public ActionResult Login(string username, string password)
{
if (Users.PasswordMatch(username, password))
{
var user = Users.GetUser(username);
var authLogin = new AuthenticatedLogin
{
AuthenticationMethod = "password",
Name = user.GetClaim("name"),
Subject = user.Subject,
PersistentLogin = true
};
Request.GetOwinContext().Environment.IssueLoginCookie(authLogin);
var sso = TempData["sso"] as string;
TempData["sso"] = null;
var redirectUrl = CreateDiscourseRedirectUrl(user, sso);
return(new RedirectResult(redirectUrl));
}
TempData["error"] = "Wrong username or password";
return(View("Index"));
}
public ActionResult Login(string username, string password)
{
var user = Users.Get().FirstOrDefault(u => u.Username == username && u.Password == password);
if (user != null)
{
var authLogin = new AuthenticatedLogin
{
AuthenticationMethod = "password",
Name = username,
Claims = new List <Claim> {
new Claim(Constants.ClaimTypes.PreferredUserName, username),
new Claim(Constants.ClaimTypes.GivenName, user.Claims.First(c => c.Type == Constants.ClaimTypes.GivenName).Value),
new Claim(Constants.ClaimTypes.FamilyName, user.Claims.First(c => c.Type == Constants.ClaimTypes.FamilyName).Value)
},
Subject = user.Subject,
PersistentLogin = true
};
Request.GetOwinContext().Environment.IssueLoginCookie(authLogin);
var discourseResponse = CreateCustomDiscourseResponse(user);
return(new RedirectResult("https://localhost:44319/identity/discourse/mock?payload=" + discourseResponse));
}
else
{
TempData["error"] = "Wrong username + password";
return(RedirectToAction("Index"));
}
}
/// <summary>
/// Issues the login cookie for IdentityServer.
/// </summary>
/// <param name="env">The OWIN environment.</param>
/// <param name="login">The login information.</param>
/// <exception cref="System.ArgumentNullException">
/// env
/// or
/// login
/// </exception>
public static void IssueLoginCookie(this IDictionary <string, object> env, AuthenticatedLogin login)
{
if (env == null)
{
throw new ArgumentNullException("env");
}
if (login == null)
{
throw new ArgumentNullException("login");
}
var options = env.ResolveDependency <IdentityServerOptions>();
var sessionCookie = env.ResolveDependency <SessionCookie>();
var context = new OwinContext(env);
var props = new AuthenticationProperties();
// if false, then they're explicit in preventing a persistent cookie
if (login.PersistentLogin != false)
{
if (login.PersistentLogin == true || options.AuthenticationOptions.CookieOptions.IsPersistent)
{
props.IsPersistent = true;
if (login.PersistentLogin == true)
{
var expires = login.PersistentLoginExpiration ?? DateTimeHelper.UtcNow.Add(options.AuthenticationOptions.CookieOptions.RememberMeDuration);
props.ExpiresUtc = expires;
}
}
}
var authenticationMethod = login.AuthenticationMethod;
var identityProvider = login.IdentityProvider ?? Constants.BuiltInIdentityProvider;
if (String.IsNullOrWhiteSpace(authenticationMethod))
{
if (identityProvider == Constants.BuiltInIdentityProvider)
{
authenticationMethod = Constants.AuthenticationMethods.Password;
}
else
{
authenticationMethod = Constants.AuthenticationMethods.External;
}
}
var user = IdentityServerPrincipal.Create(login.Subject, login.Name, authenticationMethod, identityProvider, Constants.PrimaryAuthenticationType);
var identity = user.Identities.First();
var claims = login.Claims;
if (claims != null && claims.Any())
{
claims = claims.Where(x => !Constants.OidcProtocolClaimTypes.Contains(x.Type));
claims = claims.Where(x => x.Type != Constants.ClaimTypes.Name);
identity.AddClaims(claims);
}
context.Authentication.SignIn(props, identity);
sessionCookie.IssueSessionId(login.PersistentLogin, login.PersistentLoginExpiration);
}
