = identityProvider.LogInUser(assertion.userName, assertion.attributes);
}
finally {
DataAccessState.Current.ResetCache();
}
if (user != null)
{
AuthenticationStatics.SetFormsAuthCookieAndUser(user, identityProvider: identityProvider);
}
else
{
AuthenticationStatics.SetUserLastIdentityProvider(identityProvider);
}
try {
AppRequestState.Instance.CommitDatabaseTransactionsAndExecuteNonTransactionalModificationMethods();
}
finally {
DataAccessState.Current.ResetCache();
}
var destinationUrl = new VerifyClientFunctionality(assertion.returnUrl).GetUrl();
HttpContext.Current.Response.StatusCode = 303;
return(EwfResponse.Create(
ContentTypes.PlainText,
new EwfResponseBodyCreator(writer => writer.Write("See Other: {0}".FormatWith(destinationUrl))),
additionalHeaderFieldGetter: () => ("Location", destinationUrl).ToCollection()));
}
/// <summary>
/// Call this from Application_Start in your Global.asax.cs file. Besides this call, there should be no other code in the method.
/// </summary>
/// <param name="globalInitializer">The system's global initializer. Do not pass null.</param>
/// <param name="appInitializer">The application initializer, which performs web-site specific initialization and cleanup. If you have one of these you
/// should name the class AppInitializer.</param>
public static void InitStatics(SystemInitializer globalInitializer, SystemInitializer appInitializer = null)
{
// This is a hack to support data-access state in WCF services.
var wcfDataAccessState = new ThreadLocal <DataAccessState>(() => new DataAccessState());
// Initialize system.
var initTimeDataAccessState = new ThreadLocal <DataAccessState>(() => new DataAccessState());
try {
GlobalInitializationOps.InitStatics(
globalInitializer,
Path.GetFileName(Path.GetDirectoryName(HttpRuntime.AppDomainAppPath)),
false,
mainDataAccessStateGetter: () => {
return(EwfApp.Instance != null ? EwfApp.Instance.RequestState != null ? EwfApp.Instance.RequestState.DataAccessState :
initTimeDataAccessState.Value :
System.ServiceModel.OperationContext.Current != null ? wcfDataAccessState.Value : null);
});
}
catch {
// Suppress all exceptions since there is no way to report them.
return;
}
ewlInitialized = true;
// Initialize web application.
if (!GlobalInitializationOps.SecondaryInitFailed)
{
EwfApp.ExecuteWithBasicExceptionHandling(
() => {
EwfConfigurationStatics.Init();
GlobalConfiguration.Configure(WebApiStatics.ConfigureWebApi);
var miniProfilerOptions = new MiniProfilerOptions();
miniProfilerOptions.IgnoredPaths.Clear();
MiniProfiler.Configure(miniProfilerOptions);
var globalType = BuildManager.GetGlobalAsaxType().BaseType;
var providerGetter = new SystemProviderGetter(
globalType.Assembly,
globalType.Namespace + ".Providers",
providerName =>
@"{0} provider not found in application. To implement, create a class named {0} in ""Your Web Site\Providers"" that derives from App{0}Provider."
