private bool HandleLiveId(string token, string host)
{
Tuple <bool, bool> inCache = IsInCache(host, token);
if (inCache.Item1)
{
return(inCache.Item2);
}
WindowsLiveLogin wll = new WindowsLiveLogin(Constants.LiveIdappId, Constants.LiveIdappsecret, Constants.LiveIdsecurityAlgorithm, true, Constants.LiveIdpolicyURL, Constants.LiveIdreturnURL);
WindowsLiveLogin.User user = wll.ProcessToken(token);
if (user == null)
{
ThrowRejection(HttpStatusCode.Unauthorized, "Invalid user token in authorization header.");
}
if (DateTime.UtcNow.Subtract(user.Timestamp).TotalMilliseconds > Constants.PrivilegeLevelTokenExpiry[Constants.LiveId] * 1000)
{
ThrowRejection(HttpStatusCode.Unauthorized, "Expired token being presented. Token Expiry: " + Constants.PrivilegeLevelTokenExpiry[Constants.LiveId] + " seconds");
}
bool retVal = IsValidAccess(host, Constants.LiveId, user.Id);
UpdateCache(host, token, user.Timestamp, retVal); // *** updating cache
return(retVal);
}
/// <summary>
/// Initializes the control properties.
/// </summary>
protected void SetupControl()
{
if (this.StopProcessing)
{
// Do nothing
}
else
{
if (SettingsKeyProvider.GetBoolValue(CMSContext.CurrentSiteName + ".CMSEnableWindowsLiveID"))
{
plcPasswordNew.Visible = this.AllowFormsAuthentication;
pnlExistingUser.Visible = this.AllowExistingUser;
liveUser = SessionHelper.GetValue("windowsliveloginuser") as WindowsLiveLogin.User;
// There is no windows live user object stored in session - hide all
if ((liveUser == null) && HideForNoLiveID)
{
this.Visible = false;
}
// WAI validation
lblPasswordNew.AssociatedControlClientID = passStrength.InputClientID;
}
else
{
// Error label is displayed in Design mode when Windows Live ID is disabled
if (CMSContext.ViewMode == ViewModeEnum.Design)
{
StringBuilder parameter = new StringBuilder();
parameter.Append(GetString("header.sitemanager") + " -> ");
parameter.Append(GetString("settingscategory.cmssettings") + " -> ");
parameter.Append(GetString("settingscategory.cmsmembership") + " -> ");
parameter.Append(GetString("settingscategory.cmsmembershipauthentication") + " -> ");
parameter.Append(GetString("settingscategory.cmswindowsliveid"));
if (CMSContext.CurrentUser.UserSiteManagerAdmin)
{
// Make it link for SiteManager Admin
parameter.Insert(0, "<a href=\"" + URLHelper.GetAbsoluteUrl("~/CMSSiteManager/default.aspx?section=settings") + "\" target=\"_top\">");
parameter.Append("</a>");
}
lblError.Text = String.Format(GetString("mem.liveid.disabled"), parameter.ToString());
plcError.Visible = true;
plcContent.Visible = false;
}
else
{
this.Visible = false;
}
}
}
}
/// <summary>
/// Initializes the control properties.
