示例#1
0
 public override void Open()
 {
     base.Open();
     if (UserLevel == Terradue.Portal.UserLevel.Administrator)
     {
         AccessLevel = EntityAccessLevel.Administrator;
     }
     if (UserLevel > Terradue.Portal.UserLevel.Everybody)
     {
         if (this.UserInformation != null && this.UserInformation.AuthenticationType is TepLdapAuthenticationType)
         {
             //check the validity of access token
             try {
                 var auth = new TepLdapAuthenticationType(this);
                 auth.CheckRefresh();
             } catch (Exception e) {
                 if (this.GetConfigBooleanValue("sso-notoken-endsession-enabled"))
                 {
                     LogError(this, e.Message);
                     EndSession();//user token is not valid, we logout
                 }
             }
         }
     }
 }
示例#2
0
        public object Get(CallBackRequest request)
        {
            var redirect = "";

            TepWebContext context = new TepWebContext(PagePrivileges.EverybodyView);
            UserTep       user    = null;

            try {
                context.Open();
                context.LogInfo(this, string.Format("/cb GET"));
                if (!string.IsNullOrEmpty(request.error))
                {
                    context.LogError(this, request.error);
                    context.EndSession();
                    return(OAuthUtils.DoRedirect(context.BaseUrl, false));
                }

                Connect2IdClient client = new Connect2IdClient(context.GetConfigValue("sso-configUrl"));
                client.SSOAuthEndpoint = context.GetConfigValue("sso-authEndpoint");
                client.SSOApiClient    = context.GetConfigValue("sso-clientId");
                client.SSOApiSecret    = context.GetConfigValue("sso-clientSecret");
                client.SSOApiToken     = context.GetConfigValue("sso-apiAccessToken");
                client.RedirectUri     = context.GetConfigValue("sso-callback");
                OauthTokenResponse tokenresponse;
                try {
                    tokenresponse = client.AccessToken(request.Code);
                    DBCookie.StoreDBCookie(context, context.GetConfigValue("cookieID-token-access"), tokenresponse.access_token, null, tokenresponse.expires_in);
                    DBCookie.StoreDBCookie(context, context.GetConfigValue("cookieID-token-refresh"), tokenresponse.refresh_token, null);
                    DBCookie.StoreDBCookie(context, context.GetConfigValue("cookieID-token-id"), tokenresponse.id_token, null, tokenresponse.expires_in);
                } catch (Exception e) {
                    DBCookie.DeleteDBCookie(context, context.GetConfigValue("cookieID-token-access"));
                    DBCookie.DeleteDBCookie(context, context.GetConfigValue("cookieID-token-refresh"));
                    DBCookie.DeleteDBCookie(context, context.GetConfigValue("cookieID-token-id"));
                    throw e;
                }

                TepLdapAuthenticationType auth = (TepLdapAuthenticationType)IfyWebContext.GetAuthenticationType(typeof(TepLdapAuthenticationType));
                auth.SetConnect2IdCLient(client);
                auth.TrustEmail = true;

                user = (UserTep)auth.GetUserProfile(context);
                if (user == null)
                {
                    throw new Exception("Unable to load user");
                }
                context.LogDebug(this, string.Format("Loaded user '{0}'", user.Username));
                if (string.IsNullOrEmpty(user.Email))
                {
                    throw new Exception("Invalid email");
                }

                context.StartSession(auth, user);
                context.SetUserInformation(auth, user);

                DBCookie.StoreDBCookie(context, context.GetConfigValue("cookieID-token-access"), tokenresponse.access_token, user.Username, tokenresponse.expires_in);
                DBCookie.StoreDBCookie(context, context.GetConfigValue("cookieID-token-refresh"), tokenresponse.refresh_token, user.Username);
                DBCookie.StoreDBCookie(context, context.GetConfigValue("cookieID-token-id"), tokenresponse.id_token, user.Username, tokenresponse.expires_in);

                redirect = context.GetConfigValue("dashboard_page");
                if (string.IsNullOrEmpty(redirect))
                {
                    redirect = context.GetConfigValue("BaseUrl");
                }

                if (!string.IsNullOrEmpty(HttpContext.Current.Session["return_to"] as string))
                {
                    redirect = HttpContext.Current.Session["return_to"] as string;
                    HttpContext.Current.Session["return_to"] = null;
                }

                context.Close();
            } catch (Exception e) {
                context.LogError(this, e.Message, e);
                context.Close();
                throw e;
            }
            return(OAuthUtils.DoRedirect(redirect, false));
        }