public AuthenticatedLogin Login()
{
ValidateUser();
try
{
var uri = InstagramCustomApiConstants.LOGIN_URL;
CookieContainer container = new CookieContainer();
HttpWebRequest requestToken = (HttpWebRequest)WebRequest.Create(uri);
requestToken.Method = "GET";
requestToken.Accept = InstagramCustomApiConstants.LOGIN_GET_REQUEST_ACCEPT;
requestToken.UserAgent = InstagramCustomApiConstants.USER_AGENT;
requestToken.CookieContainer = container;
string csrftoken = string.Empty;
using (HttpWebResponse responseToken = (HttpWebResponse)requestToken.GetResponse())
{
foreach (Cookie cookie in responseToken.Cookies)
{
if (cookie.Name.Equals("csrftoken"))
{
csrftoken = cookie.Value;
_user.CsrfToken = csrftoken;
}
}
}
var queryString = HttpUtility.ParseQueryString(string.Empty);
queryString.Add("username", _user.Username);
queryString.Add("password", _user.Password);
queryString.Add("queryParams", "{\"source\":\"auth_switcher\"}");
queryString.Add("optIntoOneTap", "false");
var formData = queryString.ToString();
var data = Encoding.ASCII.GetBytes(formData);
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(InstagramCustomApiConstants.LOGIN_RESPONSE_URL);
request.Headers["x-csrftoken"] = csrftoken;
request.Method = "POST";
request.ContentType = "application/x-www-form-urlencoded";
request.ContentLength = data.Length;
request.UserAgent = InstagramCustomApiConstants.USER_AGENT;
request.Accept = InstagramCustomApiConstants.LOGIN_POST_REQUEST_ACCEPT;
using (Stream stream = request.GetRequestStream())
{
stream.Write(data, 0, data.Length);
}
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
var responseString = new StreamReader(response.GetResponseStream()).ReadToEnd();
AuthenticatedLogin AuthenticatedResponse = new AuthenticatedLogin();
AuthenticatedResponse = JsonConvert.DeserializeObject <AuthenticatedLogin>(responseString);
IsUserAuthenticated = AuthenticatedResponse.Authenticated;
if (AuthenticatedResponse.Authenticated)
{
string part1 = response.Headers.ToString().Split(new string[] { "Set-Cookie: " }, StringSplitOptions.RemoveEmptyEntries)[1];
string part2 = part1.Split(new string[] { "Connection: " }, StringSplitOptions.RemoveEmptyEntries)[0];
string SetCookie = part2;
var response_csrftoken = response.Headers.ToString().SplitString("csrftoken=")[1].Split(';')[0];
var response_mid = response.Headers.ToString().SplitString("mid=")[1].Split(';')[0];
var response_shbid = response.Headers.ToString().SplitString("shbid=")[1].Split(';')[0];
var response_shbts = response.Headers.ToString().SplitString("shbts=")[1].Split(';')[0];
var response_rur = response.Headers.ToString().SplitString("rur=")[1].Split(';')[0];
var response_sessionid = response.Headers.ToString().SplitString("sessionid=")[1].Split(';')[0];
var response_ds_user_id = response.Headers.ToString().SplitString("ds_user_id=")[1].Split(';')[0];
Dictionary <string, object> cookiesDic = new Dictionary <string, object>();
cookiesDic.Add("mid", response_mid);
cookiesDic.Add("shbid", response_shbid);
cookiesDic.Add("shbts", response_shbts);
cookiesDic.Add("rur", response_rur);
cookiesDic.Add("csrftoken", response_csrftoken);
cookiesDic.Add("sessionid", response_sessionid);
cookiesDic.Add("ds_user_id", response_ds_user_id);
string cookieStr = string.Empty;
foreach (var cookie in cookiesDic)
{
cookieStr += $"{cookie.Key}={cookie.Value}; ";
}
AuthenticatedResponse.Cookie = cookieStr.Trim();
Cookie = cookieStr.Trim();
_user.UserCookie = cookieStr.Trim();
_user.UserId = response_ds_user_id;
_user.CsrfToken = response_csrftoken;
}
return(AuthenticatedResponse);
}
catch (Exception ex)
{
throw ex;
}
finally
{
InvalidateServices();
}
}
/// <summary>
/// Issues the login cookie for IdentityServer.