/// </summary>
protected void SetupControl()
{
if (StopProcessing)
{
// Do nothing
}
else
{
if (SettingsKeyInfoProvider.GetBoolValue(SiteContext.CurrentSiteName + ".CMSEnableWindowsLiveID"))
{
plcPasswordNew.Visible = AllowFormsAuthentication;
pnlExistingUser.Visible = AllowExistingUser;
liveUser = SessionHelper.GetValue("windowsliveloginuser") as WindowsLiveLogin.User;
// There is no windows live user object stored in session - hide all
if ((liveUser == null) && HideForNoLiveID)
{
Visible = false;
}
// WAI validation
lblPasswordNew.AssociatedControlClientID = passStrength.InputClientID;
}
else
{
// Error label is displayed in Design mode when Windows Live ID is disabled
if (PortalContext.IsDesignMode(PortalContext.ViewMode))
{
StringBuilder parameter = new StringBuilder();
parameter.Append(UIElementInfoProvider.GetApplicationNavigationString("cms", "Settings") + " -> ");
parameter.Append(GetString("settingscategory.cmsmembership") + " -> ");
parameter.Append(GetString("settingscategory.cmsmembershipauthentication") + " -> ");
parameter.Append(GetString("settingscategory.cmswindowsliveid"));
if (MembershipContext.AuthenticatedUser.CheckPrivilegeLevel(UserPrivilegeLevelEnum.GlobalAdmin))
{
// Make it link for Admin
parameter.Insert(0, "<a href=\"" + URLHelper.GetAbsoluteUrl(ApplicationUrlHelper.GetApplicationUrl("cms", "settings")) + "\" target=\"_top\">");
parameter.Append("</a>");
}
lblError.Text = String.Format(GetString("mem.liveid.disabled"), parameter.ToString());
plcError.Visible = true;
plcContent.Visible = false;
}
else
{
Visible = false;
}
}
}
}
private void LoadSettings()
{
Title = SiteUtils.FormatPageTitle(siteSettings, Resource.RegistrationConfirmation);
winliveCookieName = "winliveid" + siteSettings.SiteId.ToInvariantString();
windowsLive = WindowsLiveHelper.GetWindowsLiveLogin();
if (windowsLive == null) { return; }
string winLiveToken = CookieHelper.GetCookieValue(winliveCookieName);
if (winLiveToken.Length > 0)
{
liveUser = windowsLive.ProcessToken(winLiveToken);
}
AddClassToBody("confirmregistration");
}
private void LoadSettings()
{
Title = SiteUtils.FormatPageTitle(siteSettings, Resource.RegistrationConfirmation);
winliveCookieName = "winliveid" + siteSettings.SiteId.ToInvariantString();
windowsLive = WindowsLiveHelper.GetWindowsLiveLogin();
if (windowsLive == null)
{
return;
}
string winLiveToken = CookieHelper.GetCookieValue(winliveCookieName);
if (winLiveToken.Length > 0)
{
liveUser = windowsLive.ProcessToken(winLiveToken);
}
AddClassToBody("confirmregistration");
}
private void LoadSettings()
{
timeOffset = SiteUtils.GetUserTimeOffset();
timeZone = SiteUtils.GetUserTimeZone();
if (SiteUtils.SslIsAvailable())
{
protocol = "https://";
}
mojoProfileConfiguration profileConfig
= mojoProfileConfiguration.GetConfig();
foreach (mojoProfilePropertyDefinition propertyDefinition in profileConfig.PropertyDefinitions)
{
if ((propertyDefinition.RequiredForRegistration) || (propertyDefinition.ShowOnRegistration))
{
requiredProfileProperties.Add(propertyDefinition);
}
}
winliveCookieName = "winliveid" + siteSettings.SiteId.ToString(CultureInfo.InvariantCulture);
windowsLive = WindowsLiveHelper.GetWindowsLiveLogin();
if (windowsLive == null)
{
return;
}
windowsLiveAppId = windowsLive.AppId;
string winLiveToken = CookieHelper.GetCookieValue(winliveCookieName);
if (winLiveToken.Length > 0)
{
liveUser = windowsLive.ProcessToken(winLiveToken);
}
AddClassToBody("registerwinlivepage");
}
private string GetUserName(string scheme, string stoken)
{
// if this is a liveID authenticated user. he must have a name associated with this token
if (scheme.Equals(Constants.LiveId, StringComparison.CurrentCultureIgnoreCase))
{
WindowsLiveLogin wll = new WindowsLiveLogin(Constants.LiveIdappId, Constants.LiveIdappsecret, Constants.LiveIdsecurityAlgorithm, true, Constants.LiveIdpolicyURL, Constants.LiveIdreturnURL);
WindowsLiveLogin.User windowsliveiduser = wll.ProcessToken(stoken);
string name = platform.GetLiveIdUserName(windowsliveiduser.Id);
if (string.IsNullOrEmpty(name))
{
return("unknown");
}
else
{
return(name);
}
}
return(scheme);
}
private string HandleAddUserGuiWebPage(string stoken, Dictionary <string, string> dict)
{
string html = "";
try
{
WindowsLiveLogin wll = new WindowsLiveLogin(Constants.LiveIdappId, Constants.LiveIdappsecret, Constants.LiveIdsecurityAlgorithm, true, Constants.LiveIdpolicyURL, Constants.LiveIdreturnURL);
