Пример #1
0
        public override void Handle(FlowEvent @event, FlowContext context)
        {
            if (@event.Equals(FlowEvent.LoginCompleted))
            {
                var externalUserUuid = GetUserExternalUuid();
                var cvrNumber        = _parser.MatchCvrNumber();
                if (externalUserUuid.IsNone)
                {
                    _logger.Warning("No external UUID passed from STS Adgangsstyring");
                    context.TransitionTo(_stateFactory.CreateErrorState(), _ => _.HandleUnknownError());
                }
                else if (cvrNumber.IsNone)
                {
                    _logger.Warning("CVR number not provided from STS Adgangsstyring");
                    context.TransitionTo(_stateFactory.CreateErrorState(), _ => _.HandleUnknownError());
                }
                else if (CurrentUserHasKitosPrivilege())
                {
                    _logger.Debug("User with UUID {uuid} and CVR {cvr} did have privilege", externalUserUuid.Value, cvrNumber.Value);
                    context.TransitionTo(_stateFactory.CreatePrivilegeVerifiedState(externalUserUuid.Value, cvrNumber.Value), _ => _.HandleUserPrivilegeVerified());
                }
                else
                {
                    var privileges = GetPrivilegesString();
                    _logger.Information("Missing privilege for user with UUID {uuid} and CVR {cvr}. Failed with XML privileges {xmlPrivilegesBase64}", externalUserUuid.Value, cvrNumber.Value, privileges);

                    context.TransitionTo(_stateFactory.CreateErrorState(), _ => _.HandleUserPrivilegeInvalid());
                }
            }
        }
Пример #2
0
 public override void Handle(FlowEvent @event, FlowContext context)
 {
     if (@event.Equals(FlowEvent.UserPrivilegeVerified))
     {
         var userResult = _ssoUserIdentityRepository.GetByExternalUuid(_userUuid);
         if (userResult.HasValue) // User has used the same SSO identity before and exists
         {
             var user = userResult.Value.User;
             if (user.CanAuthenticate())
             {
                 context.TransitionTo(_ssoStateFactory.CreateUserLoggedIn(user),
                                      _ => _.HandleUserSeenBefore());
             }
             else
             {
                 var stsBrugerInfo = _stsBrugerInfoService.GetStsBrugerInfo(_userUuid, _cvrNumber);
                 if (!stsBrugerInfo.HasValue)
                 {
                     context.TransitionTo(_ssoStateFactory.CreateErrorState(), _ => _.HandleUnableToResolveUserInStsOrganisation());
                 }
                 else
                 {
                     context.TransitionTo(_ssoStateFactory.CreateUserIdentifiedState(user, stsBrugerInfo.Value),
                                          _ => _.HandleExistingSsoUserWithoutRoles());
                 }
             }
         }
         else // Try to find the user by email
         {
             var stsBrugerInfo = _stsBrugerInfoService.GetStsBrugerInfo(_userUuid, _cvrNumber);
             if (!stsBrugerInfo.HasValue)
             {
                 context.TransitionTo(_ssoStateFactory.CreateErrorState(), _ => _.HandleUnableToResolveUserInStsOrganisation());
             }
             else
             {
                 var userByKitosEmail = FindUserByEmail(stsBrugerInfo);
                 if (userByKitosEmail.HasValue)
                 {
                     context.TransitionTo(_ssoStateFactory.CreateUserIdentifiedState(userByKitosEmail.Value, stsBrugerInfo.Value),
                                          _ => _.HandleUserFirstTimeSsoVisit());
                 }
                 else
                 {
                     context.TransitionTo(_ssoStateFactory.CreateFirstTimeUserNotFoundState(stsBrugerInfo.Value),
                                          _ => _.HandleUnableToLocateUser());
                 }
             }
         }
     }
 }
Пример #3
0
 public override void Handle(FlowEvent @event, FlowContext context)
 {
     if (@event.Equals(FlowEvent.OrganizationNotFound))
     {
         if (_user.CanAuthenticate())
         {
             context.TransitionTo(_stateFactory.CreateUserLoggedIn(_user), _ => _.HandleUserHasRoleInOrganization());
         }
         else
         {
             context.TransitionTo(_stateFactory.CreateErrorState(), _ => _.HandleNoRoleAndOrganization());
         }
     }
 }