private ActionResult ActionSignout() { var message = WSFederationMessage.CreateFromUri(Request.Url); string reply = null; if (message.GetType() == typeof(SignOutCleanupRequestMessage)) { reply = ((SignOutCleanupRequestMessage)message).Reply; } else if (message.GetType() == typeof(SignOutRequestMessage)) { reply = ((SignOutRequestMessage)message).Reply; } FederatedPassiveSecurityTokenServiceOperations.ProcessSignOutRequest( message, (ClaimsPrincipal)User, reply, System.Web.HttpContext.Current.Response); return(Redirect(reply ?? "/")); }
protected override void OnPreRender(EventArgs e) { string action = this.Request.QueryString[WSFederationConstants.Parameters.Action]; if (action == WSFederationConstants.Actions.SignIn) { // Process signin request. var requestMessage = (SignInRequestMessage)WSFederationMessage.CreateFromUri(this.Request.Url); if (this.User != null && this.User.Identity.IsAuthenticated) { SecurityTokenService sts = new IdentityProviderSecurityTokenService(IdentityProviderSecurityTokenServiceConfiguration.Current); SignInResponseMessage responseMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(requestMessage, this.User, sts); FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse(responseMessage, this.Response); } else { throw new UnauthorizedAccessException(); } } else if (action == WSFederationConstants.Actions.SignOut) { // Process signout request. var requestMessage = (SignOutRequestMessage)WSFederationMessage.CreateFromUri(this.Request.Url); FederatedPassiveSecurityTokenServiceOperations.ProcessSignOutRequest(requestMessage, this.User, null, this.Response); this.ActionExplanationLabel.Text = @"Sign out from the issuer has been requested."; } else { throw new InvalidOperationException( String.Format( CultureInfo.InvariantCulture, "The action '{0}' (Request.QueryString['{1}']) is unexpected. Expected actions are: '{2}' or '{3}'.", String.IsNullOrEmpty(action) ? "<EMPTY>" : action, WSFederationConstants.Parameters.Action, WSFederationConstants.Actions.SignIn, WSFederationConstants.Actions.SignOut)); } }
protected override void OnPreRender(EventArgs e) { string action = Request.QueryString[WSFederationConstants.Parameters.Action]; try { if (action == WSFederationConstants.Actions.SignIn) { // Process signin request. string endpointAddress = "~/SimulatedWindowsAuthentication.aspx"; this.Response.Redirect(endpointAddress + "?" + Request.QueryString, false); } else if (action == WSFederationConstants.Actions.SignOut) { // Process signout request. SimulatedWindowsAuthenticationOperations.LogOutUser(this.Request, this.Response); SignOutRequestMessage requestMessage = (SignOutRequestMessage)WSFederationMessage.CreateFromUri(Request.Url); FederatedPassiveSecurityTokenServiceOperations.ProcessSignOutRequest(requestMessage, this.User, null, this.Response); this.ActionExplanationLabel.Text = "Sign out from the issuer has been requested."; } else { throw new InvalidOperationException( string.Format( CultureInfo.InvariantCulture, "The action '{0}' (Request.QueryString['{1}']) is unexpected. Expected actions are: '{2}' or '{3}'.", string.IsNullOrEmpty(action) ? "<EMPTY>" : action, WSFederationConstants.Parameters.Action, WSFederationConstants.Actions.SignIn, WSFederationConstants.Actions.SignOut)); } } catch (Exception exception) { throw new Exception("An unexpected error occurred when processing the request. See inner exception for details.", exception); } }