WindowsLiveLogin.User windowsliveiduser = wll.ProcessToken(stoken);
if (windowsliveiduser == null)
{
throw new Exception("unable to decrypt liveid token");
}
else if (DateTime.UtcNow.Subtract(windowsliveiduser.Timestamp).TotalMilliseconds <= Constants.PrivilegeLevelTokenExpiry[Constants.LiveId] * 1000)
{
dict["liveIdUniqueUserToken"] = windowsliveiduser.Id;
string redirectTo = "../" + Constants.GuiServiceSuffixWeb + "/" + GuiWebAddLiveIdUserPage;
foreach (string param in dict.Keys)
{
redirectTo += param + "=" + dict[param] + ",";
}
redirectTo = redirectTo.TrimEnd(',');
html += "<html> " + redirectJS + "<script type='text/javascript'>redirect(\"" + redirectTo + "\");</script>";
}
else
{
throw new Exception("Token provided is expired.");
}
}
catch (Exception e)
{
logger.Log("Unable to add user. Exception : " + e);
string redirectTo = "../" + Constants.GuiServiceSuffixWeb + "/" + GuiWebAddLiveIdUserPage + "?function=message,message= User add failed! " + e.Message;
html += "<html> " + redirectJS + "<script type='text/javascript'>redirect(\"" + redirectTo + "\");</script>";
}
return(html);
}
private void LoadSettings()
{
timeOffset = SiteUtils.GetUserTimeOffset();
timeZone = SiteUtils.GetUserTimeZone();
if (SiteUtils.SslIsAvailable()) protocol = "https://";
mojoProfileConfiguration profileConfig
= mojoProfileConfiguration.GetConfig();
foreach (mojoProfilePropertyDefinition propertyDefinition in profileConfig.PropertyDefinitions)
{
if ((propertyDefinition.RequiredForRegistration)||(propertyDefinition.ShowOnRegistration))
{
requiredProfileProperties.Add(propertyDefinition);
}
}
winliveCookieName = "winliveid" + siteSettings.SiteId.ToString(CultureInfo.InvariantCulture);
windowsLive = WindowsLiveHelper.GetWindowsLiveLogin();
if (windowsLive == null) { return; }
windowsLiveAppId = windowsLive.AppId;
string winLiveToken = CookieHelper.GetCookieValue(winliveCookieName);
if (winLiveToken.Length > 0)
{
liveUser = windowsLive.ProcessToken(winLiveToken);
}
AddClassToBody("registerwinlivepage");
}
private void DoValidation()
{
string action = Request.QueryString.Get("action");
if (WebConfigSettings.DebugWindowsLive)
{
log.Info("action was " + action);
}
/*
* If action is 'logout', clear the login cookie and redirect
* to the logout page.
*
* If action is 'clearcookie', clear the login cookie and
* return a GIF as response to signify success.
*
* By default, try to process a login. If login was
* successful, cache the user token in a cookie and redirect
* If login failed, clear the cookie and redirect
*/
if (action == "logout")
{
CookieHelper.ExpireCookie(winliveCookieName);
WebUtils.SetupRedirect(this, siteRoot + "/Logoff.aspx");
return;
}
else if (action == "delauth")
{
HandleConsent();
return;
}
else if (action == "clearcookie")
{
CookieHelper.ExpireCookie(winliveCookieName);
string type;
byte[] content;
windowsLive.GetClearCookieResponse(out type, out content);
Response.ContentType = type;
Response.OutputStream.Write(content, 0, content.Length);
Response.End();
}
else
{
// action is login
user = windowsLive.ProcessLogin(Request.Form);
Guid userGuid = Guid.Empty;
if (user != null)
{
// auth succeeded see if its a current mojo user or not
// emtpy guid means new user
userGuid = SiteUser.GetUserGuidFromWindowsLiveId(
siteSettings.SiteId,
user.Id);
persistCookie = user.UsePersistentCookie;
CookieHelper.SetCookie(winliveCookieName,
user.Token,
user.UsePersistentCookie);
}
else
{
// auth failed so clear the cookie
CookieHelper.ExpireCookie(winliveCookieName);
}
if (user != null)
{
if (userGuid == Guid.Empty)
{
// WindowsLiveID Authentication succeeded
// no mojo user found so send to Register
//WebUtils.SetupRedirect(this, "RegisterWithWindowsLiveID.aspx");
if (siteSettings.AllowNewRegistration)
{
WebUtils.SetupRedirect(this, siteRoot + "/Secure/RegisterWithWindowsLiveID.aspx");
return;
}
WebUtils.SetupRedirect(this, siteRoot);
return;
}
else
{
// TODO: use return url cookie if normal login
//WebUtils.SetupRedirect(
// this,
// SiteUtils.GetNavigationSiteRoot());
DoExistingUserLogic(userGuid);
return;
}
}
else
{
// WindowsLiveID Authentication failed
//WebUtils.SetupRedirect(
// this,
// LoginPage);
Response.Redirect(LoginPage);
return;
}
}
}
/// <summary>
/// Set the Live ID cookie and redirect to the login destination or the registration destination.
