Includes nice social buttons, updates styling on login and user panel, updates logic to un-link accounts
This commit is contained in:
Shannon
@@ -5,6 +5,7 @@ using System.Threading.Tasks;
|
||||
using System.Web;
|
||||
using Microsoft.IdentityModel.Clients.ActiveDirectory;
|
||||
using Microsoft.Owin;
|
||||
using Microsoft.Owin.Security.Google;
|
||||
using Microsoft.Owin.Security.OpenIdConnect;
|
||||
using Owin;
|
||||
using Umbraco.Core;
|
||||
@@ -73,59 +74,84 @@ namespace Umbraco.Web.UI
|
||||
.UseUmbracoBackOfficeExternalCookieAuthentication();
|
||||
|
||||
//app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
|
||||
|
||||
|
||||
|
||||
//app.UseGoogleAuthentication(
|
||||
// clientId: "1072120697051-07jlhgrd5hodsfe7dgqimdie8qc1omet.apps.googleusercontent.com",
|
||||
// clientSecret: "Ue9swN0lEX9rwxzQz1Y_tFzg");
|
||||
|
||||
var googleOptions = new GoogleOAuth2AuthenticationOptions
|
||||
{
|
||||
|
||||
};
|
||||
googleOptions.Description.Properties["SocialStyle"] = "btn-google-plus";
|
||||
googleOptions.Description.Properties["SocialIcon"] = "fa-google-plus";
|
||||
googleOptions.Caption = "Google";
|
||||
app.UseGoogleAuthentication(googleOptions);
|
||||
|
||||
//AD docs are here:
|
||||
// https://github.com/AzureADSamples/WebApp-WebAPI-OpenIDConnect-DotNet
|
||||
|
||||
var authority = string.Format(CultureInfo.InvariantCulture, aadInstance, tenant);
|
||||
app.UseOpenIdConnectAuthentication(
|
||||
new OpenIdConnectAuthenticationOptions
|
||||
var adOptions = new OpenIdConnectAuthenticationOptions
|
||||
{
|
||||
//NOTE: This by default is 'OpenIdConnect' but that doesn't match what identity actually stores in the
|
||||
// loginProvider field in the database which is something like: https://sts.windows.net/1234....
|
||||
// which is something based on your AD setup. This value needs to match in order for accounts to detected as linked/un-linked
|
||||
// in the back office.
|
||||
AuthenticationType = "https://sts.windows.net/3bb0b4c5-364f-4394-ad36-0f29f95e5ddd/",
|
||||
|
||||
ClientId = clientId,
|
||||
Authority = authority,
|
||||
PostLogoutRedirectUri = postLoginRedirectUri,
|
||||
Notifications = new OpenIdConnectAuthenticationNotifications()
|
||||
{
|
||||
ClientId = clientId,
|
||||
Authority = authority,
|
||||
PostLogoutRedirectUri = postLoginRedirectUri,
|
||||
|
||||
Notifications = new OpenIdConnectAuthenticationNotifications()
|
||||
//
|
||||
// If there is a code in the OpenID Connect response, redeem it for an access token and refresh token, and store those away.
|
||||
//
|
||||
AuthorizationCodeReceived = (context) =>
|
||||
{
|
||||
//
|
||||
// If there is a code in the OpenID Connect response, redeem it for an access token and refresh token, and store those away.
|
||||
//
|
||||
AuthorizationCodeReceived = (context) =>
|
||||
{
|
||||
var code = context.Code;
|
||||
var code = context.Code;
|
||||
|
||||
var credential = new ClientCredential(clientId, appKey);
|
||||
var userObjectId = context.AuthenticationTicket.Identity.FindFirst("http://schemas.microsoft.com/identity/claims/objectidentifier").Value;
|
||||
var authContext = new AuthenticationContext(authority, new NaiveSessionCache(userObjectId));
|
||||
AuthenticationResult result = authContext.AcquireTokenByAuthorizationCode(
|
||||
code,
|
||||
//new Uri(HttpContext.Current.Request.Url.GetLeftPart(UriPartial.Path)),
|
||||
new Uri(
|
||||
HttpContext.Current.Request.Url.GetLeftPart(UriPartial.Authority) +
|
||||
HttpContext.Current.Request.RawUrl.EnsureStartsWith('/').EnsureEndsWith('/')),
|
||||
credential,
|
||||
graphResourceId);
|
||||
|
||||
return Task.FromResult(0);
|
||||
}
|
||||
var credential = new ClientCredential(clientId, appKey);
|
||||
var userObjectId = context.AuthenticationTicket.Identity.FindFirst("http://schemas.microsoft.com/identity/claims/objectidentifier").Value;
|
||||
var authContext = new AuthenticationContext(authority, new NaiveSessionCache(userObjectId));
|
||||
AuthenticationResult result = authContext.AcquireTokenByAuthorizationCode(
|
||||
code,
|
||||
//NOTE: This URL needs to match EXACTLY the same path that is configured in the AD
|
||||
// configuration.
