Diplomarbeit-Absolventenverein/oqtane.framework
10
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

completed antiforgery implementation, improved external login claim mapping, principal construction, and user experience

Browse Source
This commit is contained in:
Shaun Walker
2022-04-22 17:54:20 -04:00
parent 391713b84d
commit e4c648ee92
38 changed files with 645 additions and 525 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
Oqtane.Server/Pages/External.cshtml.cs
View File

@ -1,11 +1,14 @@
using System.Net;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.RazorPages;
using Oqtane.Extensions;
namespace Oqtane.Pages
{
[AllowAnonymous]
[IgnoreAntiforgeryToken]
public class ExternalModel : PageModel
{
public IActionResult OnGetAsync(string returnurl)
@ -16,7 +19,7 @@ namespace Oqtane.Pages
var providertype = HttpContext.GetSiteSettings().GetValue("ExternalLogin:ProviderType", "");
if (providertype != "")
{
return new ChallengeResult(providertype, new AuthenticationProperties { RedirectUri = returnurl });
return new ChallengeResult(providertype, new AuthenticationProperties { RedirectUri = returnurl + (returnurl.Contains("?") ? "&" : "?") + "reload=post" });
}
else
{
@ -24,5 +27,22 @@ namespace Oqtane.Pages
return new EmptyResult();
}
}
public IActionResult OnPostAsync(string returnurl)
{
if (returnurl == null)
{
returnurl = "";
}
if (!returnurl.StartsWith("/"))
{
returnurl = "/" + returnurl;
}
// remove reload parameter
returnurl = returnurl.ReplaceMultiple(new string[] { "?reload=post", "&reload=post" }, "");
return LocalRedirect(Url.Content("~" + returnurl));
}
}
}