Beispiel #1
0
        public void StoreNewRequestToken(DotNetOpenAuth.OAuth.Messages.UnauthorizedTokenRequest request, DotNetOpenAuth.OAuth.Messages.ITokenSecretContainingMessage response)
        {
            var storage = this.GetTokenStorage();
            InMemoryToken token = new InMemoryToken() { Token = response.Token, TokenSecret = response.TokenSecret, TokenType = TokenType.RequestToken };

            storage[token.Token] = token;
        }
Beispiel #2
0
        public AccessTokenResult CreateAccessToken(DotNetOpenAuth.OAuth2.Messages.IAccessTokenRequest accessTokenRequestMessage)
        {
            var token = new AuthorizationServerAccessToken();
            token.Lifetime = TimeSpan.FromMinutes(2);

            token.ClientIdentifier = accessTokenRequestMessage.ClientIdentifier;

            foreach (string s in accessTokenRequestMessage.Scope)
            {
                token.Scope.Add(s);
            }

            token.User = accessTokenRequestMessage.UserName;
               // token.ExtraData.Add("id_token","thisisthejwt");

            var signCert = LoadCert(Config.ALHAMBRA_AUTHORIZATION);
            token.AccessTokenSigningKey = (RSACryptoServiceProvider)signCert.PrivateKey;

            var encryptCert = LoadCert(Config.ALHAMBRA_RESOURCES);
            token.ResourceServerEncryptionKey = (RSACryptoServiceProvider)encryptCert.PublicKey.Key;

            var accessTokenResult = new AccessTokenResult(token);
            accessTokenResult.AccessToken.ClientIdentifier = accessTokenRequestMessage.ClientIdentifier;

            //Page 13 on draft 26 - Open Id Connect Basic Client Profile
            //if (token.Scope.Contains("offline_access"))
            //{
            //    accessTokenResult.AllowRefreshToken = true;
            //}

            accessTokenResult.AllowRefreshToken = true;

            return accessTokenResult;
        }
Beispiel #3
0
 private void VerifyAuthentication(Axioms.AuthenticationHelper.Networks authType, out DotNetOpenAuth.AspNet.AuthenticationResult res, Uri authUrl)
 {
     var client = Axioms.AuthenticationHelper.GetClient(authType);
     if (authType == OpenAuth.Axioms.AuthenticationHelper.Networks.Facebook)
         res = (client as DotNetOpenAuth.AspNet.Clients.FacebookClient).VerifyAuthentication(HttpContext, authUrl);
     else
         res = client.VerifyAuthentication(HttpContext);
 }
Beispiel #4
0
		public override AccessToken DeserializeAccessToken(DotNetOpenAuth.Messaging.IDirectedProtocolMessage message, string accessToken) {
			var token = base.DeserializeAccessToken(message, accessToken);

			// Ensure that clients coming in this way always belong to the oauth_client role.
			token.Scope.Add("oauth_client");

			return token;
		}
Beispiel #5
0
    public Guid RegisterAuthenticationRequest(DotNetOpenAuth.OpenId.Realm realm, string clientIpAddress)
    {
      Guid guid = Guid.NewGuid();

      // Put this guid into the cache.
      HttpContext.Current.Cache.Add(guid.ToString(), false, null, DateTime.Now.AddSeconds(30), System.Web.Caching.Cache.NoSlidingExpiration, System.Web.Caching.CacheItemPriority.Low, null);

      return guid;
    }
Beispiel #6
0
		public override bool TryValidateAccessToken(DotNetOpenAuth.Messaging.IDirectedProtocolMessage message, string accessToken, out string user, out HashSet<string> scope) {
			bool result = base.TryValidateAccessToken(message, accessToken, out user, out scope);
			if (result) {
				// Ensure that clients coming in this way always belong to the oauth_client role.
				scope.Add("oauth_client");
			}