/// <summary> /// Performs WS-Federation Passive Protocol processing. /// </summary> protected void Page_PreRender(object sender, EventArgs e) { string action = Request.QueryString[WSFederationConstants.Parameters.Action]; try { if (action == WSFederationConstants.Actions.SignIn) { // Process signin request. SignInRequestMessage requestMessage = (SignInRequestMessage)WSFederationMessage.CreateFromUri(Request.Url); if (User != null && User.Identity != null && User.Identity.IsAuthenticated) { SecurityTokenService sts = new CustomSecurityTokenService(CustomSecurityTokenServiceConfiguration.Current); SignInResponseMessage responseMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(requestMessage, User, sts); FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse(responseMessage, Response); } else { throw new UnauthorizedAccessException(); } } else if (action == WSFederationConstants.Actions.SignOut) { // Process signout request. SignOutRequestMessage requestMessage = (SignOutRequestMessage)WSFederationMessage.CreateFromUri(Request.Url); FederatedPassiveSecurityTokenServiceOperations.ProcessSignOutRequest(requestMessage, User, requestMessage.Reply, Response); } else if (action == null && SocialAuthUser.IsLoggedIn()) { string originalUrl = SocialAuthUser.GetCurrentUser().GetConnection(SocialAuthUser.CurrentProvider).GetConnectionToken().UserReturnURL; //replace ru value int wctxBeginsFrom = originalUrl.IndexOf("wctx="); int wctxEndsAt = originalUrl.IndexOf("&wct="); string wctxContent = originalUrl.Substring(wctxBeginsFrom + 5, wctxEndsAt - (wctxBeginsFrom + 5)); originalUrl = originalUrl.Replace(wctxContent, Server.UrlEncode(wctxContent)); //replace wtrealm value int wtrealmBeginsFrom = originalUrl.IndexOf("wtrealm="); int wtrealmEndsAt = originalUrl.IndexOf("&", wtrealmBeginsFrom); string wtrealmContent = originalUrl.Substring(wtrealmBeginsFrom + 8, wtrealmEndsAt - (wtrealmBeginsFrom + 8)); originalUrl = originalUrl.Replace(wtrealmContent, Server.UrlEncode(wtrealmContent)); SignInRequestMessage requestMessage = (SignInRequestMessage)WSFederationMessage.CreateFromUri(new Uri(originalUrl)); if (User != null && User.Identity != null && User.Identity.IsAuthenticated) { SecurityTokenService sts = new CustomSecurityTokenService(CustomSecurityTokenServiceConfiguration.Current); SignInResponseMessage responseMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(requestMessage, User, sts); FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse(responseMessage, Response); } } else { throw new InvalidOperationException( String.Format(CultureInfo.InvariantCulture, "The action '{0}' (Request.QueryString['{1}']) is unexpected. Expected actions are: '{2}' or '{3}'.", String.IsNullOrEmpty(action) ? "<EMPTY>" : action, WSFederationConstants.Parameters.Action, WSFederationConstants.Actions.SignIn, WSFederationConstants.Actions.SignOut)); } } catch (Exception exception) { throw new Exception("An unexpected error occurred when processing the request. See inner exception for details.", exception); } }
public ActionResult ProcessFederationRequest() { Logger.Info("ProcessFederationRequest"); var action = Request.QueryString[WSFederationConstants.Parameters.Action]; switch (action) { case WSFederationConstants.Actions.SignIn: { var requestMessage = (SignInRequestMessage)WSFederationMessage.CreateFromUri(Request.UrlConsideringLoadBalancerHeaders()); if (User?.Identity != null && User.Identity.IsAuthenticated) { try { var sts = new MultiProtocolSecurityTokenService(MultiProtocolSecurityTokenServiceConfiguration.Current); if (Logger.IsInfoEnabled) { var user = User.Identity as ClaimsIdentity; if (user?.Claims != null) { foreach (var claim in user.Claims) { Logger.InfoFormat( "claim, Issuer: {0}, OriginalIssuer: {1}, Type:{2}, Subject:{3}, Value: {4}, ValueType: {5}", claim.Issuer, claim.OriginalIssuer, claim.Type, claim.Subject, claim.Value, claim.ValueType); } } Logger.InfoFormat("Reply: {0}", requestMessage.Reply); Logger.InfoFormat("Before ProcessSignInRequest"); } var responseMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(requestMessage, new