.FormatWith(providerName));
if (ExternalFunctionalityStatics.SamlFunctionalityEnabled)
{
ExternalFunctionalityStatics.ExternalSamlProvider.InitAppStatics(
providerGetter,
() => AuthenticationStatics.SamlIdentityProviders.Select(
identityProvider => {
using (var client = new HttpClient()) {
client.Timeout = new TimeSpan(0, 0, 10);
var metadata = Task.Run(
async() => {
using (var response = await client.GetAsync(identityProvider.MetadataUrl, HttpCompletionOption.ResponseHeadersRead)) {
response.EnsureSuccessStatusCode();
var document = new XmlDocument();
using (var stream = await response.Content.ReadAsStreamAsync())
using (var reader = XmlReader.Create(stream))
document.Load(reader);
return(document.DocumentElement);
}
})
.Result;
return(metadata, identityProvider.EntityId);
}
})
.Materialize());
}
UrlHandlingStatics.Init(
(baseUrlString, appRelativeUrl) =>
AppRequestState.ExecuteWithUrlHandlerStateDisabled(() => UrlHandlingStatics.ResolveUrl(baseUrlString, appRelativeUrl)?.Last()));
CssPreprocessingStatics.Init(globalInitializer.GetType().Assembly, globalType.Assembly);
ResourceBase.Init(
(requestTransferred, resource) => {
if (requestTransferred)
{
var urlHandlers = new List <BasicUrlHandler>();
UrlHandler urlHandler = resource;
do
{
urlHandlers.Add(urlHandler);
}while((urlHandler = urlHandler.GetParent()) != null);
AppRequestState.Instance.SetUrlHandlers(urlHandlers);
AppRequestState.Instance.SetNewUrlParameterValuesEffective(false);
AppRequestState.Instance.SetResource(resource);
}
else
{
AppRequestState.Instance.SetResource(resource);
}
},
() => AppRequestState.Instance.Resource);
PageBase.Init(
(() => BasePageStatics.AppProvider.GetPageViewDataModificationMethod(), () => BasePageStatics.AppProvider.JavaScriptDocumentReadyFunctionCall),
BasicPageContent.GetContent);
HyperlinkBehaviorExtensionCreators.Init(ModalBox.GetBrowsingModalBoxOpenStatements);
FileUpload.Init(() => ((BasicPageContent)PageBase.Current.BasicContent).FormUsesMultipartEncoding = true);
ModalBox.Init(() => ((BasicPageContent)PageBase.Current.BasicContent).BrowsingModalBoxId);
CreditCardCollector.Init(() => ((BasicPageContent)PageBase.Current.BasicContent).IncludesStripeCheckout = true);
BasePageStatics.Init(providerGetter.GetProvider <AppStandardPageLogicProvider>("StandardPageLogic"));
BasicPageContent.Init(
contentObjects => {
var contentUsesUi = contentObjects.Any(i => i is UiPageContent);
var cssInfos = new List <ResourceInfo>();
cssInfos.Add(
new ExternalResource(
"//fonts.googleapis.com/css2?family=Libre+Franklin:wght@500;600;700&family=Open+Sans:ital,wght@0,400;0,600;0,700;1,400&display=fallback"));
cssInfos.Add(new ExternalResource("//maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css"));
cssInfos.Add(new StaticFiles.Versioned.Third_party.Jquery_ui.Jquery_ui_1114custom_v2.Jquery_uiminCss());
cssInfos.Add(new StaticFiles.Third_party.Select_cssCss());
cssInfos.Add(new StaticFiles.Versioned.Third_party.Chosen.Chosen_v187.ChosenminCss());
cssInfos.Add(new StaticFiles.Third_party.Time_picker.StylesCss());
cssInfos.Add(new ExternalResource("//cdn.jsdelivr.net/qtip2/2.2.1/jquery.qtip.min.css"));
cssInfos.Add(new ExternalResource("//cdnjs.cloudflare.com/ajax/libs/dialog-polyfill/0.4.9/dialog-polyfill.min.css"));
cssInfos.Add(new StaticFiles.Styles.BasicCss());
if (contentUsesUi)
{
cssInfos.AddRange(
new ResourceInfo[]
{
new StaticFiles.Styles.Ui.ColorsCss(), new StaticFiles.Styles.Ui.FontsCss(), new StaticFiles.Styles.Ui.LayoutCss(),
new StaticFiles.Styles.Ui.TransitionsCss()
});
}
foreach (var resource in BasePageStatics.AppProvider.GetStyleSheets())
{
assertResourceIsIntermediateInstallationPublicResourceWhenNecessary(resource);
cssInfos.Add(resource);
}
if (contentUsesUi)
{
foreach (var resource in EwfUiStatics.AppProvider.GetStyleSheets())
{
assertResourceIsIntermediateInstallationPublicResourceWhenNecessary(resource);
cssInfos.Add(resource);
}
}
else
{
foreach (var resource in BasePageStatics.AppProvider.GetCustomUiStyleSheets())
{
assertResourceIsIntermediateInstallationPublicResourceWhenNecessary(resource);
cssInfos.Add(resource);
}
}
return(cssInfos);
},
(markup, includeStripeCheckout) => {
string getElement(ResourceInfo resource) => "<script src=\"{0}\" defer></script>".FormatWith(resource.GetUrl());
var infos = new List <ResourceInfo>();
infos.Add(new ExternalResource("//code.jquery.com/jquery-1.12.3.min.js"));
infos.Add(new StaticFiles.Versioned.Third_party.Jquery_ui.Jquery_ui_1114custom_v2.Jquery_uiminJs());
infos.Add(new StaticFiles.Versioned.Third_party.Chosen.Chosen_v187.ChosenjqueryminJs());
