/// <summary>
/// Gets called on a authenication request. This method should check sessions or simmilar to verify that the user has access to the backend.
/// This method should return true if the current request is authenicated or false if it's not.
/// </summary>
/// <param name="man">ManagerEngine reference that the plugin is assigned to.</param>
/// <returns>true/false if the user is authenticated</returns>
public override bool OnAuthenticate(ManagerEngine man)
{
HttpContext context = HttpContext.Current;
HttpSessionState session = context.Session;
HttpRequest request = context.Request;
HttpResponse response = context.Response;
ManagerConfig config = man.Config;
string dir, authURL, secretKey, rootPath, data, returnURL, prefix;
// Get some config values
authURL = config["ExternalAuthenticator.external_auth_url"];
secretKey = config["ExternalAuthenticator.secret_key"];
prefix = config["ExternalAuthenticator.session_prefix"];
dir = Path.GetFileName(Path.GetDirectoryName(request.FilePath));
if (prefix == null)
{
prefix = "mcmanager_";
}
// Always load the language packs
if (dir == "language")
{
return(true);
}
// Check already authenticated on rpc and stream
if (dir == "rpc" || dir == "stream")
{
if (session[prefix + "_ExternalAuthenticator"] != null && ((string)session[prefix + "_ExternalAuthenticator"]) == "true")
{
// Override config values
foreach (string key in session.Keys)
{
if (key.StartsWith(prefix + "_ExternalAuthenticator."))
{
config[key.Substring((prefix + "_ExternalAuthenticator.").Length)] = (string)session[key];
}
}
// Try create root path
rootPath = man.ToAbsPath(config["filesystem.rootpath"]);
if (!Directory.Exists(rootPath))
{
Directory.CreateDirectory(rootPath);
}
// Use root path as path
if (config["filesystem.path"] == "" || !PathUtils.IsChildPath(rootPath, config["filesystem.path"]))
{
config["filesystem.path"] = rootPath;
}
return(true);
}
}
// Handle post
if (request.Form["key"] != null)
{
data = "";
foreach (string key in request.Form.Keys)
{
if (key != "key")
{
data += request.Form[key];
}
}
// Check if keys match
if (MD5(data + secretKey) == request.Form["key"])
{
session[prefix + "_ExternalAuthenticator"] = "true";
// Store input data in session scope
foreach (string key in request.Form.Keys)
{
string ckey = key.Replace("__", "."); // Handle PHP escaped strings
session[prefix + "_ExternalAuthenticator." + ckey] = request.Form[key];
}
return(true);
}
else
{
response.Write("Input data doesn't match verify that the secret keys are the same.");
response.End();
return(false);
}
}
// Build return URL
returnURL = request.Url.ToString();
if (returnURL.IndexOf('?') != -1)
{
returnURL = returnURL.Substring(0, returnURL.IndexOf('?'));
}
returnURL += "?type=" + man.Prefix;
// Force auth absolute
authURL = new Uri(request.Url, authURL).ToString();
// Handle rpc and stream requests
if (dir == "rpc" || dir == "stream")
{
returnURL = new Uri(request.Url, PathUtils.ToUnixPath(Path.GetDirectoryName(Path.GetDirectoryName(request.FilePath)))).ToString() + "/default.aspx?type=" + man.Prefix;
config["authenticator.login_page"] = authURL + "?return_url=" + context.Server.UrlEncode(returnURL);
return(false);
}
response.Redirect(authURL + "?return_url=" + context.Server.UrlEncode(returnURL), true);
return(false);
}
