Learning Center/API and Integration/Embedding

Embedding C# code sample (with remote authentication)

Christian Pedersen
posted this on December 07, 2010 05:11 am

The code below is a sample of using the Embedding API with ASP.Net and C#. For more details, refer to the main article.

<%@ Page Language="C#" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<script runat="server">    
    void Page_Load(object sender, System.EventArgs e)
    {
        // Configuration setting from OneLogin
        string embedToken = "afe5a54c35adeff9865b7927a7e62a042ea723";

        // Data about the current user from session etc. (sample data)   
        string email = "user@mycompany.com";
        
        string url = "https://app.onelogin.com/client/apps/embed2?token=" + embedToken + "&email=" + email;

        // Retrieve XML document from OneLogin
        System.Net.WebClient wc = new System.Net.WebClient();
        System.IO.Stream stream = wc.OpenRead(url);

        System.Data.DataSet ds = new System.Data.DataSet();
        ds.ReadXml(stream);
        stream.Close();

        repeater1.DataSource = ds;
        repeater1.DataBind();
    }

    void App_OnClick(object sender, CommandEventArgs e)
    {
        // Configuration settings from OneLogin
        string remoteAuthToken = "9b8038bf0d9368ed8e5d1898f16d8b4e25f2b311";
        string accountId = "1970";

        // Data about the current user from session etc. (sample data)
        string email = "christian@onelog.in";
        string firstname = "Christian";
        string lastname = "Pedersen";

        string loginId = e.CommandArgument.ToString();

        // Calculate a UNIX-style UTC timestamp
        TimeSpan ts = (DateTime.Now.ToUniversalTime() - new DateTime(1970, 1, 1, 0, 0, 0));
        string unixTime = System.Math.Round(ts.TotalSeconds,0).ToString();

        // Create a MD5 digest (HEX) of the payload
        string payload = firstname + lastname + email + remoteAuthToken + unixTime;
        byte[] p = Encoding.Default.GetBytes(payload);
        byte[] bytes = System.Security.Cryptography.MD5.Create().ComputeHash(p);
        string hash = BitConverter.ToString(bytes).Replace("-", "").ToLower();

        string url = "https://app.onelogin.com/sessions/remote"
            + "?firstname=" + firstname
            + "&lastname=" + lastname
            + "&email=" + email
            + "&timestamp=" + unixTime
            + "&accountid=" + accountId
            + "&hash=" + hash
            + "&launch=" + loginId;

        Response.Redirect(url);
    }
</script>

<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
    <title>OneLogin embedding demo</title>
</head>
<body>
    <form id="form1" runat="server">
        <div>
            <asp:Repeater ID="repeater1" runat="server">
                <ItemTemplate>
                    <asp:ImageButton OnCommand="App_OnClick" runat="server" CommandArgument='<%# DataBinder.Eval(Container.DataItem, "id") %>' ImageUrl='<%# DataBinder.Eval(Container.DataItem, "icon") %>' />
                    <asp:LinkButton OnCommand="App_OnClick" runat="server" CommandArgument='<%# DataBinder.Eval(Container.DataItem, "id") %>'><%#DataBinder.Eval(Container.DataItem, "Name")%></asp:LinkButton>
                    <br />
                </ItemTemplate>
            </asp:Repeater>
        </div>
        <div>
            <asp:Label ID="lbl" runat="server"></asp:Label>
        </div>
    </form>
</body>
</html>
 

Comments

User photo
Magnus Wissler

Isn't it established that MD5 is broken as a hash function? Or maybe that doesn't apply here?

April 04, 2011 03:45 am
Add a comment