|
||||
new Uri(
|
||||
HttpContext.Current.Request.Url.GetLeftPart(UriPartial.Authority) +
|
||||
HttpContext.Current.Request.RawUrl.EnsureStartsWith('/').EnsureEndsWith('/')),
|
||||
credential,
|
||||
graphResourceId);
|
||||
|
||||
return Task.FromResult(0);
|
||||
}
|
||||
|
||||
});
|
||||
}
|
||||
|
||||
};
|
||||
adOptions.Description.Properties["SocialStyle"] = "btn-microsoft";
|
||||
adOptions.Description.Properties["SocialIcon"] = "fa-windows";
|
||||
adOptions.Caption = "Active Directory";
|
||||
app.UseOpenIdConnectAuthentication(adOptions);
|
||||
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
//NOTE: Not sure exactly what this is for but it is found in the AD source demo:
|
||||
// https://github.com/AzureADSamples/WebApp-WebAPI-OpenIDConnect-DotNet/blob/master/TodoListWebApp/Utils/NaiveSessionCache.cs
|
||||
public class NaiveSessionCache : TokenCache
|
||||
{
|
||||
private static readonly object FileLock = new object();
|
||||
string UserObjectId = string.Empty;
|
||||
string CacheId = string.Empty;
|
||||
readonly string _userObjectId = string.Empty;
|
||||
readonly string _cacheId = string.Empty;
|
||||
public NaiveSessionCache(string userId)
|
||||
{
|
||||
UserObjectId = userId;
|
||||
CacheId = UserObjectId + "_TokenCache";
|
||||
_userObjectId = userId;
|
||||
_cacheId = _userObjectId + "_TokenCache";
|
||||
|
||||
this.AfterAccess = AfterAccessNotification;
|
||||
this.BeforeAccess = BeforeAccessNotification;
|
||||
@@ -136,7 +162,7 @@ namespace Umbraco.Web.UI
|
||||
{
|
||||
lock (FileLock)
|
||||
{
|
||||
this.Deserialize((byte[])HttpContext.Current.Session[CacheId]);
|
||||
this.Deserialize((byte[])HttpContext.Current.Session[_cacheId]);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -145,7 +171,7 @@ namespace Umbraco.Web.UI
|
||||
lock (FileLock)
|
||||
{
|
||||
// reflect changes in the persistent store
|
||||
HttpContext.Current.Session[CacheId] = this.Serialize();
|
||||
HttpContext.Current.Session[_cacheId] = this.Serialize();
|
||||
// once the write operation took place, restore the HasStateChanged bit to false
|
||||
this.HasStateChanged = false;
|
||||
}
|
||||
@@ -155,7 +181,7 @@ namespace Umbraco.Web.UI
|
||||
public override void Clear()
|
||||
{
|
||||
base.Clear();
|
||||
System.Web.HttpContext.Current.Session.Remove(CacheId);
|
||||
System.Web.HttpContext.Current.Session.Remove(_cacheId);
|
||||
}
|
||||
|
||||
public override void DeleteItem(TokenCacheItem item)
|
||||
|
||||
@@ -28,8 +28,13 @@
|
||||
|
||||
<title ng-bind="$root.locationTitle">Umbraco</title>
|
||||
|
||||
@{ Html.RequiresCss("assets/css/umbraco.css", "Umbraco");}
|
||||
@{ Html.RequiresCss("tree/treeicons.css", "UmbracoClient");}
|
||||
@{
|
||||
Html
|
||||
.RequiresCss("assets/css/umbraco.css", "Umbraco")
|
||||
.RequiresCss("tree/treeicons.css", "UmbracoClient")
|
||||
.RequiresCss("lib/bootstrap-social/bootstrap-social.css", "Umbraco")
|
||||
.RequiresCss("lib/font-awesome/css/font-awesome.min.css", "Umbraco");
|
||||
}
|
||||
@Html.RenderCssHere(
|
||||
new BasicPath("Umbraco", IOHelper.ResolveUrl(SystemDirectories.Umbraco)),
|
||||
new BasicPath("UmbracoClient", IOHelper.ResolveUrl(SystemDirectories.UmbracoClient)))
|
||||
|
||||
Reference in New Issue
Block a user