/// </summary>
private static void ProcessLogin(HttpContext context)
{
WindowsLiveLogin.User user = WindowsLiveLogin.ProcessLogin(context.Request.Form);
if (user == null)
{
SignOutAndRedirectToSignedOutUrl(context);
return;
}
if (LiveIdMembershipProvider.Current.ValidateUser(user.Id, user.Id))
{
Tracing.FrameworkInformation(ClassName, "ProcessLogin", "User is registered -- redirecting to login destination");
FormsAuthentication.SetAuthCookie(user.Id, user.UsePersistentCookie);
context.Response.Redirect(SafeUrl(user.Context.LoginDestinationPath));
}
else
{
if (string.IsNullOrEmpty(user.Context.RegistrationDestinationPath) && !WindowsLiveLogin.AutoRegister)
{
Tracing.FrameworkInformation(ClassName, "ProcessLogin", "User not registered -- registration destination not provided -- automatic registration not permitted -- signing out");
SignOutAndRedirectToSignedOutUrl(context);
return;
}
if (string.IsNullOrEmpty(user.Context.RegistrationDestinationPath) && WindowsLiveLogin.AutoRegister)
{
Tracing.FrameworkInformation(ClassName, "ProcessLogin", "User not registered -- registration destination not provided -- automatically registering and redirecting");
MembershipCreateStatus status;
var membershipUser = LiveIdMembershipProvider.Current.CreateUser(user.Id, user.Id, null, null, null, true, null, out status);
if (membershipUser == null)
{
throw new MembershipCreateUserException(status);
}
FormsAuthentication.SetAuthCookie(user.Id, user.UsePersistentCookie);
context.Response.Redirect(SafeUrl(user.Context.LoginDestinationPath));
}
else
{
Tracing.FrameworkInformation(ClassName, "ProcessLogin", "User not registered -- posting to registration destination");
var autoPostFormToRegistrationDestinationHtml = @"
<html>
<head>
<title></title>
<script type=""text/javascript"">
function OnBack() {{ }}
function DoSubmit() {{
var submitted = false;
if (!submitted) {{ submitted = true; document.fmHF.submit(); }}
}}
</script>
</head>
<body onload=""javascript:DoSubmit();"">
<form name=""fmHF"" id=""fmHF"" action=""{0}"" method=""post"" target=""_top"">
<input type=""hidden"" name=""live-id-token"" id=""live-id-token"" value=""{1}"">
<input type=""hidden"" name=""live-id-context"" id=""live-id-context"" value=""{2}"">
<input type=""hidden"" name=""live-id-action"" id=""live-id-action"" value=""register"">
</form>
</body>
</html>" .FormatWith(
BuildSafeUrlForRegistrationDestinationWithLoginUrlOnQueryString(user.Context.RegistrationDestinationPath, user.Context.LoginDestinationPath),
Encoder.XmlAttributeEncode(context.Request["stoken"]),
Encoder.XmlAttributeEncode(context.Request["appctx"]));
context.Response.Write(autoPostFormToRegistrationDestinationHtml);
}
}
}
/// <summary>
/// Initializes the control properties.