ClaimsPrincipal(User), sts); responseMessage.Write(Response.Output); } finally { FederatedAuthentication.SessionAuthenticationModule.DeleteSessionTokenCookie(); } Response.Flush(); Response.End(); HttpContext.ApplicationInstance.CompleteRequest(); } else { // user not authenticated yet, look for whr, if not there go to HomeRealmDiscovery page Logger.InfoFormat("User is not authenticated yet, redirecting to given realm."); CreateFederationContext(); if (string.IsNullOrEmpty(Request.QueryString[WSFederationConstants.Parameters.HomeRealm])) { return(HomeRealmDiscovery(HttpUtility.HtmlEncode(HttpUtility.ParseQueryString(requestMessage.Context).Get("em")))); } return(Authenticate()); } } break; case WSFederationConstants.Actions.SignOut: { var requestMessage = (SignOutRequestMessage)WSFederationMessage.CreateFromUri(Request.UrlConsideringLoadBalancerHeaders()); var replyTo = requestMessage.Reply; if (!string.IsNullOrEmpty(replyTo) && ConfigurationManager.AppSettings.GetBoolSetting("UseRelativeConfiguration")) { var uri = new Uri(replyTo); if (uri.IsAbsoluteUri) { replyTo = "/" + new Uri(uri.GetComponents(UriComponents.SchemeAndServer, UriFormat.Unescaped)).MakeRelativeUri(uri); } } FederatedPassiveSecurityTokenServiceOperations.ProcessSignOutRequest(requestMessage, new ClaimsPrincipal(User), replyTo, HttpContext.ApplicationInstance.Response); } break; default: Response.AddHeader("X-XRDS-Location", new Uri(Request.UrlConsideringLoadBalancerHeaders(), Response.ApplyAppPathModifier("~/xrds.aspx")).AbsoluteUri); return(new EmptyResult()); } return(null); }
public ActionResult ProcessFederationRequest() { var action = Request.QueryString[WSFederationConstants.Parameters.Action]; try { switch (action) { case WSFederationConstants.Actions.SignIn: { var requestMessage = (SignInRequestMessage)WSFederationMessage.CreateFromUri(Request.Url); if (User != null && User.Identity != null && User.Identity.IsAuthenticated) { var sts = new MultiProtocolSecurityTokenService(MultiProtocolSecurityTokenServiceConfiguration.Current); var responseMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(requestMessage, User, sts); responseMessage.Write(Response.Output); Response.Flush(); Response.End(); HttpContext.ApplicationInstance.CompleteRequest(); } else { // user not authenticated yet, look for whr, if not there go to HomeRealmDiscovery page this.CreateFederationContext(); if (string.IsNullOrEmpty(this.Request.QueryString[WSFederationConstants.Parameters.HomeRealm])) { return(this.RedirectToAction("HomeRealmDiscovery")); } else { return(this.Authenticate()); } } } break; case WSFederationConstants.Actions.SignOut: { var requestMessage = (SignOutRequestMessage)WSFederationMessage.CreateFromUri(Request.Url); FederatedPassiveSecurityTokenServiceOperations.ProcessSignOutRequest(requestMessage, User, requestMessage.Reply, HttpContext.ApplicationInstance.Response); } break; default: throw new InvalidOperationException( String.Format( CultureInfo.InvariantCulture, "The action '{0}' (Request.QueryString['{1}']) is unexpected. Expected actions are: '{2}' or '{3}'.", String.IsNullOrEmpty(action) ? "<EMPTY>" : action, WSFederationConstants.Parameters.Action, WSFederationConstants.Actions.SignIn, WSFederationConstants.Actions.SignOut)); } } catch (Exception exception) { throw new Exception("An unexpected error occurred when processing the request. See inner exception for details.", exception); } return(null); }
private static void ProcessSignOut(Uri url, ClaimsPrincipal user) { var requestMessage = (SignOutRequestMessage)WSFederationMessage.CreateFromUri(url); FederatedPassiveSecurityTokenServiceOperations.ProcessSignOutRequest(requestMessage, user, requestMessage.Reply, System.Web.HttpContext.Current.Response); }