infos.Add(new StaticFiles.Third_party.Time_picker.CodeJs());
infos.Add(new ExternalResource("//cdn.jsdelivr.net/qtip2/2.2.1/jquery.qtip.min.js"));
infos.Add(new ExternalResource("//cdnjs.cloudflare.com/ajax/libs/dialog-polyfill/0.4.9/dialog-polyfill.min.js"));
infos.Add(new StaticFiles.Third_party.Spin_js.SpinminJs());
infos.Add(new ExternalResource("//cdn.ckeditor.com/4.5.8/full/ckeditor.js"));
infos.Add(new ExternalResource("https://cdnjs.cloudflare.com/ajax/libs/Chart.js/2.9.4/Chart.min.js"));
infos.Add(new ExternalResource("https://instant.page/5.1.0"));
if (includeStripeCheckout)
{
infos.Add(new ExternalResource("https://checkout.stripe.com/checkout.js"));
}
infos.Add(new StaticFiles.CodeJs());
foreach (var i in infos.Select(getElement))
{
markup.Append(i);
}
markup.Append(MiniProfiler.Current.RenderIncludes().ToHtmlString());
foreach (var resource in BasePageStatics.AppProvider.GetJavaScriptFiles())
{
assertResourceIsIntermediateInstallationPublicResourceWhenNecessary(resource);
markup.Append(getElement(resource));
}
},
() => {
var icons = new List <(ResourceInfo, string, string)>();
var faviconPng48X48 = BasePageStatics.AppProvider.FaviconPng48X48;
if (faviconPng48X48 != null)
{
assertResourceIsIntermediateInstallationPublicResourceWhenNecessary(faviconPng48X48);
icons.Add((faviconPng48X48, "icon", "48x48"));
}
var favicon = BasePageStatics.AppProvider.Favicon;
if (favicon != null)
{
assertResourceIsIntermediateInstallationPublicResourceWhenNecessary(favicon);
icons.Add((favicon, "icon", ""));
}
return(icons);
},
hideWarnings => {
var url = AppRequestState.Instance.Url;
if (AppRequestState.Instance.UserAccessible && AppRequestState.Instance.ImpersonatorExists)
{
url = new UserManagement.Pages.Impersonate(
url,
optionalParameterSetter: (specifier, parameters) =>
specifier.User = AppTools.User != null ? AppTools.User.Email : UserManagement.Pages.Impersonate.AnonymousUser).GetUrl();
}
return(new NonLiveLogIn(
url,
optionalParameterSetter: (specifier, parameters) => {
specifier.Password = ConfigurationStatics.SystemGeneralProvider.IntermediateLogInPassword;
specifier.HideWarnings = hideWarnings;
}).GetUrl());
},
() => {
if (!AppRequestState.Instance.UserAccessible || !AppRequestState.Instance.ImpersonatorExists ||
(ConfigurationStatics.IsIntermediateInstallation && !AppRequestState.Instance.IntermediateUserExists))
{
return(null);
}
return("User impersonation is in effect.",
new HyperlinkSetup(new UserManagement.Pages.Impersonate(AppRequestState.Instance.Url), "Change user").Append <ActionComponentSetup>(
new ButtonSetup(
"End impersonation",
behavior: new PostBackBehavior(
postBack: PostBack.CreateFull(
id: "ewfEndImpersonation",
modificationMethod: UserImpersonationStatics.EndImpersonation,
actionGetter: () => new PostBackAction(
new ExternalResource(
EwfConfigurationStatics.AppConfiguration.DefaultBaseUrl.GetUrlString(
EwfConfigurationStatics.AppSupportsSecureConnections)))))))
.Materialize());
});
EwfUiStatics.Init(providerGetter.GetProvider <AppEwfUiProvider>("EwfUi"));
AuthenticationStatics.Init(
providerGetter.GetProvider <AppAuthenticationProvider>("Authentication"),
(user, code) => new UserManagement.Pages.LogIn(
"",
optionalParameterSetter: (specifier, parameters) => {
specifier.User = user;
specifier.Code = code;
}).GetUrl(),
destinationUrl => new UserManagement.Pages.ChangePassword(destinationUrl).GetUrl(disableAuthorizationCheck: true));
Admin.EntitySetup.Init(() => RequestDispatchingStatics.AppProvider.GetFrameworkUrlParent());
RequestDispatchingStatics.Init(providerGetter.GetProvider <AppRequestDispatchingProvider>("RequestDispatching"));
EwfInitializationOps.appInitializer = appInitializer;
appInitializer?.InitStatics();
executeWithAutomaticDatabaseConnections(AuthenticationStatics.InitAppSpecificLogicDependencies);
if (AuthenticationStatics.SamlIdentityProviders.Any() || ExternalFunctionalityStatics.SamlFunctionalityEnabled)
{
executeWithAutomaticDatabaseConnections(ExternalFunctionalityStatics.ExternalSamlProvider.InitAppSpecificLogicDependencies);
}
initTimeDataAccessState = null;
EwfApp.FrameworkInitialized = true;
},
protected override PageContent getContent()
{
AuthenticationStatics.CodeLoginModificationMethod codeLoginMethod = null;
string destinationUrl = null;
if (User.Any())
{
var postBack = PostBack.CreateFull(
modificationMethod: () => destinationUrl = codeLoginMethod(
User,
Code,
errorMessage:
"The login link you just used has expired. Please return to the page you were trying to access and send yourself another login email.")
