private CustomUser GetAutoCreateUser()
{
CustomUser usr = new CustomUser();
usr.UserName = windowsUserName;
//passwords will never get used for a windows auth user, so this is mostly just gibberish, but added so that i don't have to allow nulls for passwords in the database
//extra amount of gibberish to potentially avoid a security issue
usr.PasswordIterationCount = CustomEncrypt.minimumIterationCount;
usr.PasswordSalt = CustomEncrypt.PBKDF2GetRandomSalt();
usr.PasswordHash = CustomEncrypt.PBKDF2HashedPassword(windowsAuthPassword, usr.PasswordSalt, usr.PasswordIterationCount);
//***************************************************************
usr.IsUserAutoGenerated = true;
usr.DateCreated = System.DateTime.UtcNow;
usr.DateLastModified = System.DateTime.UtcNow;
//this section is intended on connecting to the domain controller and getting some information about the user to add to our user object
//doesn't always work based on the security of the DC. based this attempt on https://stackoverflow.com/questions/20156913/get-active-directory-user-information-with-windows-authentication-in-mvc-4
PrincipalContext ctx = null;
try
{
ctx = new PrincipalContext(ContextType.Domain);
UserPrincipalExtended windowsUser = UserPrincipalExtended.FindByIdentity(ctx, User.Identity.Name);
if (windowsUser != null)
{
usr.LastName = windowsUser.Surname;
usr.FirstName = windowsUser.GivenName;
//windowsUser.Title;
//windowsUser.Department;
usr.PhoneNumber = windowsUser.VoiceTelephoneNumber;
usr.Email = windowsUser.EmailAddress;
}
}
catch (Exception)// ex)
{
//data was not retrieved successfully from the domain controller. not a good enough reason to cancel the user create, so just move on.
}
finally
{
if (ctx != null)
{
ctx.Dispose();
}
}
//to avoid empty fields, but that's just a personal choice.
if (string.IsNullOrEmpty(usr.FirstName))
{
usr.FirstName = windowsUserName;
}
if (string.IsNullOrEmpty(usr.LastName))
{
usr.LastName = windowsUserName;
}
return(usr);
}