/// </summary>
/// <param name="env">The OWIN environment.</param>
/// <param name="login">The login information.</param>
/// <exception cref="System.ArgumentNullException">
/// env
/// or
/// login
/// </exception>
public static void IssueLoginCookie(this IDictionary <string, object> env, AuthenticatedLogin login, string partialSignInUrl = null, string loginId = null)
{
if (env == null)
{
throw new ArgumentNullException("env");
}
if (login == null)
{
throw new ArgumentNullException("login");
}
bool isPartial = !string.IsNullOrEmpty(partialSignInUrl);
var options = env.ResolveDependency <IdentityServerOptions>();
var sessionCookie = env.ResolveDependency <SessionCookie>();
var context = new OwinContext(env);
var props = new AuthenticationProperties();
//If the login id is empty, populate it from the request query.
if (string.IsNullOrEmpty(loginId))
{
var id = context.Request.Query.Get(Constants.Authentication.SigninQueryParamName);
if (String.IsNullOrWhiteSpace(id))
{
return; //We don't have a login id... Abort.
}
loginId = id;
}
// if false, then they're explicit in preventing a persistent cookie
if (login.PersistentLogin != false)
{
if (login.PersistentLogin == true || options.AuthenticationOptions.CookieOptions.IsPersistent)
{
props.IsPersistent = true;
if (login.PersistentLogin == true)
{
var expires = login.PersistentLoginExpiration ?? DateTimeHelper.UtcNow.Add(options.AuthenticationOptions.CookieOptions.RememberMeDuration);
props.ExpiresUtc = expires;
}
}
}
//Populate the authentication metho and identity sources.
var authenticationMethod = login.AuthenticationMethod;
var identityProvider = login.IdentityProvider ?? Constants.BuiltInIdentityProvider;
if (String.IsNullOrWhiteSpace(authenticationMethod))
{
if (identityProvider == Constants.BuiltInIdentityProvider)
{
authenticationMethod = Constants.AuthenticationMethods.Password;
}
else
{
authenticationMethod = Constants.AuthenticationMethods.External;
}
}
//Create the identity principal, setting the partial sign in if applicable.
var user = IdentityServerPrincipal.Create(login.Subject, login.Name, authenticationMethod, identityProvider, isPartial ? Constants.PartialSignInAuthenticationType : Constants.PrimaryAuthenticationType);
var identity = user.Identities.First();
var claims = login.Claims;
if (claims != null && claims.Any())
{
claims = claims.Where(x => !Constants.OidcProtocolClaimTypes.Contains(x.Type));
claims = claims.Where(x => x.Type != Constants.ClaimTypes.Name);
identity.AddClaims(claims);
}
//Are we a partial sign in?
if (isPartial)
{
// add claim so partial redirect can return here to continue login
// we need a random ID to resume, and this will be the query string
// to match a claim added. the claim added will be the original
// signIn ID.
var resumeId = IdentityModel.CryptoRandom.CreateUniqueId();
var resumeLoginUrl = context.GetPartialLoginResumeUrl(resumeId);
var resumeLoginClaim = new Claim(Constants.ClaimTypes.PartialLoginReturnUrl, resumeLoginUrl);
identity.AddClaim(resumeLoginClaim);
identity.AddClaim(new Claim(String.Format(Constants.ClaimTypes.PartialLoginResumeId, resumeId), loginId));
// add url to start login process over again (which re-triggers preauthenticate)
var restartUrl = context.GetPartialLoginRestartUrl(loginId);
identity.AddClaim(new Claim(Constants.ClaimTypes.PartialLoginRestartUrl, restartUrl));
}
else
{
//We are not - issue the session.
sessionCookie.IssueSessionId(login.PersistentLogin, login.PersistentLoginExpiration);
}
context.Authentication.SignIn(props, identity);
}