/// </summary>
protected void SetupControl()
{
if (StopProcessing)
{
// Do nothing
}
else
{
if (SettingsKeyProvider.GetBoolValue(CMSContext.CurrentSiteName + ".CMSEnableWindowsLiveID"))
{
plcPasswordNew.Visible = AllowFormsAuthentication;
pnlExistingUser.Visible = AllowExistingUser;
liveUser = SessionHelper.GetValue("windowsliveloginuser") as WindowsLiveLogin.User;
// There is no windows live user object stored in session - hide all
if ((liveUser == null) && HideForNoLiveID)
{
Visible = false;
}
// WAI validation
lblPasswordNew.AssociatedControlClientID = passStrength.InputClientID;
}
else
{
// Error label is displayed in Design mode when Windows Live ID is disabled
if (CMSContext.ViewMode == ViewModeEnum.Design)
{
StringBuilder parameter = new StringBuilder();
parameter.Append(GetString("header.sitemanager") + " -> ");
parameter.Append(GetString("settingscategory.cmssettings") + " -> ");
parameter.Append(GetString("settingscategory.cmsmembership") + " -> ");
parameter.Append(GetString("settingscategory.cmsmembershipauthentication") + " -> ");
parameter.Append(GetString("settingscategory.cmswindowsliveid"));
if (CMSContext.CurrentUser.UserSiteManagerAdmin)
{
// Make it link for SiteManager Admin
parameter.Insert(0, "<a href=\"" + URLHelper.GetAbsoluteUrl("~/CMSSiteManager/default.aspx?section=settings") + "\" target=\"_top\">");
parameter.Append("</a>");
}
lblError.Text = String.Format(GetString("mem.liveid.disabled"), parameter.ToString());
plcError.Visible = true;
plcContent.Visible = false;
}
else
{
Visible = false;
}
}
}
}
/// <summary>
/// Initializes the control properties.
/// </summary>
protected void SetupControl()
{
if (StopProcessing)
{
// Do nothing
}
else
{
if (SettingsKeyInfoProvider.GetBoolValue(SiteContext.CurrentSiteName + ".CMSEnableWindowsLiveID"))
{
plcPasswordNew.Visible = AllowFormsAuthentication;
pnlExistingUser.Visible = AllowExistingUser;
liveUser = SessionHelper.GetValue("windowsliveloginuser") as WindowsLiveLogin.User;
// There is no windows live user object stored in session - hide all
if ((liveUser == null) && HideForNoLiveID)
{
Visible = false;
}
// WAI validation
lblPasswordNew.AssociatedControlClientID = passStrength.InputClientID;
}
else
{
// Error label is displayed in Design mode when Windows Live ID is disabled
if (PortalContext.IsDesignMode(PortalContext.ViewMode))
{
StringBuilder parameter = new StringBuilder();
parameter.Append(UIElementInfoProvider.GetApplicationNavigationString("cms", "Settings") + " -> ");
parameter.Append(GetString("settingscategory.cmsmembership") + " -> ");
parameter.Append(GetString("settingscategory.cmsmembershipauthentication") + " -> ");
parameter.Append(GetString("settingscategory.cmswindowsliveid"));
if (MembershipContext.AuthenticatedUser.CheckPrivilegeLevel(UserPrivilegeLevelEnum.GlobalAdmin))
{
// Make it link for Admin
parameter.Insert(0, "<a href=\"" + URLHelper.GetAbsoluteUrl(UIContextHelper.GetApplicationUrl("cms", "settings")) + "\" target=\"_top\">");
parameter.Append("</a>");
}
lblError.Text = String.Format(GetString("mem.liveid.disabled"), parameter.ToString());
plcError.Visible = true;
plcContent.Visible = false;
}
else
{
Visible = false;
}
}
}
}
/// <summary>
/// Get user information and logs user (register if no user found)
/// </summary>
private void ProcessLiveIDLogin()
{
// Get authorization code from URL
String code = QueryHelper.GetString("code", String.Empty);
// Additional info page for login
string additionalInfoPage = SettingsKeyProvider.GetStringValue(siteName + ".CMSLiveIDRequiredUserDataPage");
// Create windows login object
WindowsLiveLogin wwl = new WindowsLiveLogin(siteName);
// Windows live User
WindowsLiveLogin.User liveUser = null;
