public async Task <IHttpActionResult> Get()
{
Logger.Info("Start WS-Federation request");
Logger.DebugFormat("AbsoluteUri: [{0}]", Request.RequestUri.AbsoluteUri);
WSFederationMessage message;
Uri publicRequestUri = GetPublicRequestUri();
Logger.DebugFormat("PublicUri: [{0}]", publicRequestUri);
if (WSFederationMessage.TryCreateFromUri(publicRequestUri, out message))
{
var signin = message as SignInRequestMessage;
if (signin != null)
{
Logger.Info("WsFederation signin request");
return(await ProcessSignInAsync(signin));
}
var signout = message as SignOutRequestMessage;
if (signout != null)
{
Logger.Info("WsFederation signout request");
return(await ProcessSignOutAsync(signout));
}
}
return(BadRequest("Invalid WS-Federation request"));
}
public RelyingParty GetRelyingPartyDetailsFromReturnUrl(string returnUrl)
{
if (string.IsNullOrWhiteSpace(returnUrl))
{
return(null);
}
var url = HttpUtility.UrlDecode(returnUrl);
Uri uri;
if (Uri.TryCreate("http://foo.com" + url, UriKind.Absolute, out uri))
{
WSFederationMessage message;
if (WSFederationMessage.TryCreateFromUri(uri, out message))
{
var signin = message as SignInRequestMessage;
if (signin != null)
{
return(GetRelyingPartyDetails(signin.Realm));
}
}
}
return(null);
}
public async Task <IHttpActionResult> Get()
{
Logger.Info("Start WS-Federation request");
Logger.Debug(Request.RequestUri.AbsoluteUri);
WSFederationMessage message;
if (WSFederationMessage.TryCreateFromUri(Request.RequestUri, out message))
{
var signin = message as SignInRequestMessage;
if (signin != null)
{
Logger.Info("WsFederation signin request");
return(await ProcessSignInAsync(signin));
}
var signout = message as SignOutRequestMessage;
if (signout != null)
{
Logger.Info("WsFederation signout request");
var url = this.Request.GetOwinContext().Environment.GetIdentityServerLogoutUrl();
return(Redirect(url));
}
}
return(BadRequest("Invalid WS-Federation request"));
}
public async Task <IHttpActionResult> Get()
{
Logger.Info("Start WS-Federation request");
Logger.Debug(Request.RequestUri.AbsoluteUri);
WSFederationMessage message;
if (WSFederationMessage.TryCreateFromUri(Request.RequestUri, out message))
{
var signin = message as SignInRequestMessage;
if (signin != null)
{
Logger.Info("WsFederation signin request");
return(await ProcessSignInAsync(signin));
}
var signout = message as SignOutRequestMessage;
if (signout != null)
{
Logger.Info("WsFederation signout request");
return(RedirectToRoute(Constants.RouteNames.LogoutPrompt, null));
}
}
return(BadRequest("Invalid WS-Federation request"));
}
public async Task <IActionResult> Index()
{
// GET + no parameters = metadata request
if (!Request.QueryString.HasValue)
{
_logger.LogDebug("Start WS-Federation metadata request");
var entity = await _metadata.GenerateAsync(Url.Action("Index", "WsFederation", null, Request.Scheme, Request.Host.Value));
return(new MetadataResult(entity));
}
var url = Url.Action("Index", "WsFederation", null, Request.Scheme, Request.Host.Value) + Request.QueryString;
_logger.LogDebug("Start WS-Federation request: {url}", url);
if (WSFederationMessage.TryCreateFromUri(new Uri(url), out WSFederationMessage message))
{
if (message is SignInRequestMessage signin)
{
return(await ProcessSignInAsync(signin, User));
}
if (message is SignOutRequestMessage signout)
{
return(ProcessSignOutAsync(signout));
}
}
return(BadRequest("Invalid WS-Federation request"));
}
private static WSFederationMessage ValidateRequestType()
{
WSFederationMessage wsFederationMessage;
if (!WSFederationMessage.TryCreateFromUri(System.Web.HttpContext.Current.Request.Url, out wsFederationMessage))
{
throw new SecurityException("This is not a WsFederation compliant request");
}
return(wsFederationMessage);
}
public async Task <IHttpActionResult> Get()
{
WSFederationMessage message;
if (WSFederationMessage.TryCreateFromUri(Request.RequestUri, out message))
{
Logger.Info("Start WS-Federation request");
var signin = message as SignInRequestMessage;
if (signin != null)
{
if (User == null || !User.Identity.IsAuthenticated)
{
Logger.Info("User is anonymous. Triggering authentication");
return(Unauthorized());
}
var windowsUser = User as WindowsPrincipal;
if (windowsUser == null)
{
var windowsUserError = "Invalid authentication method. Only Windows authentication is supported.";
Logger.Error(windowsUserError);
return(BadRequest(windowsUserError));
}
Logger.Info("Sign-in request");
return(await ProcessSignInAsync(signin, windowsUser));
}
var signout = message as SignOutRequestMessage;
if (signout != null)
{
Logger.Info("Sign-out request");
if (!string.IsNullOrEmpty(signout.Reply))
{
return(Redirect(signout.Reply));
}
// no support for signout
return(Ok());
}
}
if (_options.EnableWsFederationMetadata)
{
Logger.Info("Start WS-Federation metadata request");
return(ProcessMetadataRequest());
}
var requestError = "Invalid WS-Federation request";
Logger.Error(requestError);
return(BadRequest(requestError));
}
/// <summary>
/// Helper method to create a federation message from the current URI.
/// </summary>
/// <returns>A WSFederationMessage created from the current URI</returns>
public static WSFederationMessage GetFederationMessage()
{
WSFederationMessage requestMessage;
if (WSFederationMessage.TryCreateFromUri(HttpContext.Current.Request.Url, out requestMessage))
{
return(requestMessage);
}
else
{
throw new InvalidRequestException("Invalid request");
}
}
private SignInRequestMessage GetSignInRequestMessage(string returnUrl)
{
var decoded = WebUtility.UrlDecode(returnUrl);
var url = "https://dummy.com" + decoded;
WSFederationMessage message;
if (WSFederationMessage.TryCreateFromUri(new Uri(url), out message))
{
return(message as SignInRequestMessage);
}
return(null);
}
public async Task <IEndpointResult> ProcessAsync(HttpContext context)
{
if (context.Request.Method != HttpMethods.Get)
{
return(new StatusCodeResult(HttpStatusCode.MethodNotAllowed));
}
// no parameters = metadata request
if (!context.Request.QueryString.HasValue)
{
logger.LogDebug("Start WS-Federation metadata request");
var entity = await metadata.GenerateAsync(context.Request.GetEncodedUrl());
return(new MetadataResult(entity));
}
var url = context.Request.GetEncodedUrl();
logger.LogDebug("Start WS-Federation request: {url}", url);
if (WSFederationMessage.TryCreateFromUri(new Uri(url), out var message))
{
if (message is SignInRequestMessage signin)
{
return(await ProcessSignInAsync(context, signin));
}
if (message is SignOutRequestMessage signout)
{
return(ProcessSignOutAsync(signout));
}
}
return(new StatusCodeResult(HttpStatusCode.MethodNotAllowed));
}