public JSONUser UserGET(string username, string password)
{
JSONUser user = new JSONUser();
try
{
User u = new User();
u.Authenticate(username, password);
FormsAuthentication.SetAuthCookie(username, false);
Log("HAP+ App Logon", "Home Access Plus+ Logon\n\nUsername: " + username, System.Diagnostics.EventLogEntryType.Information);
user.Token2 = HttpContext.Current.Response.Cookies[FormsAuthentication.FormsCookieName].Value;
user.Token1 = TokenGenerator.ConvertToToken(password);
user.Username = u.UserName;
user.FirstName = u.FirstName;
user.isValid = true;
user.Token2Name = FormsAuthentication.FormsCookieName;
user.SiteName = hapConfig.Current.School.Name;
}
catch (Exception e) { user.Token2 = e.ToString(); user.isValid = false; }
return(user);
}
public bool Impersonate()
{
if (HAP.Web.Configuration.hapConfig.Current.AD.AuthenticationMode == Web.Configuration.AuthMode.Forms)
{
if (string.IsNullOrEmpty(this.Password) && HttpContext.Current.Request.Cookies["token"] != null)
{
try { this.Password = TokenGenerator.ConvertToPlain(HttpContext.Current.Request.Cookies["token"].Value); }
catch { this.Password = HttpContext.Current.Request.Cookies["token"].Value; return(false); }
}
}
if (HAP.Web.Configuration.hapConfig.Current.AD.AuthenticationMode == Web.Configuration.AuthMode.Windows)
{
if (ADUtils.RevertToSelf())
{
ContainedImpersonationContext = ((WindowsIdentity)HttpContext.Current.User.Identity).Impersonate();
return(true);
}
return(false);
}
WindowsIdentity tempWindowsIdentity;
IntPtr token = IntPtr.Zero;
IntPtr tokenDuplicate = IntPtr.Zero;
if (ADUtils.RevertToSelf())
{
if (string.IsNullOrEmpty(this.Password) && HttpContext.Current.Request.Cookies["token"] == null)
{
FormsAuthentication.SignOut();
FormsAuthentication.RedirectToLoginPage("error=timeout");
}
else
{
if (ADUtils.LogonUserA(this.UserName, this.DomainName, this.Password, LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, ref token) != 0)
{
if (ADUtils.DuplicateToken(token, 2, ref tokenDuplicate) != 0)
{
tempWindowsIdentity = new WindowsIdentity(tokenDuplicate);
impersonationContext = tempWindowsIdentity.Impersonate();
if (impersonationContext != null)
{
ADUtils.CloseHandle(token);
ADUtils.CloseHandle(tokenDuplicate);
return(true);
}
}
}
else
{
throw new Exception("I cannot impersonate " + this.UserName + " due to an issue logging onto the domain " + this.DomainName + " using an Interactive Login. HAP+ Requires Interactive Login Rights on the Server it is running on");
}
}
}
if (token != IntPtr.Zero)
{
ADUtils.CloseHandle(token);
}
if (tokenDuplicate != IntPtr.Zero)
{
ADUtils.CloseHandle(tokenDuplicate);
}
return(false);
}