Home»Support»Code Samples»Custom SAML Global Login
  • Printer Friendly Version
  • Decrease Text SizeIncrease Text Size

Custom SAML Global Login

Posted Date: 5/3/2023
    Printer Friendly Version   Email A Friend   Add This   Increase Text Size   Decrease Text Size
Setting up Custom SAML Authentication
Create a file and moved that file into Root/App_Code/Custom directory 
Then in Admin > Global Login Create New Record
Source = SAML 2.0 (Symantec, Okta, Ping Identity)
SAML Type = Custom
SAML Custom Type = er_CustomSamlGlobalLogin (the name of your class in this example)


using Centralpoint.Web;
using Centralpoint.WebSite;
using Centralpoint.WebSite.Modules;
using ComponentSpace.SAML2.Assertions;
using System;
using System.Collections.Generic;
using System.Data.SqlClient;
using System.Linq;
using System.Web;

/// <summary>
/// Summary description for er_CustomSamlGlobalLogin
/// </summary>
public class er_CustomSamlGlobalLogin : AuthenticationSources.SamlSource
{
	public er_CustomSamlGlobalLogin(DataInfo dataInfo) : base(dataInfo)
	{
		//
		// TODO: Add constructor logic here
		//
	}

	/// <summary>
	/// custom integration test
	/// </summary>
	/// <param name="integrationId">This is the id field passed saml Name -- not an attribute</param>
	/// <param name="attributes">saml attributes being passsed</param>
	public override bool IntegrateUser(string integrationId, SAMLAttribute[] attributes, out Guid userId)
	{
		userId = new Guid();
 //do not change the order of the columns they are referenced by the index
		string sql = $"Select UserId, Configuration.value('(/cpCollection/group/property[@id=\"LoginRedirectUrl\"]/value)[1]', 'NVarChar(255)') AS LoginRedirectUrl, LastLoginDate, Properties from cpsys_Users where UserName = '{integrationId}' and AuthenticationSourcesDataId is null ";
 bool userLockout = false;
		string propertiesFile = String.Empty;

		HttpContext.Current.Trace.Warn("IntegrateUser-sql", sql);
		using (SqlConnection connect = new SqlConnection(Management.Application.SelectConnectionString))
		{
			SqlCommand command = new SqlCommand(sql, connect);
			connect.Open();
			using (SqlDataReader reader = command.ExecuteReader())
			{
				if (!reader.HasRows)
				{
					userId = new Guid();
					return false;
				}

				while (reader.Read())
				{
					userId = (Guid)reader["UserId"];
                    string loginRedirectUrl = reader.IsDBNull(1) ? String.Empty : (string)reader["LoginRedirectUrl"];

                     DateTime lastLoginDate = reader.IsDBNull(2) ? DateTime.MinValue : (DateTime)reader["LastLoginDate"];
					 propertiesFile = reader.IsDBNull(3) ? String.Empty : (string)reader["Properties"];
					 
					string samlCustomParameters = this.DataInfo.Attributes.Get("SamlCustomParameters");
                    HttpContext.Current.Trace.Warn("IntegrateUser-samlCustomParameters", samlCustomParameters);

					bool isEricssonUser = integrationId.IndexOf("@ericsson.", StringComparison.OrdinalIgnoreCase) >= 0;
                    HttpContext.Current.Trace.Warn("IntegrateUser-isEricssonUser", isEricssonUser.ToString());
					
					if (!isEricssonUser)
					{
                       int daysOver; if (!Int32.TryParse(samlCustomParameters.Trim(), out daysOver)) daysOver = 45;
                    
                       HttpContext.Current.Trace.Warn("IntegrateUser-lastLoginDate", lastLoginDate.ToString());
                       HttpContext.Current.Trace.Warn("IntegrateUser-daysOver", daysOver.ToString());
                       if(daysOver > 0) userLockout = ((DateTime.UtcNow - lastLoginDate).TotalDays > daysOver);
                       HttpContext.Current.Trace.Warn("IntegrateUser-userLockout", userLockout.ToString());
					}



                    HttpContext.Current.Trace.Warn("IntegrateUser-loginRedirectUrl", loginRedirectUrl);
                    if (!String.IsNullOrWhiteSpace(loginRedirectUrl))
                     HttpContext.Current.Session["IntegrateUser:LoginRedirectUrl"] = loginRedirectUrl;					
				}
			}
		}


		if (userId != new Guid())
		{
			Centralpoint.Web.User.SetLoginSiteTypeCookie(SiteTypes.WebSite);

  			//updated by Vlad
			 string userLockoutSql = String.Empty;
            if (userLockout)
            {
                CpCollection properties = new CpCollection();
                if (String.IsNullOrWhiteSpace(propertiesFile))
                {
                    using (SqlConnection connect = new SqlConnection(Management.Application.SelectConnectionString))
                    {
                        Centralpoint.Web.Cms.Users users = new Centralpoint.Web.Cms.Users(connect);
                        properties.Load(users.Properties());

                    }
                }
                
                properties.Load(propertiesFile);
                properties.Set("InactivityLockedOut", "1");

                  userLockoutSql = $", Properties='{properties.Serialize()}'";

            }
			HttpContext.Current.Trace.Warn("ExecuteNonQuery:IntegrateUser-userId", $"{userId}");

              DateTime updateDt = DateTime.UtcNow;
        
            Centralpoint.Utilities.Database.ExecuteNonQuery(Management.Application.ExecuteConnectionString, $"UPDATE cpsys_Users SET LastLoginDate = '{updateDt}'{userLockoutSql} WHERE UserId = '{userId}'; ");
           
			
			return true;
		}
		else
		{
			return false;
		}		
	}
	

}

Keywords: Global Login, SAML



Related Code Samples Records
Related Taxonomy

Comments:

Be the first to leave a comment.
Please Login to post comments.