if (!WindowsLiveLogin.UseServerSideAuthorization)
{
if (!RequestHelper.IsPostBack())
{
// If client authentication, get token displayed in url after # from window.location
String script = ControlsHelper.GetPostBackEventReference(this, "#").Replace("'#'", "window.location");
ScriptHelper.RegisterClientScriptBlock(this, typeof(string), "PostbackScript", ScriptHelper.GetScript(script));
}
else
{
// Try to get full url from event argument
string fullurl = Request["__EVENTARGUMENT"];
// Authentication token - use to get uid
String token = ParseToken(fullurl, @"authentication_token=([\w\d.-]+)&");
// User token - this token is used in server auth. scenario. It's stored in user object (for possible further use) so parse it too and store it
String accessToken = ParseToken(fullurl, @"access_token=([%\w\d.-]+)&");
if (token != String.Empty)
{
// Return context from session
GetLoginInformation();
// Authenticate user by found token
liveUser = wwl.AuthenticateClientToken(token, relativeURL, accessToken);
if (liveUser != null)
{
// Set info to refresh to parent page
ScriptHelper.RegisterWOpenerScript(Page);
CreateCloseScript("");
}
}
}
}
else
{
GetLoginInformation();
// Process login via Live ID
liveUser = wwl.ProcessLogin(code, relativeURL);
}
// Authorization sucesfull
if (liveUser != null)
{
// Find user by ID
UserInfo winUser = UserInfoProvider.GetUserInfoByWindowsLiveID(liveUser.Id);
string error = String.Empty;
// Register new user
if (winUser == null)
{
// Check whether additional user info page is set
// No page set, user can be created/sign
if (additionalInfoPage == String.Empty)
{
// Create new user user
UserInfo ui = UserInfoProvider.AuthenticateWindowsLiveUser(liveUser.Id, siteName, true, ref error);
// Remove live user object from session, won't be needed
Session.Remove("windowsliveloginuser");
// If user was found or successfuly created
if ((ui != null) && (ui.Enabled))
{
// Send registration e-mails
// E-mail confirmation is not required as user already provided confirmation by successful login using LiveID
UserInfoProvider.SendRegistrationEmails(ui, null, null, false, false);
// Track registration into analytics
double val = ValidationHelper.GetDouble(CMSContext.CurrentResolver.ResolveMacros(conversionValue), 0);
UserInfoProvider.TrackUserRegistration(conversionName, val, siteName, ui);
// Log registration activity
if ((CMSContext.ViewMode == ViewModeEnum.LiveSite) && ActivitySettingsHelper.ActivitiesEnabledAndModuleLoaded(siteName) && ActivitySettingsHelper.ActivitiesEnabledForThisUser(CMSContext.CurrentUser) &&
ActivitySettingsHelper.UserRegistrationEnabled(siteName))
{
int contactId = ModuleCommands.OnlineMarketingGetUserLoginContactID(ui);
TreeNode currentDoc = CMSContext.CurrentDocument;
ActivityLogProvider.LogRegistrationActivity(contactId,
ui, URLHelper.CurrentRelativePath, (currentDoc != null ? currentDoc.NodeID : 0), siteName, CMSContext.Campaign, (currentDoc != null ? currentDoc.DocumentCulture : null));
}
SetAuthCookieAndRedirect(ui);
}
// User not created
else
{
if (WindowsLiveLogin.UseServerSideAuthorization)
{
WindowsLiveLogin.ClearCookieAndRedirect(loginPage);
}
else
{
CreateCloseScript("clearcookieandredirect");
}
}
}
// Required data page exists
else
{
// Store user object in session for additional info page
SessionHelper.SetValue("windowsliveloginuser", liveUser);
if (WindowsLiveLogin.UseServerSideAuthorization)
{
// Redirect to additional info page
URLHelper.Redirect(URLHelper.ResolveUrl(additionalInfoPage));
}
else
{
CreateCloseScript("redirectToAdditionalPage");
}
}
}
else
{
UserInfo ui = UserInfoProvider.AuthenticateWindowsLiveUser(liveUser.Id, siteName, true, ref error);
// If user was found
if ((ui != null) && (ui.Enabled))
{
SetAuthCookieAndRedirect(ui);
