public async Task <RedirectResult> SingleSignOn([FromQuery] string sso, [FromQuery] string sig)
{
var(nonce, returnUrl) = _discourseService.OpenPayload(sso, sig);
var user = await _userManager.GetUserAsync(User);
_log.Information("Login request from {user}", user.UserName, user.Id, nonce, returnUrl);
var(payload, signature) = _discourseService.CreatePayload(nonce, user.Email.Address, user.Id,
user.UserName, user.Name,
Url.Action("Avatar", "Files", new { id = user.Id }, Request.Scheme, Request.Host.Value), user.Biography,
user.Roles, _roleManager.Roles.Where(r => !user.Roles.Contains(r.Name)).Select(r => r.Name).ToList(),
(await _authorizationService.AuthorizeAsync(User, null,
SimplePermissionRequirement.For(SimplePermissionType.DiscourseAdmin))).Succeeded,
(await _authorizationService.AuthorizeAsync(User, null,
SimplePermissionRequirement.For(SimplePermissionType.DiscourseModerator))).Succeeded, true, false);
if (returnUrl == null)
{
returnUrl = Request.Headers["Referer"];
}
var url = returnUrl.SetQueryParam("sso", payload).SetQueryParam("sig", signature);
return(Redirect(url));
}
public void PayloadCreated()
{
var opts = A.Fake <IOptionsMonitor <DiscourseService.Options> >();
A.CallTo(() => opts.CurrentValue).Returns(new DiscourseService.Options
{
Secret = "d836444a9e4084d5b224a60c208dce14"
});
var service = new DiscourseService(opts);
var result = service.CreatePayload("cb68251eefb5211e58c00ff1395f0c0b",
"*****@*****.**",
"hello123",
"samsam",
"sam",
emailRequireActivation: true
);
result.payload.Should()
.Be(
"bm9uY2U9Y2I2ODI1MWVlZmI1MjExZTU4YzAwZmYxMzk1ZjBjMGImZW1haWw9dGVzdCU0MHRlc3QuY29tJmV4dGVybmFsX2lkPWhlbGxvMTIzJnVzZXJuYW1lPXNhbXNhbSZuYW1lPXNhbSZyZXF1aXJlX2FjdGl2YXRpb249dHJ1ZQ==");
result.signature.Should().Be("19d360ba4bb346c06ec7fd40702960bb60588c997ecdae14e65ffb6298cc33eb");
}