			return result;
		}
Beispiel #7
0
        protected override void AddNeededExtensions(ref DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationRequest request)
        {
            var sreg = new ClaimsRequest();
            sreg.Nickname = DemandLevel.Require;
            sreg.Email = DemandLevel.Require;
            request.AddExtension(sreg);

            var ax = new FetchRequest();
            ax.Attributes.Add(new AttributeRequest(WellKnownAttributes.Contact.Email, true));
            ax.Attributes.Add(new AttributeRequest(WellKnownAttributes.Name.Alias, true));
            request.AddExtension(ax);
        }
Beispiel #8
0
		/// <summary>
		/// Stores a newly generated unauthorized request token, secret, and optional
		/// application-specific parameters for later recall.
		/// </summary>
		/// <param name="request">The request message that resulted in the generation of a new unauthorized request token.</param>
		/// <param name="response">The response message that includes the unauthorized request token.</param>
		/// <exception cref="ArgumentException">Thrown if the consumer key is not registered, or a required parameter was not found in the parameters collection.</exception>
		public void StoreNewRequestToken(DotNetOpenAuth.OAuth.Messages.UnauthorizedTokenRequest request, DotNetOpenAuth.OAuth.Messages.ITokenSecretContainingMessage response) {
			this.tokenManager.StoreRequestToken(response.Token, response.TokenSecret);
		}
Beispiel #9
0
 public void StoreNewRequestToken(DotNetOpenAuth.OAuth.Messages.UnauthorizedTokenRequest request, DotNetOpenAuth.OAuth.Messages.ITokenSecretContainingMessage response)
 {
     //You don't need to do anything here
 }
Beispiel #10
0
 protected override DotNetOpenAuth.AspNet.AuthenticationResult VerifyAuthenticationCore(DotNetOpenAuth.OAuth.Messages.AuthorizedTokenResponse response)
 {
     throw new NotImplementedException();
 }
Beispiel #11
0
 public static void SetClaimsFromAuthenticationResult(DotNetOpenAuth.AspNet.AuthenticationResult result)
 {
     IEnumerable<Claim> claims = GetClaimsFromAuthenticationResult(result);
     WriteClaimsToResponse(claims);
 }
Beispiel #12
0
        bool DoAuthentication(OSHttpResponse httpResponse, DotNetOpenAuth.OpenId.Provider.IAuthenticationRequest authRequest, ClaimsRequest claimsRequest,
            UserProfileData profile, string pass)
        {
            bool authSuccess = false;

            if (!String.IsNullOrEmpty(pass))
            {
                authSuccess = CableBeachState.LoginService.AuthenticateUser(profile, pass);
                m_log.Info("[CABLE BEACH IDP]: Password match result for " + profile.Name + ": " + authSuccess);

                if (authSuccess)
                {
                    // Mark the OpenID request as successfully authenticated
                    authRequest.IsAuthenticated = true;

                    // Cache this login
                    SetCookie(httpResponse, new Uri(authRequest.ClaimedIdentifier), profile);

                    if (claimsRequest != null)
                    {
                        // Fill in a few Simple Registration values if there was a request for SREG data
                        ClaimsResponse claimsResponse = claimsRequest.CreateResponse();
                        claimsResponse.Email = profile.Email;
                        claimsResponse.FullName = profile.Name;
                        claimsResponse.BirthDate = Utils.UnixTimeToDateTime(profile.Created);
                        authRequest.AddResponseExtension(claimsResponse);