}
}
}
}
private void DoLogout()
{
SiteSettings siteSettings = CacheHelper.GetCurrentSiteSettings();
string winliveCookieName = "winliveid"
+ siteSettings.SiteId.ToString(CultureInfo.InvariantCulture);
string roleCookieName = SiteUtils.GetRoleCookieName(siteSettings);
HttpCookie roleCookie = new HttpCookie(roleCookieName, string.Empty);
roleCookie.Expires = DateTime.Now.AddMinutes(1);
roleCookie.Path = "/";
Response.Cookies.Add(roleCookie);
HttpCookie displayNameCookie = new HttpCookie("DisplayName", string.Empty);
displayNameCookie.Expires = DateTime.Now.AddMinutes(1);
displayNameCookie.Path = "/";
Response.Cookies.Add(displayNameCookie);
// apparently we need this here for folder sites using windows auth
//https://www.mojoportal.com/Forums/EditPost.aspx?thread=13195&forumid=2&mid=34&pageid=5&pagenumber=1
CookieHelper.ExpireCookie("siteguid" + siteSettings.SiteGuid);
bool useFolderForSiteDetection = ConfigHelper.GetBoolProperty("UseFoldersInsteadOfHostnamesForMultipleSites", false);
if ((useFolderForSiteDetection) && (!WebConfigSettings.UseRelatedSiteMode))
{
string cookieName = "siteguid" + siteSettings.SiteGuid.ToString();
HttpCookie siteCookie = new HttpCookie(cookieName, string.Empty);
siteCookie.Expires = DateTime.Now.AddMinutes(1);
siteCookie.Path = "/";
Response.Cookies.Add(siteCookie);
CookieHelper.ExpireCookie("siteguid" + siteSettings.SiteGuid);
}
else
{
FormsAuthentication.SignOut();
}
string winLiveToken = CookieHelper.GetCookieValue(winliveCookieName);
WindowsLiveLogin.User liveUser = null;
if (winLiveToken.Length > 0)
{
WindowsLiveLogin windowsLive = WindowsLiveHelper.GetWindowsLiveLogin();
try
{
liveUser = windowsLive.ProcessToken(winLiveToken);
if (liveUser != null)
{
Response.Redirect(windowsLive.GetLogoutUrl());
Response.End();
}
}
catch (InvalidOperationException)
{
}
}
try
{
if (Session != null)
{
Session.Clear();
Session.Abandon();
}
}
catch (HttpException) { }
string redirectUrl = SiteUtils.GetNavigationSiteRoot() + "/Default.aspx";
if (!siteSettings.UseSslOnAllPages)
{
if (redirectUrl.StartsWith("https:"))
{
redirectUrl = redirectUrl.Replace("https:", "http:");
}
}
WebUtils.SetupRedirect(this, redirectUrl);
}
/// <summary>
/// Get user information and logs user (register if no user found)
/// </summary>
private void ProcessLiveIDLogin()
{
// Get authorization code from URL
String code = QueryHelper.GetString("code", String.Empty);
// Additional info page for login
string additionalInfoPage = SettingsKeyInfoProvider.GetValue(siteName + ".CMSLiveIDRequiredUserDataPage");
// Create windows login object
WindowsLiveLogin wwl = new WindowsLiveLogin(siteName);
// Windows live User
WindowsLiveLogin.User liveUser = null;
if (!WindowsLiveLogin.UseServerSideAuthorization)
{
if (!RequestHelper.IsPostBack())
{
// If client authentication, get token displayed in url after # from window.location
String script = ControlsHelper.GetPostBackEventReference(this, "#").Replace("'#'", "window.location");
ScriptHelper.RegisterClientScriptBlock(this, typeof(string), "PostbackScript", ScriptHelper.GetScript(script));
}
else
{
// Try to get full url from event argument
string fullurl = Request[postEventArgumentID];
// Authentication token - use to get uid
String token = ParseToken(fullurl, @"authentication_token=([\w\d.-]+)&");
// User token - this token is used in server auth. scenario. It's stored in user object (for possible further use) so parse it too and store it
String accessToken = ParseToken(fullurl, @"access_token=([%\w\d.-/]+)&");
if (token != String.Empty)
{
// Return context from session
GetLoginInformation();
// Authenticate user by found token
liveUser = wwl.AuthenticateClientToken(token, relativeURL, accessToken);
if (liveUser != null)