.destinationUrl,
actionGetter: () => new PostBackAction(new ExternalResource(destinationUrl)));
return(FormState.ExecuteWithDataModificationsAndDefaultAction(
postBack.ToCollection(),
() => {
var logInHiddenFieldsAndMethods = AuthenticationStatics.GetLogInHiddenFieldsAndMethods();
codeLoginMethod = logInHiddenFieldsAndMethods.modificationMethods.codeLoginMethod;
return new UiPageContent(pageLoadPostBack: postBack).Add(new Paragraph("Please wait.".ToComponents()))
.Add(logInHiddenFieldsAndMethods.hiddenFields);
}));
}
var content = new UiPageContent(omitContentBox: true);
var codeEntryIsForPasswordReset = ComponentStateItem.Create <bool?>("codeEntryIsForPasswordReset", null, value => true, false);
var emailAddress = new DataValue <string>();
var password = new DataValue <string>();
var loginCode = new DataValue <string>();
AuthenticationStatics.PasswordLoginModificationMethod passwordLoginMethod = null;
AuthenticationStatics.LoginCodeSenderMethod loginCodeSender = null;
var logInPb = PostBack.CreateFull(
modificationMethod: () => {
if (codeEntryIsForPasswordReset.Value.Value.HasValue)
{
destinationUrl = codeLoginMethod(emailAddress.Value, loginCode.Value).destinationUrl;
}
else
{
passwordLoginMethod(emailAddress, password);
}
},
actionGetter: () => new PostBackAction(new ExternalResource(codeEntryIsForPasswordReset.Value.Value.HasValue ? destinationUrl : ReturnUrl)));
var authenticationModeUpdateRegion = new UpdateRegionSet();
const string passwordOrCodeFocusKey = "code";
var sendCodePb = codeEntryIsForPasswordReset.Value.Value != true
? PostBack.CreateIntermediate(
authenticationModeUpdateRegion.ToCollection(),
id : "sendCode",
modificationMethod : () => {
loginCodeSender(emailAddress, false, ReturnUrl);
codeEntryIsForPasswordReset.Value.Value = false;
},
reloadBehaviorGetter : () => new PageReloadBehavior(focusKey: passwordOrCodeFocusKey))
: null;
var newPasswordPb = codeEntryIsForPasswordReset.Value.Value != false
? PostBack.CreateIntermediate(
authenticationModeUpdateRegion.ToCollection(),
id : "newPw",
modificationMethod : () => {
loginCodeSender(emailAddress, true, ReturnUrl);
codeEntryIsForPasswordReset.Value.Value = true;
},
reloadBehaviorGetter : () => new PageReloadBehavior(focusKey: passwordOrCodeFocusKey))
: null;
FormState.ExecuteWithDataModificationsAndDefaultAction(
logInPb.ToCollection(),
() => {
var registeredComponents = new List <FlowComponent>();
registeredComponents.Add(
new Paragraph(
"You may log in to this system if you have registered your email address with {0}."
