public ActionResult ValidateUser() { PswMigrationResponse pswMigrationRsp = new PswMigrationResponse(); LdapServiceModel ldapServiceModel = null; CustomUser oktaUser = null; string username = null; string password = null; username = Request["username"]; password = Request["password"]; ldapServiceModel = new LdapServiceModel(); ldapServiceModel.ldapServer = appSettings["ldap.server"]; ldapServiceModel.ldapPort = appSettings["ldap.port"]; ldapServiceModel.baseDn = appSettings["ldap.baseDn"]; //use received username and password to bind with LDAP //if password is valid, set password in Okta try { //check username in Okta and password status oktaUser = _oktaUserMgmt.GetCustomUser(username); } catch (OktaException) { //trap error, handle User is null } if (oktaUser != null) { if (string.IsNullOrEmpty(oktaUser.Profile.IsPasswordInOkta) || oktaUser.Profile.IsPasswordInOkta == "false") { //check user credentials in LDAP bool rspIsAuthenticated = _credAuthentication.IsAuthenticated(username, password, ldapServiceModel); if (rspIsAuthenticated) { //set password in Okta bool rspSetPsw = _oktaUserMgmt.SetUserPassword(oktaUser.Id, password); if (rspSetPsw) { //update attribute in user profile when set password successful oktaUser.Profile.IsPasswordInOkta = "true"; bool rspPartialUpdate = _oktaUserMgmt.UpdateCustomUserAttributesOnly(oktaUser); if (rspPartialUpdate) { pswMigrationRsp.status = "set password in Okta successful"; pswMigrationRsp.isPasswordInOkta = "true"; } else { pswMigrationRsp.status = "set password in Okta successful"; pswMigrationRsp.isPasswordInOkta = "unknown"; } } else { //update attribute in user profile when set password fails oktaUser.Profile.IsPasswordInOkta = "true"; bool rspPartialUpdate = _oktaUserMgmt.UpdateCustomUserAttributesOnly(oktaUser); if (rspPartialUpdate) { pswMigrationRsp.status = "set password in Okta failed"; pswMigrationRsp.isPasswordInOkta = "false"; } else { pswMigrationRsp.status = "set password in Okta failed"; pswMigrationRsp.isPasswordInOkta = "unknown"; } } } else { //arrive here is user creds not validated in Ldap pswMigrationRsp.status = "LDAP validation failed"; pswMigrationRsp.isPasswordInOkta = "false"; } } else { //no work required pswMigrationRsp.status = oktaUser.Status; pswMigrationRsp.isPasswordInOkta = "true"; } //build response pswMigrationRsp.oktaId = oktaUser.Id; pswMigrationRsp.login = oktaUser.Profile.Login; } else { //arrive here if user not found in Okta //check user credentials and get profile from LDAP CustomUser rspCustomUser = _credAuthentication.IsCreated(username, password, ldapServiceModel); if (rspCustomUser != null) { rspCustomUser.Profile.Login = username + _userdomain; Okta.Core.Models.Password pswd = new Okta.Core.Models.Password(); pswd.Value = password; rspCustomUser.Credentials.Password = pswd; //create Okta user with password rspAddCustomUser = _oktaUserMgmt.AddCustomUser(rspCustomUser); if (rspAddCustomUser != null) { Uri rspUri = new Uri("https://tbd.com"); bool rspActivate = _oktaUserMgmt.ActivateUser(rspAddCustomUser, out rspUri); if (rspActivate) { rspCustomUser.Profile.IsPasswordInOkta = "true"; bool rspPartialUpdate = _oktaUserMgmt.UpdateCustomUserAttributesOnly(rspAddCustomUser); if (rspPartialUpdate) { pswMigrationRsp.oktaId = rspAddCustomUser.Id; pswMigrationRsp.login = rspAddCustomUser.Profile.Login; pswMigrationRsp.status = "Created in Okta"; pswMigrationRsp.isPasswordInOkta = "true"; } else { pswMigrationRsp.oktaId = rspAddCustomUser.Id; pswMigrationRsp.login = rspAddCustomUser.Profile.Login; pswMigrationRsp.status = "Created in Okta"; pswMigrationRsp.isPasswordInOkta = "unknown"; } } else { pswMigrationRsp.oktaId = "none"; pswMigrationRsp.login = "******"; pswMigrationRsp.status = "User NOT Created in Okta"; pswMigrationRsp.isPasswordInOkta = "false"; } } else { pswMigrationRsp.oktaId = "none"; pswMigrationRsp.login = "******"; pswMigrationRsp.status = "User NOT Created in Okta"; pswMigrationRsp.isPasswordInOkta = "false"; } } else { pswMigrationRsp.oktaId = "none"; pswMigrationRsp.login = "******"; pswMigrationRsp.status = "User NOT Created in Okta"; pswMigrationRsp.isPasswordInOkta = "false"; } } return(Content(content: JsonConvert.SerializeObject(pswMigrationRsp), contentType: "application/json")); }
//private OktaAuthMgmt oktaAuthMgmt = new OktaAuthMgmt(primaryOrgUrl, primaryOrgApiToken); //private IUserAccountService userAccountService; //private IEmailService emailService; //public RegistrationController() //{ //userAccountService = new UserAccountService(); //emailService = SmtpEmailServiceFactory.CreateInstance(); //} public ActionResult InitiateRegistration(string email = null) { logger.Debug("InitiateRegistration"); //set parameters string relayState = Request["relayState"]; if (string.IsNullOrEmpty(relayState) && Request.QueryString["RelayState"] != null) { relayState = Request.QueryString["RelayState"]; } else if (string.IsNullOrEmpty(relayState) && TempData["relayState"] != null) { relayState = (string)TempData["relayState"]; } TempData["relayState"] = relayState; string stateToken = Request["stateToken"]; if (string.IsNullOrEmpty(stateToken) && TempData["stateToken"] != null) { stateToken = TempData["stateToken"].ToString(); } TempData["stateToken"] = stateToken; string oktaId = Request["oktaId"]; if (string.IsNullOrEmpty(oktaId) && TempData["oktaId"] != null) { oktaId = TempData["oktaId"].ToString(); } TempData["oktaId"] = oktaId; string userName = Request["userName"]; if (string.IsNullOrEmpty(userName) && TempData["userName"] != null) { userName = TempData["userName"].ToString(); } TempData["userName"] = userName; //TempData["helpLink"] = MvcApplication.helpLink; var registration = new RegistrationViewModel(); registration.MailingAddress = new MailingAddressViewModel(); registration.Phone = new PhoneViewModel(); if (!string.IsNullOrWhiteSpace(email)) { CustomUser customUser = oktaUserMgmt.GetCustomUser(email); if (customUser != null) { registration.FirstName = customUser.Profile.FirstName; registration.LastName = customUser.Profile.LastName; registration.MailingAddress.Street1 = customUser.Profile.streetAddress; registration.MailingAddress.City = customUser.Profile.city; registration.MailingAddress.State = customUser.Profile.state; registration.MailingAddress.ZIP = customUser.Profile.zipCode; registration.Email = customUser.Profile.Email; registration.Phone.Phone = customUser.Profile.primaryPhone; registration.customId = customUser.Profile.customId; } } return(View("StartRegistration", registration)); }