public static AuthenticationToken ProcessUserLogin(Token samlToken) {
bool trustedEmail = false; // we don't trust InfoCard email addresses, since these can be self-issued.
return ProcessUserLogin(
AuthenticationToken.SynthesizeClaimedIdentifierFromInfoCard(samlToken.UniqueId),
samlToken.SiteSpecificId,
null,
samlToken,
trustedEmail);
}
private static AuthenticationToken ProcessUserLogin(string claimedIdentifier, string friendlyIdentifier, ClaimsResponse claims, Token samlToken, bool trustedEmail) {
// Create an account for this user if we don't already have one.
AuthenticationToken openidToken = Database.DataContext.AuthenticationTokens.FirstOrDefault(token => token.ClaimedIdentifier == claimedIdentifier);
if (openidToken == null) {
// this is a user we haven't seen before.
User user = new User();
openidToken = new AuthenticationToken {
ClaimedIdentifier = claimedIdentifier,
FriendlyIdentifier = friendlyIdentifier,
};
user.AuthenticationTokens.Add(openidToken);
// Gather information about the user if it's available.
if (claims != null) {
if (!string.IsNullOrEmpty(claims.Email)) {
user.EmailAddress = claims.Email;
user.EmailAddressVerified = trustedEmail;
}
if (!string.IsNullOrEmpty(claims.FullName)) {
if (claims.FullName.IndexOf(' ') > 0) {
user.FirstName = claims.FullName.Substring(0, claims.FullName.IndexOf(' ')).Trim();
user.LastName = claims.FullName.Substring(claims.FullName.IndexOf(' ')).Trim();
} else {
user.FirstName = claims.FullName;
}
}
} else if (samlToken != null) {
string email, givenName, surname;
if (samlToken.Claims.TryGetValue(ClaimTypes.Email, out email)) {
user.EmailAddress = email;
user.EmailAddressVerified = trustedEmail;
}
if (samlToken.Claims.TryGetValue(ClaimTypes.GivenName, out givenName)) {
user.FirstName = givenName;
}
if (samlToken.Claims.TryGetValue(ClaimTypes.Surname, out surname)) {
user.LastName = surname;
}
}
Database.DataContext.AddToUsers(user);
} else {
openidToken.UsageCount++;
openidToken.LastUsedUtc = DateTime.UtcNow;
}
return openidToken;
}
/// <summary>
/// Fires the <see cref="ReceivedToken"/> event.
/// </summary>
/// <param name="token">The token, if it was decrypted.</param>
protected virtual void OnReceivedToken(Token token) {
Contract.Requires<ArgumentNullException>(token != null);
var receivedInfoCard = this.ReceivedToken;
if (receivedInfoCard != null) {
receivedInfoCard(this, new ReceivedTokenEventArgs(token));
}
}
/// <summary>
/// Fires the <see cref="ReceivedToken"/> event.
/// </summary>
/// <param name="token">The token, if it was decrypted.</param>
protected virtual void OnReceivedToken(Token token) {
Requires.NotNull(token, "token");
var receivedInfoCard = this.ReceivedToken;
if (receivedInfoCard != null) {
receivedInfoCard(this, new ReceivedTokenEventArgs(token));
}
}
/// <summary>
/// Initializes a new instance of the <see cref="ReceivedTokenEventArgs"/> class.
/// </summary>
/// <param name="token">The token.</param>
internal ReceivedTokenEventArgs(Token token)
{
this.Token = token;
}
/// <summary>
/// Fires the <see cref="ReceivedToken"/> event.
/// </summary>
/// <param name="token">The token, if it was decrypted.</param>
protected virtual void OnReceivedToken(Token token)
{
Contract.Requires(token != null);
ErrorUtilities.VerifyArgumentNotNull(token, "token");
var receivedInfoCard = this.ReceivedToken;
if (receivedInfoCard != null) {
receivedInfoCard(this, new ReceivedTokenEventArgs(token));
}
}
/// <summary>
/// When implemented by a class, enables a server control to process an event raised when a form is posted to the server.
/// </summary>
/// <param name="eventArgument">A <see cref="T:System.String"/> that represents an optional event argument to be passed to the event handler.</param>
public void RaisePostBackEvent(string eventArgument)
{
if (!string.IsNullOrEmpty(this.TokenXml)) {
try {
bool encrypted = Token.IsEncrypted(this.TokenXml);
TokenDecryptor decryptor = encrypted ? new TokenDecryptor() : null;
ReceivingTokenEventArgs receivingArgs = this.OnReceivingToken(this.TokenXml, decryptor);
if (!receivingArgs.Cancel) {
try {
Token token = new Token(this.TokenXml, this.Audience, decryptor);
this.OnReceivedToken(token);
} catch (InformationCardException ex) {
this.OnTokenProcessingError(this.TokenXml, ex);
}
}
} catch (XmlException ex) {
this.OnTokenProcessingError(this.TokenXml, ex);
}
}
}