                        m_log.Debug("[CABLE BEACH IDP]: Appended SREG values to the positive assertion response");
                    }
                }
            }
            else
            {
                // Valid POST but missing the password field
                m_log.Warn("[CABLE BEACH IDP]: POST is missing pass field for " + profile.Name);
            }

            return authSuccess;
        }
Beispiel #13
0
 private static IEnumerable<Claim> GetClaimsFromAuthenticationResult(DotNetOpenAuth.AspNet.AuthenticationResult result)
 {
     return GetClaimsFromDictionary(result.Provider, result.ExtraData);
 }
Beispiel #14
0
 partial void OnVerificationCodeFormatChanging(DotNetOpenAuth.OAuth.VerificationCodeFormat value);
Beispiel #15
0
		public string GetConsumerKey(DotNetOpenAuth.OpenId.Realm realm) {
			// We just use the realm as the consumer key, like Google does.
			return realm;
		}
Beispiel #16
0
 public AutomatedUserAuthorizationCheckResponse CheckAuthorizeResourceOwnerCredentialGrant(string userName, string password, DotNetOpenAuth.OAuth2.Messages.IAccessTokenRequest accessRequest)
 {
     throw new NotImplementedException();
 }
Beispiel #17
0
 protected void OpenIdButtonYahoo_LoggedIn(object sender, DotNetOpenAuth.OpenId.RelyingParty.OpenIdEventArgs e)
 {
     OnLoggedIn(sender, e);
 }
Beispiel #18
0
 public AutomatedAuthorizationCheckResponse CheckAuthorizeClientCredentialsGrant(DotNetOpenAuth.OAuth2.Messages.IAccessTokenRequest accessRequest)
 {
     throw new NotImplementedException();
 }
Beispiel #19
0
 public void StoreNewRequestToken(DotNetOpenAuth.OAuth.Messages.UnauthorizedTokenRequest request, DotNetOpenAuth.OAuth.Messages.ITokenSecretContainingMessage response)
 {
     _userService.SetDropboxRequestToken(_userId, response.Token, response.TokenSecret);
 }
Beispiel #20
0
        bool DoAuthentication(OSHttpResponse httpResponse, DotNetOpenAuth.OpenId.Provider.IAuthenticationRequest authRequest, ClaimsRequest claimsRequest,
            string first, string last, string pass)
        {
            bool authSuccess = false;

            if (!String.IsNullOrEmpty(first) && !String.IsNullOrEmpty(last) && !String.IsNullOrEmpty(pass))
            {
                UserProfileData profile;
                if (CableBeachState.TryGetProfile(first, last, out profile))
                {
                    // Set the claimed identifier to the URL of the given identity
                    Uri identity = new Uri(CableBeachState.UserServerUrl, String.Format("/users/{0}.{1}", profile.FirstName, profile.SurName));
                    authRequest.ClaimedIdentifier = identity;

                    authSuccess = CableBeachState.LoginService.AuthenticateUser(profile, pass);
                    m_log.Info("[CABLE BEACH IDP]: Password match result for " + profile.Name + ": " + authRequest.IsAuthenticated);

                    if (authSuccess)
                    {
                        // Mark the OpenID request as successfully authenticated
                        authRequest.IsAuthenticated = true;

                        // Cache this login
                        SetCookie(httpResponse, identity, profile);

                        if (claimsRequest != null)
                        {
                            // Fill in a few Simple Registration values if there was a request for SREG data
                            ClaimsResponse claimsResponse = claimsRequest.CreateResponse();
                            claimsResponse.Email = profile.Email;
                            claimsResponse.FullName = profile.Name;
                            claimsResponse.BirthDate = Utils.UnixTimeToDateTime(profile.Created);
                            authRequest.AddResponseExtension(claimsResponse);

                            m_log.Debug("[CABLE BEACH IDP]: Appended SREG values to the positive assertion response");
                        }
                    }
                }
                else
                {
                    m_log.Warn("[CABLE BEACH IDP]: Profile for user " + first + " " + last + " not found");
                }
            }
            else
            {
                // Valid POST but missing one or more fields
                m_log.Warn("[CABLE BEACH IDP]: POST is missing first, last, or pass field, sending directed login form");
            }

