//TODO: Encrypt connection through HTTPS
protected async void Page_Load(object sender, EventArgs e)
{
if(!IsPostBack)
{
//storage encrypted values
var id = Request.QueryString["id"];
string clientid = "", redirectUri = "", state = "";
//var cipher = new StringCipher();
//if is not encrypted the value is empty
if (string.IsNullOrEmpty(id))
{
clientid = Request.QueryString["client_id"];
redirectUri = Uri.UnescapeDataString(Request.QueryString["redirect_uri"]).Trim();
state = Request.QueryString["state"];
if (clientid != null && redirectUri != null && state != null)
{
//Encrypt URL
string[] urlSplit = Request.Url.ToString().Split('?');
string encryptedstring = StringCipher.Encrypt(urlSplit[1], keyEncryptQueryString);
var encriptedUrlSafe = HttpUtility.UrlEncode(encryptedstring);
string urlEncrypted = urlSplit[0] + "?id=" + encriptedUrlSafe;
HttpContext.Current.Response.Redirect(urlEncrypted, false);
}
else
{
LogForm.Visible = false;
FailureText.Text = "Are you lost?... please go back to the home page";
ErrorMessage.Visible = true;
}
}
else
{
hdn_Id.Value = id;
//Decrypt values
var _id = StringCipher.Decrypt(id.ToString(), keyEncryptQueryString);
var arrValues = DecryptValues(_id);
clientid = arrValues[0];
redirectUri = arrValues[1];
state = arrValues[2];
var dbAction = new DbActions();
var externalAppName = await dbAction.GetExternalAppName(clientid);
if (externalAppName != null)
{
AppName = externalAppName;
}
if (User.Identity.IsAuthenticated)
{
var userid = User.Identity.GetUserId();
var tokenGranted = await dbAction.AreGrantedPermissionsAsync(userid);
if (tokenGranted != null)
{
if (tokenGranted.GrantedAccess)
{
redirectUri = WebUtilities.AddQueryString(redirectUri, "token", tokenGranted.Token);
redirectUri = WebUtilities.AddQueryString(redirectUri, "state", state);
Response.Redirect(redirectUri);
}
}
LogForm.Visible = false;
AuthPrompt.Visible = true;
ErrorMessage.Visible = true;
}
}
}
}
