private void VerifyVanityUrl(Guid organizationId, Guid instanceId) { if (organizationId != Guid.Empty) { string vanityUrl = CustomUrlProvider.GetVanityUrl(organizationId, instanceId); if (!string.IsNullOrEmpty(vanityUrl) && (string.Compare(Request.Url.Host, vanityUrl, StringComparison.OrdinalIgnoreCase) != 0)) { string redirectUrl = this.ReturnUrl; if (string.IsNullOrEmpty(redirectUrl)) { redirectUrl = CustomUrlProvider.CreateApplicationAbsoluteUrl(Request.Url.PathAndQuery); } else { redirectUrl = CustomUrlProvider.CreateApplicationAbsoluteUrl(Request.Url.PathAndQuery) + ((Request.QueryString["returnurl"] == null) ? ((Request.Url.PathAndQuery.IndexOf("&", StringComparison.OrdinalIgnoreCase) > -1) ? "&" : "?") + "returnurl=" + HttpUtility.UrlEncode(redirectUrl) : string.Empty); } Response.Redirect(string.Format(CultureInfo.InvariantCulture, "{0}{1}{2}{3}", Request.Url.Scheme, Uri.SchemeDelimiter, vanityUrl, redirectUrl)); } } }
/// <summary> /// Occurs when the request state (for example, session state) that is associated with the current request has been obtained. /// </summary> /// <param name="sender">The sourceRow of the event.</param> /// <param name="e">An EventArgs that contains the event data.</param> protected virtual void Application_PostAcquireRequestState(object sender, EventArgs e) { HttpContext http = HttpContext.Current; if (http == null) { return; } if (http.Session == null) { return; } UserContext user = null; Micajah.Common.Bll.Action action = null; CustomUrlElement customUrlSettings = FrameworkConfiguration.Current.WebApplication.CustomUrl; string host = http.Request.Url.Host; bool isDefaultPartialCustomUrl = false; if (customUrlSettings.Enabled) { isDefaultPartialCustomUrl = CustomUrlProvider.IsDefaultVanityUrl(host); } if (!isDefaultPartialCustomUrl) { if (http.Session.IsNewSession) { user = UserContext.Current; if (user != null) { LoginProvider.Current.UpdateSession(user.UserId, http.Session.SessionID); } } if (!http.SkipAuthorization) { if (user == null) { user = UserContext.Current; } if (user == null) { action = ActionProvider.FindAction(CustomUrlProvider.CreateApplicationAbsoluteUrl(Request.Url.PathAndQuery)); if (action != null) { if (action.AuthenticationRequired) { LoginProvider.Current.SignOut(true, Request.Url.PathAndQuery); } } } else if (!customUrlSettings.Enabled) { if (!LoginProvider.Current.ValidateSession(user.UserId, http.Session.SessionID)) { LoginProvider.Current.SignOut(true, true, true); } } } } if (!customUrlSettings.Enabled) { return; } if (!((http.User != null) && (http.User.Identity != null) && http.User.Identity.IsAuthenticated)) { return; } string redirectUrl = string.Empty; Guid organizationId = Guid.Empty; Guid instanceId = Guid.Empty; if (http.Session.IsNewSession || (string.Compare(host, UserContext.VanityUrl, StringComparison.OrdinalIgnoreCase) != 0)) { if (isDefaultPartialCustomUrl) { return; } string vanityUrl = null; bool setAuthCookie = true; CustomUrlProvider.ParseHost(host, ref organizationId, ref instanceId); if (organizationId == Guid.Empty) { Guid userId = Guid.Empty; LoginProvider.ParseUserIdentityName(out userId, out organizationId, out instanceId); if (userId != Guid.Empty) { setAuthCookie = false; vanityUrl = CustomUrlProvider.GetVanityUrl(organizationId, instanceId); } } else { vanityUrl = host; UserContext.VanityUrl = host; } if (string.IsNullOrEmpty(vanityUrl)) { if (!isDefaultPartialCustomUrl) { http.Session.Abandon(); // Important fix of the issue with the same SessionID for all the child domains. redirectUrl = CustomUrlProvider.CreateApplicationUri(http.Request.Url.PathAndQuery); } } else { if (string.Compare(host, vanityUrl, StringComparison.OrdinalIgnoreCase) == 0) { if (user == null) { user = UserContext.Current; } if (user != null) { try { if (user.OrganizationId != organizationId) { user.SelectOrganization(organizationId, setAuthCookie, null, null); user.SelectInstance(instanceId, setAuthCookie, null); } else if (user.InstanceId != instanceId) { user.SelectInstance(instanceId, setAuthCookie, null); } } catch (AuthenticationException) { redirectUrl = LoginProvider.Current.GetLoginUrl(null, null, Guid.Empty, Guid.Empty, null, CustomUrlProvider.CreateApplicationUri(host, null)); } } } if (string.IsNullOrEmpty(redirectUrl)) { if (string.Compare(host, customUrlSettings.PartialCustomUrlRootAddressesFirst, StringComparison.OrdinalIgnoreCase) == 0) { http.Session.Abandon(); // Important fix of the issue with the same SessionID for all the child domains. } redirectUrl = CustomUrlProvider.CreateApplicationUri(vanityUrl, http.Request.Url.PathAndQuery); } } } else { if (user == null) { user = UserContext.Current; } if (user != null) { CustomUrlProvider.ParseHost(host, ref organizationId, ref instanceId); if (user.OrganizationId != Guid.Empty) { if (user.OrganizationId != organizationId) { redirectUrl = LoginProvider.Current.GetLoginUrl(null, null, organizationId, instanceId, null); } else { if (instanceId == Guid.Empty) { if (user.InstanceId != Guid.Empty) { try { user.SelectOrganization(organizationId, true, null, null); } catch (AuthenticationException) { redirectUrl = LoginProvider.Current.GetLoginUrl(null, null, organizationId, Guid.Empty, null); } } } else if (user.InstanceId != instanceId) { redirectUrl = LoginProvider.Current.GetLoginUrl(null, null, organizationId, instanceId, null); } } } else if (organizationId != Guid.Empty) { redirectUrl = LoginProvider.Current.GetLoginUrl(Guid.Empty, organizationId); } } } if (!string.IsNullOrEmpty(redirectUrl)) { if ((redirectUrl.IndexOf(http.Request.Url.ToString(), StringComparison.OrdinalIgnoreCase) == -1) && (http.Request.Url.ToString().IndexOf(redirectUrl, StringComparison.OrdinalIgnoreCase) == -1)) { http.Response.Redirect(redirectUrl); } } }