public bool AttemptProxyUserLogin(long systemId, string username)
{
try
{
/*
* Assuming the Username is not alterable in the third party system.
*
* If it modifyable by the user, such as a Twitter Screen Name, then
* use a different, immutable ID from the 3rd party system.
*
* Note that this is the only way to login the user without having Ektron
* also store the password. If you're authenticating against a third-party
* system, you do *not* want to store the password for that system within
* Ektron nor authenticate proxy users against it. Instead, you want to rely
* solely on the third party system to verify authentication and authorization.
*
* One reason being that you never know when the password in the third party
* system has changed. If you relied upon that password, and the two were out
* of sync, then you would break authentication using that system.
*/
var userData = UserCRUD.Login(systemId, username);
}
catch (Exception ex)
{
/*
* An exception is usually due to the user not existing. However, you can
* still log it just in case something larger is wrong.
*/
EkException.LogException(ex);
return(false);
}
return(true);
}
/*
* This method conducts the request to Twitter's APIs.
*/
public TwitterAccessTokenResponse ExecuteAccessTokenRequest()
{
/*
* The response object we're expecting from Twitter. This is a custom object
* defined in a class below.
*/
TwitterAccessTokenResponse parsedResponse = null;
try
{
string response = null;
string error = null;
using (var client = new WebClient())
{
/*
* Using a try-catch within the Using statement should ensure that the WebClient is disposed.
*
* WebClient is an easy, but possibly not optimal, solution here. Not optimal because
* it doesn't provide any opportunity to catch the response before it throws an error.
* Hence the try-catch.
*
* Ideally, these calls would contain logic to catch the response code (400, 401, 404, 200, etc.)
* and react with messaging to the visitor accordingly.
*/
try
{
client.Headers["Authorization"] = this.GetAuthorizationString();
/*
* Note that the verifier string is included as part of this request. Instead of being
* added to the header, as with the authorization string, this is put into the body of
* the request.
*/
response = client.UploadString(this.TwApiUrl, this.TwMethod, string.Format("oauth_verifier={0}", AuthVerifier));
string l = string.Empty;
}
catch (Exception ex)
{
EkException.LogException(ex);
error = ex.Message;
}
}
/*
* The constructor for the Response object will parse the string.
*/
parsedResponse = new TwitterAccessTokenResponse(response);
}
catch (Exception ex)
{
EkException.LogException(ex);
}
return(parsedResponse);
}
public bool CreateEktronProxyUser(long systemId, string username)
{
try
{
/*
* Assuming the Username is not alterable in the third party system.
*
* If it modifyable by the user, such as a Twitter Screen Name, then
* use a different, immutable ID from the 3rd party system.
*
* The following are required fields.
*
* Remember to set the IsMembersip flag to prevent admin or author access.
*/
var newUser = new UserData();
newUser.IsMemberShip = true;
newUser.Username = username;
newUser.DisplayName = username;
newUser.FirstName = "not set";
newUser.LastName = "not set";
newUser.Password = UserCRUD.GetRandomPasswordforDefaultRegex();
/*
* The authentication system ID and User ID to login this user.
*
* The system ID should be unique for each 3rd party system and be
* the same for every user who authenticates against this system.
*/
newUser.AuthenticationTypeId = systemId;
newUser.AuthenticationUserId = username;
/*
* Required custom properties.
*/
var props = UserCRUD.GetCustomPropertyList();
props["Time Zone"].Value = "Eastern Standard Time";
newUser.CustomProperties = props;
/*
* Add the user.
*/
UserCRUD.Add(newUser);
}
catch (Exception ex)
{
EkException.LogException(ex);
return(false);
}
return(true);
}
public bool HasTags(long contentId)
{
var returnValue = true;
try
{
var appliedTags = TagCRUD.GetTags(contentId, Ektron.Cms.Common.EkEnumeration.CMSObjectTypes.Content);
return(appliedTags.Any());
}
catch (Exception ex)
{
EkException.LogException(ex);
}
return(returnValue);
}