43. EPMO Open Source Coordination Office Redaction File Detail Report

Produced by Araxis Merge on 1/15/2018 12:47:20 AM Eastern Standard Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.

43.1 Files compared

#	Location	File	Last Modified
1	AHOBPRe_v5.0_build3.zip\Applications\AHOBPR_UserInterface	Login.aspx.cs	Mon Jan 8 21:46:05 2018 UTC
2	AHOBPRe_v5.0_build3.zip\Applications\AHOBPR_UserInterface	Login.aspx.cs	Tue Jan 9 05:55:16 2018 UTC

43.2 Comparison summary

Description	Between Files 1 and 2
Description	Text Blocks	Lines
Unchanged	2	482
Changed	1	10
Inserted	0	0
Removed	0	0

43.3 Comparison options

Whitespace
Character case	Differences in character case are significant
Line endings	Differences in line endings (`CR` and `LF` characters) are ignored
CR/LF characters	Not shown in the comparison detail

43.4 Active regular expressions

No regular expressions were active.

43.5 Comparison detail

	1	using Syst em;
	2	using Syst em.Collect ions.Gener ic;
	3	using Syst em.Linq;
	4	using Syst em.Web;
	5	using Syst em.Web.UI;
	6	using Syst em.Web.UI. WebControl s;
	7	using Vete ransAffair s.Registri es.Busines s;
	8	using Vete ransAffair s.Registri es.Busines sAHOBPR;
	9	using Vete ransAffair s.Registri es.Busines sManager;
	10	using Vete ransAffair s.Registri es.Busines sManagerAH OBPR;
	11	using Anti XssEnc = M icrosoft.S ecurity.Ap plication;
	12
	13	public par tial class Login : B asePage
	14	{
	15	#regio n Messages
	16
	17	privat e const St ring Creat eAccountEr ror = "The re was an error crea ting your account. " +
	18	"P lease cont act the AH OBPR Clini cal Portal Registry Manager/He lp Desk. " +
	19	"E mail & Pho ne # go he re.";
	20	privat e const St ring Waiti ngForAutho rization = "If you h ave a Vist A account, click bel ow to vali date you c redentials . Once you r VistA cr edentials are valida ted your a ccount wil l be appro ved.<br /> ";
	21	privat e const St ring Vista LoginFailu reNewAccou nt = "Your VistA Cre dentials c annot be v alidated. " +
	22	"T ry again o r select ' I don't ha ve a VistA account'" ;
	23	privat e const St ring Vista LoginFailu reExisting Account = "If you ha ve a VistA account, click belo w to valid ate you cr edentials. Once your VistA cre dentials a re validat ed your ac count will be approv ed.";
	24	privat e const St ring Accou ntDisabled = "Your a ccount has been disa bled. <br />If you have a Vis tA account , click be low to val idate you credential s. Once yo ur VistA c redentials are valid ated your account wi ll be appr oved. <br /> ";
	25	privat e const St ring Vista LoginMessa ge = "Vist a credenti als are va lidated an nually. " +
	26	"I n order to continue accessing the AHOBPR Clinical Portal, pl ease verif y your Vis tA credent ials.";
	27	privat e const St ring Conta ctInfo = " If you don ’t have a VistA acco unt contac t the AHOB PR Help De sk (877) 4 70-5947 -W eekdays 7a .m. – 7p.m (CT).";
	28	privat e const St ring Conta ctInfoPend ing = "If you don’t have a Vis tA account , your ac count is p ending app roval. Co ntact the AHOBPR Hel p Desk (87 7) 470-594 7 -Weekday s 7a.m. – 7p.m (CT). ";
	29
	30	#endre gion
	31
	32	#regio n Events
	33
	34	protec ted void P age_Load(o bject send er, EventA rgs e)
	35	{
	36	Us erSession. GuiControl s = null;
	37	if (!IsPostB ack)
	38	{
	39	if (!str ing.IsNull OrEmpty(Us erSession. LoginMessa ge))
	40	{
	41	Disp layMessage (UserSessi on.LoginMe ssage);
	42	User Session.Lo ginMessage = string. Empty;
	43	retu rn;
	44	}
	45
	46	DisplayM essage(nul l);
	47	CheckLog in();
	48
	49	string r String = G etVistaLog inAddress( );
