public override void Open() { base.Open(); if (UserLevel == Terradue.Portal.UserLevel.Administrator) { AccessLevel = EntityAccessLevel.Administrator; } if (UserLevel > Terradue.Portal.UserLevel.Everybody) { if (this.UserInformation != null && this.UserInformation.AuthenticationType is TepLdapAuthenticationType) { //check the validity of access token try { var auth = new TepLdapAuthenticationType(this); auth.CheckRefresh(); } catch (Exception e) { if (this.GetConfigBooleanValue("sso-notoken-endsession-enabled")) { LogError(this, e.Message); EndSession();//user token is not valid, we logout } } } } }
public object Get(CallBackRequest request) { var redirect = ""; TepWebContext context = new TepWebContext(PagePrivileges.EverybodyView); UserTep user = null; try { context.Open(); context.LogInfo(this, string.Format("/cb GET")); if (!string.IsNullOrEmpty(request.error)) { context.LogError(this, request.error); context.EndSession(); return(OAuthUtils.DoRedirect(context.BaseUrl, false)); } Connect2IdClient client = new Connect2IdClient(context.GetConfigValue("sso-configUrl")); client.SSOAuthEndpoint = context.GetConfigValue("sso-authEndpoint"); client.SSOApiClient = context.GetConfigValue("sso-clientId"); client.SSOApiSecret = context.GetConfigValue("sso-clientSecret"); client.SSOApiToken = context.GetConfigValue("sso-apiAccessToken"); client.RedirectUri = context.GetConfigValue("sso-callback"); OauthTokenResponse tokenresponse; try { tokenresponse = client.AccessToken(request.Code); DBCookie.StoreDBCookie(context, context.GetConfigValue("cookieID-token-access"), tokenresponse.access_token, null, tokenresponse.expires_in); DBCookie.StoreDBCookie(context, context.GetConfigValue("cookieID-token-refresh"), tokenresponse.refresh_token, null); DBCookie.StoreDBCookie(context, context.GetConfigValue("cookieID-token-id"), tokenresponse.id_token, null, tokenresponse.expires_in); } catch (Exception e) { DBCookie.DeleteDBCookie(context, context.GetConfigValue("cookieID-token-access")); DBCookie.DeleteDBCookie(context, context.GetConfigValue("cookieID-token-refresh")); DBCookie.DeleteDBCookie(context, context.GetConfigValue("cookieID-token-id")); throw e; } TepLdapAuthenticationType auth = (TepLdapAuthenticationType)IfyWebContext.GetAuthenticationType(typeof(TepLdapAuthenticationType)); auth.SetConnect2IdCLient(client); auth.TrustEmail = true; user = (UserTep)auth.GetUserProfile(context); if (user == null) { throw new Exception("Unable to load user"); } context.LogDebug(this, string.Format("Loaded user '{0}'", user.Username)); if (string.IsNullOrEmpty(user.Email)) { throw new Exception("Invalid email"); } context.StartSession(auth, user); context.SetUserInformation(auth, user); DBCookie.StoreDBCookie(context, context.GetConfigValue("cookieID-token-access"), tokenresponse.access_token, user.Username, tokenresponse.expires_in); DBCookie.StoreDBCookie(context, context.GetConfigValue("cookieID-token-refresh"), tokenresponse.refresh_token, user.Username); DBCookie.StoreDBCookie(context, context.GetConfigValue("cookieID-token-id"), tokenresponse.id_token, user.Username, tokenresponse.expires_in); redirect = context.GetConfigValue("dashboard_page"); if (string.IsNullOrEmpty(redirect)) { redirect = context.GetConfigValue("BaseUrl"); } if (!string.IsNullOrEmpty(HttpContext.Current.Session["return_to"] as string)) { redirect = HttpContext.Current.Session["return_to"] as string; HttpContext.Current.Session["return_to"] = null; } context.Close(); } catch (Exception e) { context.LogError(this, e.Message, e); context.Close(); throw e; } return(OAuthUtils.DoRedirect(redirect, false)); }