How It Works - Sitefinity/Sitefinity-External-STS-Integration GitHub Wiki

Home / How It Works

The Base Scenario

Clicking the Facebook link on the login widget is handled with JavaScript: it adds the open authentication provider id to the query string parameters and redirects to the wrapped Sitefinity internal authentication handler.

The handler checks if the user is authenticated. If the user is not authenticated the handler is redirected to the login form. If the open authentication provider key is present in the query string, this action redirects to the external authentication provider.

When the external authentication provider authenticates the user it redirects back to the application, and includes the authenticated user token. If the user is authenticated for the first time, a matching user in Sitefinity is created.

The Project's Files

The module consists of a number of files:

  • OauthAuthenticationModule.cs: This is the module file.
    In the install method, which is invoked only one time during the first initialization of the module, the custom login widget is added to the ToolboxesConfig and a virtual path, which points to the embedded template is added to VirtualPathProvider.

    In the initialize method of the module, the Facebook open-authentication provider is registered. The Facebook application id and secret-key are obtained from the web.config, and passed to that provider. Sitefinity's default authentication handler is replaced with OAuthAuthenticationHttpHandler.

  • The login widget-designer consists of:
    oAuthLoginDesigner.cs
    oAuthLoginDesigner.js
    oAuthLoginDesignerTemplate.ascx
    It contains only a page selector, for the setting a landing page when the user logs-in for the first time.

  • The login widget itself consists of:
    OauthLoginForm.cs
    OauthLoginForm.js
    OauthLoginForm.ascx
    The widget inherits the original LoginForm and extend its functionality. It load OauthLoginForm.ascx as a control and add it to the widget controls.

    The client side of this control is contained in OauthLoginForm.js.
    It subscribes to the click events of OauthLoginForm.ascx, and redirects to the Sitefinity's internal login service URL, adding the provider and the successful redirect URL to the query string.

  • OauthAuthenticationHttpHandler.cs: this is the class which extends the default Sitefinity authentication handler. The entry point is the ProcessRequest method.
    It checks whether the user is successfully authenticated and if they already exist in the system. In case that the user doesn't exist yet, it creates a new one, assigns them to the Users role and creates a default profile for them.
    If the user is not authenticated, it sends the login form back to the client.
    In case that the user is not authenticated and the open authentication provider is specified in the query string, it redirects the request to the provider.

This is the sequence diagram of the process:

< Back home