This project has several helper classes that facilitate common operations such as hosting and providing models for user context and securing access.
Key classes in the Login library and their purpose:
PartnerHttpContext Class: SuperOffice Context Provider
When SuperOffice API code is runs, a context provider is required to supply an authenticated principal to the executing code:
- During initial authentication, NetServer validates a set of credentials
- NetServer then delegates to the context provider and lets it determine where to store the session containing the principal.
The default memory storage location options for a SuperOffice session are:
These defaults don't scale well in web applications. Therefore, we need to create a context provider that stores the session in an ASP.NET web application friendly way.
This example implementation uses ASP.NET Session state as a storage medium.
Please refer to the code in the SuperOffice.DevNet.Online.Login.SoPlugins.HttpContextProvider.cs file for details.
SuperOfficeAuthorizeAttribute Class: Access Security
Protecting data and resources, and requiring user context, is a necessity.
In this example, the SuperOfficeAuthorizeAttribute class is the gatekeeper. Its job is to stand in front of each method containing SuperOffice API code and verify that an authenticated session exists.
- If an authenticated session exists, the method is allowed to proceed.
- If an authenticated session doesn't exist, the user is redirected to the SuperOffice SuperID federated login page. This is defined in the appSettings>SoFederationGateway property.
Upon successful authentication, the user is then redirected from SuperID to the predefined callback URL.
The URL that defines the SuperOffice SuperID login page is defined in the SoFederationGateway appSettings value, and will change when moving to the production environment.