	50	vistaLog inBtn.Post BackUrl = rString;
	51	}
	52	}
	53
	54	protec ted void c reateAcctB tn_Click(O bject send er, EventA rgs e)
	55	{
	56	Re sponse.Red irect("Cre ateAccount .aspx");
	57	}
	58
	59	protec ted void d evLoginBtn _Click(Obj ect sender , EventArg s e)
	60	{
	61	St ring usern ame = ((Li nkButton)s ender).Com mandArgume nt;
	62	Ht tpContext. Current.Us er = new S ystem.Secu rity.Princ ipal.Gener icPrincipa l(
	63	new Syst em.Securit y.Principa l.GenericI dentity(us ername), n ew String[ ] { });
	64	Sy stem.Threa ding.Threa d.CurrentP rincipal = HttpConte xt.Current .User;
	65	Re sponse.Coo kies.Add(n ew HttpCoo kie("Debug -UserName" , username ));
	66	Ch eckLogin() ;
	67	}
	68
	69	protec ted void n ewUserBtn_ Click(Obje ct sender, EventArgs e)
	70	{
	71	st ring usern ame = Http Context.Cu rrent.User .GetCurren tUserNameW ithoutDoma in() + Dat eTime.Now. Millisecon d.ToString ();
	72	Ht tpContext. Current.Us er = new S ystem.Secu rity.Princ ipal.Gener icPrincipa l(
	73	new Syst em.Securit y.Principa l.GenericI dentity(us ername), n ew String[ ] { });
	74	Sy stem.Threa ding.Threa d.CurrentP rincipal = HttpConte xt.Current .User;
	75	Re sponse.Coo kies.Add(n ew HttpCoo kie("Debug -UserName" , username ));
	76	Ch eckLogin() ;
	77	}
	78
	79	#endre gion
	80
	81	#regio n Page Set up
	82
	83	privat e void Dis playMessag e(String m essage)
	84	{
	85	if (!string. IsNullOrEm pty(UserSe ssion.Logi nMessage))
	86	{
	87	message = UserSess ion.LoginM essage;
	88	}
	89	if (message != null)
	90	{
	91	newUserL oginPnl.Vi sible = fa lse;
	92	switch ( message)
	93	{
	94	case "CreateAc countError ":
	95	loginMessa geLbl.Text = CreateA ccountErro r;
	96	break;
	97	case "WaitingF orAuthoriz ation":
	98	loginMessa geLbl.Text = Waiting ForAuthori zation;
	99	loginMessa ge2Lbl.Tex t = Contac tInfoPendi ng;
	100	newUserLog inPnl.Visi ble = true ;
	101	break;
	102	case "VistaLog inFailureE xistingAcc ount":
	103	loginMessa geLbl.Text = VistaLo ginFailure ExistingAc count;
	104	break;
	105	case "VistaLog inFailureN ewAccount" :
	106	loginMessa geLbl.Text = VistaLo ginFailure NewAccount ;
	107	break;
	108	case "AccountD isabled":
	109	loginMessa geLbl.Text = Account Disabled;
	110	loginMessa ge2Lbl.Tex t = Contac tInfo;
	111	newUserLog inPnl.Visi ble = true ;
	112	break;
	113	case "VistaLog inMessage" :
	114	loginMessa geLbl.Text = VistaLo ginMessage ;
	115	loginMessa ge2Lbl.Tex t = Contac tInfo;
	116	newUserLog inPnl.Visi ble = true ;
	117	break;
	118	}
	119	UserSess ion.LoginM essage = s tring.Empt y;
	120	}
	121	}
	122
	123	public override string Top MenuName()
	124	{
	125	re turn strin g.Empty;
	126	}
	127
	128	public override string Men uItemName( )
	129	{
	130	re turn strin g.Empty;
	131	}
	132
	133	public override string App ObjectCode ()
	134	{
	135	re turn strin g.Empty;
	136	}
	137
	138	#endre gion
	139
	140	privat e void Che ckLogin()
	141	{
	142	// Determine whether th e user exi sts:
	143	// Try pullin g the user from the main user table:
	144	st ring userI d = HttpCo ntext.Curr ent.User.G etCurrentU serNameWit houtDomain ();
	145	st ring Regis try = Help ers.GetCon figEntry(" Registry") ;
	146	Us erAccountM anager mai nUser = ne w UserAcco untManager (userId, R egistry);
	147
	148	// now determ ine if the y're an AH OBPR user:
	149	AH OBPRUserMa nager user Manager = new AHOBPR UserManage r();
	150	AH OBPR_USER ahobprUser = userMan ager.GetUs er(mainUse r.UserId);
	151	if (mainUser .UserId == 0 \|\| ahob prUser == null)
	152	{
	153	//Then t his user d oes not ha ve an acco unt in the system.
