Skip to content
Snippets Groups Projects
Select Git revision
  • 640cc41df99b8d39c1fd3a76ca2267d5a5b8fd8e
  • master default protected
  • dev protected
  • Issue/3003-stsInstitute
  • gitkeep
  • Hotfix/2775-dfnCertRollover
  • Hotfix/2592-sameProvider
  • Hotfix/1234-handlingMergeToken
  • Hotfix/2576-certificatePatch
  • Issue/2309-docs
  • Issue/2325-fixApiTokenMerging
  • Issue/1974-shibbolethLogout
  • Fix/xxxx-migrateLogin
  • Hotfix/2169-ignoreAuthContext
  • Experimental/newSaml2
  • Issue/2147-exchangingCoscineCertificate-step2
  • Issue/2147-exchangingCoscineCertificate
  • Issue/2147-exchangingCoscineCertificate-step3
  • uiv2
  • Issue/2115-extendParsingPairwiseId
  • Hotfix/2103-RepositoryurlstoConsulUpdateMappingGivennameUiv2
  • v4.1.1
  • v4.1.0
  • v4.0.9
  • v4.0.8
  • v4.0.7
  • v4.0.6
  • v4.0.5
  • v4.0.4
  • v4.0.3
  • v4.0.2
  • v4.0.1
  • v4.0.0
  • v3.1.4
  • v3.1.3
  • v3.1.2
  • v3.1.1
  • v3.1.0
  • v3.0.0
  • v2.4.4
  • v2.4.3
41 results

ShibbolethController.cs

Blame
  • Code owners
    Assign users and groups as approvers for specific file changes. Learn more.
    ShibbolethController.cs 3.52 KiB
    using Coscine.STS.Data;
    using Coscine.STS.Models;
    using Coscine.STS.Utils;
    using Microsoft.AspNetCore.Identity;
    using Microsoft.AspNetCore.Mvc;
    using System;
    using System.Linq;
    using System.Security.Claims;
    using System.Threading.Tasks;
    using Coscine.ApiCommons.Models;
    using Coscine.Database.Model;
    
    namespace Coscine.STS.Controllers
    {
        [Route("[controller]/[action]")]
        public class ShibbolethController : Controller
        {
            private readonly SignInManager<CoscineUser> _signInManager;
    
            public ShibbolethController(SignInManager<CoscineUser> signInManager)
            {
                _signInManager = signInManager;
            }
    
            [HttpGet]
            public async Task<ActionResult> Callback(string returnUrl = null, string remoteError = null)
            {
                if (remoteError != null)
                {
                    throw new ArgumentException($"Error from external provider: {remoteError}");
                }
    
                var info = await _signInManager.GetExternalLoginInfoAsync();
                if (info == null)
                {
                    return Redirect(UrlGenerator.GetLoginUrl(Request));
                }
    
                ExternalAuthenticatorModel externalAuthenticatorModel = new ExternalAuthenticatorModel();
                var shibbolethAuthItem = externalAuthenticatorModel.GetWhere((externalAuthenticator) => externalAuthenticator.DisplayName == "Shibboleth");
    
                ExternalIdModel externalIdModel = new ExternalIdModel();
                var identifier = info.Principal.FindFirstValue(ShibbolethAttributeMapping.Identifier);
                identifier = identifier.Substring(identifier.IndexOf(">") + 1);
                identifier = identifier.Substring(0, identifier.IndexOf("<"));
    
                var mapping = externalIdModel.GetAllWhere((map) => map.ExternalId_Column == identifier && map.ExternalAuthenticatorId == shibbolethAuthItem.Id);
                User user;
                UserPlainModel userPlainModel = new UserPlainModel(Program.Configuration);
                if (mapping.Count() > 0)
                {
                    var userId = mapping.First().UserId;
                    user = userPlainModel.GetById(userId);
                }
                else
                {
                    user = ShibbolethAttributeMapping.CreateUser(info.Principal);
                    userPlainModel.Insert(user);
                    externalIdModel.Insert(new ExternalId
                    {
                        ExternalId_Column = identifier,
                        ExternalAuthenticatorId = shibbolethAuthItem.Id,
                        UserId = user.Id
                    });
                }
    
                var coscineUser = new CoscineUser()
                {
                    UserName = user.Id.ToString(),
                    Email = user.EmailAddress
                };
                
                var result = await _signInManager.UserManager.CreateAsync(coscineUser);
                result = await _signInManager.UserManager.AddLoginAsync(coscineUser, info);
                await _signInManager.SignInAsync(coscineUser, isPersistent: false);            
    
                return Redirect(UrlGenerator.ExtendReturnUrl(returnUrl, Request));            
            }
            
            [HttpPost]
            public ActionResult Login(string returnUrl)
            {
                var provider = "Saml2";
                var redirectUrl = Program.MainUrl + "/Shibboleth/Callback?returnUrl=" + returnUrl;
                redirectUrl = UrlGenerator.ExtendReturnUrl(redirectUrl, Request);
                var properties = _signInManager.ConfigureExternalAuthenticationProperties(provider, redirectUrl);
                return new ChallengeResult(provider, properties);
            }
        }
    }