.FormatWith(UserManagementStatics.LocalIdentityProvider.AdministratingOrganizationName)
.ToComponents()));
registeredComponents.Add(
FormItemList.CreateStack(
generalSetup: new FormItemListSetup(buttonSetup: new ButtonSetup("Log In"), enableSubmitButton: true),
items: FormState
.ExecuteWithDataModificationsAndDefaultAction(
new[] { logInPb, sendCodePb, newPasswordPb }.Where(i => i != null),
() => emailAddress.GetEmailAddressFormItem("Email address".ToComponents()))
.Append(
codeEntryIsForPasswordReset.Value.Value.HasValue
? getLoginCodeFormItem(authenticationModeUpdateRegion.ToCollection(), AutofocusCondition.PostBack(passwordOrCodeFocusKey), loginCode)
: getPasswordFormItem(
authenticationModeUpdateRegion.ToCollection(),
AutofocusCondition.PostBack(passwordOrCodeFocusKey),
password,
new PostBackBehavior(postBack: sendCodePb)))
.Materialize()));
registeredComponents.Add(
new Paragraph(
new PhrasingIdContainer(
codeEntryIsForPasswordReset.Value.Value.HasValue
? new ImportantContent("Having trouble?".ToComponents()).ToCollection()
.Concat(" ".ToComponents())
.Append(
new EwfButton(
new StandardButtonStyle("Send me another code", buttonSize: ButtonSize.ShrinkWrap),
behavior: new PostBackBehavior(postBack: codeEntryIsForPasswordReset.Value.Value.Value ? newPasswordPb : sendCodePb)))
.Concat(" ".ToComponents())
.Append(
new EwfButton(
new StandardButtonStyle(
codeEntryIsForPasswordReset.Value.Value.Value ? "Try password again" : "Log in with password",
buttonSize: ButtonSize.ShrinkWrap),
behavior: new PostBackBehavior(
postBack: PostBack.CreateIntermediate(
authenticationModeUpdateRegion.ToCollection(),
id: "revertToPasswordEntry",
modificationMethod: () => codeEntryIsForPasswordReset.Value.Value = null,
reloadBehaviorGetter: () => new PageReloadBehavior(focusKey: passwordOrCodeFocusKey)))))
: new ImportantContent("Forgot password?".ToComponents()).ToCollection()
.Concat(" ".ToComponents())
.Append(
new EwfButton(
new StandardButtonStyle("Set a new password", buttonSize: ButtonSize.ShrinkWrap),
behavior: new ConfirmationButtonBehavior(
new Paragraph("Are you sure you want to set a new password?".ToComponents()).Append(
new Paragraph(
StringTools.ConcatenateWithDelimiter(
" ",
"Click \"Continue\" to email yourself a login code.",
"After logging in, you will be prompted to change your password to something you will remember, which you may use to log in from that point forward.")
.ToComponents()))
.Materialize(),
postBack: newPasswordPb))),
updateRegionSets: authenticationModeUpdateRegion.ToCollection()).ToCollection()));
var logInHiddenFieldsAndMethods = FormState.ExecuteWithDataModificationsAndDefaultAction(
new[] { logInPb, sendCodePb, newPasswordPb }.Where(i => i != null),
AuthenticationStatics.GetLogInHiddenFieldsAndMethods);
content.Add(
new FlowAutofocusRegion(
AutofocusCondition.InitialRequest(),
new Section(
"Registered users",
registeredComponents,
style: SectionStyle.Box,
etherealContent: logInHiddenFieldsAndMethods.hiddenFields.Append(codeEntryIsForPasswordReset).Materialize()).ToCollection()));
passwordLoginMethod = logInHiddenFieldsAndMethods.modificationMethods.passwordLoginMethod;
loginCodeSender = logInHiddenFieldsAndMethods.modificationMethods.loginCodeSender;
codeLoginMethod = logInHiddenFieldsAndMethods.modificationMethods.codeLoginMethod;
});
var specialInstructions = EwfUiStatics.AppProvider.GetSpecialInstructionsForLogInPage();
if (specialInstructions.Any())
{
content.Add(specialInstructions);
}
else
{
var unregisteredComponents = new List <FlowComponent>();
unregisteredComponents.Add(
new Paragraph(
"If you have difficulty logging in, please {0}".FormatWith(UserManagementStatics.LocalIdentityProvider.LogInHelpInstructions).ToComponents()));
content.Add(new Section("Unregistered users", unregisteredComponents, style: SectionStyle.Box));
}
return(content);
}