	154	//Redire ct them to the creat e account page:
	155	Response .Redirect( "CreateAcc ount.aspx" );
	156	}
	157
	158	// The user d oes have a standard login, set the curre nt user & principal:
	159	Ht tpContext. Current.Us er = mainU ser;
	160	Sy stem.Threa ding.Threa d.CurrentP rincipal = mainUser;
	161
	162	sw itch (ahob prUser.IsV alid())
	163	{
	164	case Aho bprExtensi ons.LoginR esults.New :
	165	Dele teUserCook ie();
	166	Resp onse.Redir ect("Creat eAccount.a spx");
	167	brea k;
	168	case Aho bprExtensi ons.LoginR esults.Dis abled:
	169	Disp layMessage ("AccountD isabled");
	170	Dele teUserCook ie();
	171	brea k;
	172	case Aho bprExtensi ons.LoginR esults.Dis abled90Day s:
	173	//Di sable the account:
	174	user Manager.En ableAccoun t(ahobprUs er, false) ;
	175	//Re direct to the VISTA login page
	176	Disp layMessage ("AccountD isabled");
	177	Dele teUserCook ie();
	178	brea k;
	179	case Aho bprExtensi ons.LoginR esults.Dis abledVista :
	180	Disp layMessage ("VistaLog inMessage" );
	181	Dele teUserCook ie();
	182	brea k;
	183	case Aho bprExtensi ons.LoginR esults.Pen ding:
	184	Disp layMessage ("WaitingF orAuthoriz ation");
	185	Dele teUserCook ie();
	186	brea k;
	187	case Aho bprExtensi ons.LoginR esults.Val id:
	188	Succ essfulLogi n();
	189	brea k;
	190	}
	191	}
	192
	193	privat e void Suc cessfulLog in()
	194	{
	195	// Update Las t Login va lue for th is user:
	196	AH OBPRUserMa nager user Manager = new AHOBPR UserManage r();
	197	AH OBPR_USER ahobprUser = userMan ager.GetUs er(((Veter ansAffairs .Registrie s.Business Manager.Us erAccountM anager)Htt pContext.C urrent.Use r).UserId) ;
	198	us erManager. UpdateLogi n(ahobprUs er);
	199	Us erSession. CurrentUse r = ahobpr User;
	200
	201	if (Request. Cookies["C urrentUser "] == null )
	202	{
	203	HttpCook ie newCook ie = new H ttpCookie( "CurrentUs er", HttpC ontext.Cur rent.User. GetCurrent UserNameWi thoutDomai n());
	204	newCooki e.Expires = DateTime .Now.AddMi nutes(30);
	205	Response .Cookies.A dd(newCook ie);
	206
	207	Response .Redirect( "login.asp x");
	208	}
	209	el se
	210	{
	211	HttpCook ie newCook ie = new H ttpCookie( "CurrentUs er", HttpC ontext.Cur rent.User. GetCurrent UserNameWi thoutDomai n());
	212	newCooki e.Expires = DateTime .Now.AddMi nutes(30);
	213	Response .Cookies.A dd(newCook ie);
	214
	215	Response .Redirect( "Registran tSearch.as px");
	216	}
	217	}
	218
	219	privat e void Del eteUserCoo kie()
	220	{
	221	Ht tpCookie n ewCookie = new HttpC ookie("Cur rentUser", "x");
	222	ne wCookie.Ex pires = Da teTime.Now .AddMinute s(30);
	223	Re sponse.Coo kies.Add(n ewCookie);
	224	}
	225
	226	privat e string G etVistaLog inAddress( )
	227	{
	228	St ring strFi nalURL = s tring.Empt y;
	229	St ring strUs erKey = Co nvert.ToBa se64String (System.Te xt.ASCIIEn coding.ASC II.GetByte s(HttpCont ext.Curren t.User.Get CurrentUse rNameWitho utDomain() ));
	230	St ring[] str URLArray = new Strin g[]
	231	{ "DevVist aLogin.asp x" + "/" + strUserKe y
	232	, "https:/ / IP /ahobpr-pr ovider/reg istry" + " /" + strUs erKey
	233	, "https:/ / IP /ahobpr-pr ovider/reg istry" + " /" + strUs erKey
	234	, "https:/ / IP /ahobpr-pr ovider/reg istry" + " /" + strUs erKey
	235	, "https:/ / IP /ahobpr-pr ovider/reg istry" + " /" + strUs erKey
	236	, "https:/ / IP /ahobpr-pr ovider/reg istry" + " /" + strUs erKey
	237	};
	238
	239	St ring redir ect = Help ers.GetCon figEntry(" VistaLogin Address") + "/" + st rUserKey;
	240
	241	if (strURLAr ray.Contai ns(redirec t))
	242	strFinal URL = redi rect;
	243
	244	re turn strFi nalURL;
	245	}
	246	}