public async Task <IActionResult> PreValidate(string domainHint) { IActionResult invalidJson(string errorMessageKey, Exception ex = null) { Response.StatusCode = ex == null ? 400 : 500; return(Json(new ErrorResponseModel(_i18nService.T(errorMessageKey)) { ExceptionMessage = ex?.Message, ExceptionStackTrace = ex?.StackTrace, InnerExceptionMessage = ex?.InnerException?.Message, })); } try { // Validate domain_hint provided if (string.IsNullOrWhiteSpace(domainHint)) { return(invalidJson("NoOrganizationIdentifierProvidedError")); } // Validate organization exists from domain_hint var organization = await _organizationRepository.GetByIdentifierAsync(domainHint); if (organization == null) { return(invalidJson("OrganizationNotFoundByIdentifierError")); } if (!organization.UseSso) { return(invalidJson("SsoNotAllowedForOrganizationError")); } // Validate SsoConfig exists and is Enabled var ssoConfig = await _ssoConfigRepository.GetByIdentifierAsync(domainHint); if (ssoConfig == null) { return(invalidJson("SsoConfigurationNotFoundForOrganizationError")); } if (!ssoConfig.Enabled) { return(invalidJson("SsoNotEnabledForOrganizationError")); } // Validate Authentication Scheme exists and is loaded (cache) var scheme = await _schemeProvider.GetSchemeAsync(organization.Id.ToString()); if (scheme == null || !(scheme is IDynamicAuthenticationScheme dynamicScheme)) { return(invalidJson("NoSchemeOrHandlerForSsoConfigurationFoundError")); } // Run scheme validation try { await dynamicScheme.Validate(); } catch (Exception ex) { var translatedException = _i18nService.GetLocalizedHtmlString(ex.Message); var errorKey = "InvalidSchemeConfigurationError"; if (!translatedException.ResourceNotFound) { errorKey = ex.Message; } return(invalidJson(errorKey, translatedException.ResourceNotFound ? ex : null)); } } catch (Exception ex) { return(invalidJson("PreValidationError", ex)); } // Everything is good! return(new EmptyResult()); }
public async Task <IActionResult> PreValidate(string domainHint) { try { // Validate domain_hint provided if (string.IsNullOrWhiteSpace(domainHint)) { return(InvalidJson("NoOrganizationIdentifierProvidedError")); } // Validate organization exists from domain_hint var organization = await _organizationRepository.GetByIdentifierAsync(domainHint); if (organization == null) { return(InvalidJson("OrganizationNotFoundByIdentifierError")); } if (!organization.UseSso) { return(InvalidJson("SsoNotAllowedForOrganizationError")); } // Validate SsoConfig exists and is Enabled var ssoConfig = await _ssoConfigRepository.GetByIdentifierAsync(domainHint); if (ssoConfig == null) { return(InvalidJson("SsoConfigurationNotFoundForOrganizationError")); } if (!ssoConfig.Enabled) { return(InvalidJson("SsoNotEnabledForOrganizationError")); } // Validate Authentication Scheme exists and is loaded (cache) var scheme = await _schemeProvider.GetSchemeAsync(organization.Id.ToString()); if (scheme == null || !(scheme is IDynamicAuthenticationScheme dynamicScheme)) { return(InvalidJson("NoSchemeOrHandlerForSsoConfigurationFoundError")); } // Run scheme validation try { await dynamicScheme.Validate(); } catch (Exception ex) { var translatedException = _i18nService.GetLocalizedHtmlString(ex.Message); var errorKey = "InvalidSchemeConfigurationError"; if (!translatedException.ResourceNotFound) { errorKey = ex.Message; } return(InvalidJson(errorKey, translatedException.ResourceNotFound ? ex : null)); } var tokenable = new SsoTokenable(organization, _globalSettings.Sso.SsoTokenLifetimeInSeconds); var token = _dataProtector.Protect(tokenable); return(new SsoPreValidateResponseModel(token)); } catch (Exception ex) { return(InvalidJson("PreValidationError", ex)); } }