{
// Set info to refresh to parent page
ScriptHelper.RegisterWOpenerScript(Page);
CreateCloseScript("");
}
}
}
}
else
{
GetLoginInformation();
// Process login via Live ID
liveUser = wwl.ProcessLogin(code, relativeURL);
}
// Authorization successful
if (liveUser != null)
{
// Find user by ID
UserInfo winUser = UserInfoProvider.GetUserInfoByWindowsLiveID(liveUser.Id);
string error = String.Empty;
// Register new user
if (winUser == null)
{
// Check whether additional user info page is set
// No page set, user can be created/sign
if (additionalInfoPage == String.Empty)
{
// Create new user
UserInfo ui = AuthenticationHelper.AuthenticateWindowsLiveUser(liveUser.Id, siteName, true, ref error);
// Remove live user object from session, won't be needed
Session.Remove("windowsliveloginuser");
// If user was found or successfully created
if ((ui != null) && (ui.Enabled))
{
double resolvedConversionValue = ValidationHelper.GetDouble(MacroResolver.Resolve(conversionValue), 0);
// Log user registration into the web analytics and track conversion if set
AnalyticsHelper.TrackUserRegistration(siteName, ui, conversionName, resolvedConversionValue);
MembershipActivityLogger.LogRegistration(ui.UserName, DocumentContext.CurrentDocument);
SetAuthCookieAndRedirect(ui);
}
// User not created
else
{
if (WindowsLiveLogin.UseServerSideAuthorization)
{
WindowsLiveLogin.ClearCookieAndRedirect(loginPage);
}
else
{
CreateCloseScript("clearcookieandredirect");
}
}
}
// Required data page exists
else
{
// Store user object in session for additional info page
SessionHelper.SetValue("windowsliveloginuser", liveUser);
if (WindowsLiveLogin.UseServerSideAuthorization)
{
// Redirect to additional info page
URLHelper.Redirect(UrlResolver.ResolveUrl(additionalInfoPage));
}
else
{
CreateCloseScript("redirectToAdditionalPage");
}
}
}
else
{
UserInfo ui = AuthenticationHelper.AuthenticateWindowsLiveUser(liveUser.Id, siteName, true, ref error);
// If user was found
if ((ui != null) && (ui.Enabled))
{
SetAuthCookieAndRedirect(ui);
}
}
}
}
private void DoLogout()
{
SiteSettings siteSettings = CacheHelper.GetCurrentSiteSettings();
string winliveCookieName = "winliveid"
+ siteSettings.SiteId.ToString(CultureInfo.InvariantCulture);
string roleCookieName = SiteUtils.GetRoleCookieName(siteSettings);
HttpCookie roleCookie = new HttpCookie(roleCookieName, string.Empty);
roleCookie.Expires = DateTime.Now.AddMinutes(1);
roleCookie.Path = "/";
Response.Cookies.Add(roleCookie);
HttpCookie displayNameCookie = new HttpCookie("DisplayName", string.Empty);
displayNameCookie.Expires = DateTime.Now.AddMinutes(1);
displayNameCookie.Path = "/";
Response.Cookies.Add(displayNameCookie);
bool useFolderForSiteDetection = ConfigHelper.GetBoolProperty("UseFoldersInsteadOfHostnamesForMultipleSites", false);
if ((useFolderForSiteDetection) && (!WebConfigSettings.UseRelatedSiteMode))
{
string cookieName = "siteguid" + siteSettings.SiteGuid.ToString();
HttpCookie siteCookie = new HttpCookie(cookieName, string.Empty);
siteCookie.Expires = DateTime.Now.AddMinutes(1);
siteCookie.Path = "/";
Response.Cookies.Add(siteCookie);
}
else
{
FormsAuthentication.SignOut();
}
string winLiveToken = CookieHelper.GetCookieValue(winliveCookieName);
WindowsLiveLogin.User liveUser = null;
if (winLiveToken.Length > 0)
{
WindowsLiveLogin windowsLive = WindowsLiveHelper.GetWindowsLiveLogin();
try
{
liveUser = windowsLive.ProcessToken(winLiveToken);
if (liveUser != null)
{
Response.Redirect(windowsLive.GetLogoutUrl());
Response.End();
}
}
catch (InvalidOperationException)
{
}
}
try
{
if (Session != null)
{
Session.Abandon();
}
}
catch (HttpException) { }
WebUtils.SetupRedirect(this, SiteUtils.GetNavigationSiteRoot() + "/Default.aspx");
}