            return authSuccess;
        }
Beispiel #21
0
 public void StoreNewRequestToken(DotNetOpenAuth.OAuth.Messages.UnauthorizedTokenRequest request, DotNetOpenAuth.OAuth.Messages.ITokenSecretContainingMessage response)
 {
     _tokensAndSecrets[response.Token] = response.TokenSecret;
 }
Beispiel #22
0
 public OpenIdAjaxRelyingParty(DotNetOpenAuth.OpenId.RelyingParty.OpenIdAjaxRelyingParty actual)
 {
     this.actual = actual;
 }
Beispiel #23
0
 private string GetAx(DotNetOpenAuth.OpenId.Extensions.AttributeExchange.FetchResponse fetchrespone)
 {
     System.Text.StringBuilder sb = new System.Text.StringBuilder();
     Dictionary<string, string> userdata = new Dictionary<string, string>();
     foreach (var attribs in fetchrespone.Attributes)
     {
         sb.Append(attribs.TypeUri.Split('/').ToList().Last() + "..." + attribs.Values[0].ToString() + "...");
     }
     return sb.ToString();
 }
Beispiel #24
0
        void DoCachedAuthentication(DotNetOpenAuth.OpenId.Provider.IAuthenticationRequest authRequest, ClaimsRequest claimsRequest, AuthCookie authCookie)
        {
            m_log.Info("[CABLE BEACH IDP]: Using cached login credentials for " + authCookie.UserProfile.Name);

            authRequest.ClaimedIdentifier = authCookie.Identity;
            authRequest.IsAuthenticated = true;

            if (claimsRequest != null)
            {
                // Fill in a few Simple Registration values if there was a request for SREG data
                ClaimsResponse claimsResponse = claimsRequest.CreateResponse();
                claimsResponse.Email = authCookie.UserProfile.Email;
                claimsResponse.FullName = authCookie.UserProfile.Name;
                claimsResponse.BirthDate = Utils.UnixTimeToDateTime(authCookie.UserProfile.Created);
                authRequest.AddResponseExtension(claimsResponse);

                m_log.Debug("[CABLE BEACH IDP]: Appended SREG values to the positive assertion response");
            }
        }
Beispiel #25
0
        void OnLoggedIn(object sender, DotNetOpenAuth.OpenId.RelyingParty.OpenIdEventArgs e)
        {
            if (e.Response.Status == DotNetOpenAuth.OpenId.RelyingParty.AuthenticationStatus.Authenticated && e.Response.ClaimedIdentifier != null)
            {
                AuthenticationInformation user = new AuthenticationInformation();
                user.FriendlyName = e.Response.FriendlyIdentifierForDisplay;
                user.OpenIdentifier = e.Response.ClaimedIdentifier;
                TextBox1.Text = user.FriendlyName + Environment.NewLine + user.OpenIdentifier;
                zContext.Session.OpenIDAuthenticationInformation = user;
                zContext.Session.ResetData();
                if (zContext.Session.Flags.OpenIDNotLinked)
                {
                    TextBox1.Text = "OpenIDNotLinked" + Environment.NewLine + TextBox1.Text;

                    WebDirector.Instance.Redirect("/account/idlink");
                }
                else
                    WebDirector.Instance.Redirect("/home");
            }
        }
Beispiel #26
0
 public bool IsAuthorizationValid(DotNetOpenAuth.OAuth2.ChannelElements.IAuthorizationDescription authorization)
 {
     if (authorization.ClientIdentifier == "NATURE"
         && authorization.Scope.Count() > 0
         && authorization.Scope.First() == "openid"
         && authorization.User == "*****@*****.**")
     {
         return true;
     }
     return false;
 }
Beispiel #27
0
 void openIDLogin_LoggedIn(object sender, DotNetOpenAuth.OpenId.RelyingParty.OpenIdEventArgs e)
 {
     Server.Transfer("ProtectedResource.aspx");
 }
Beispiel #28
0
        public void StoreKey(string bucket, string handle, DotNetOpenAuth.Messaging.Bindings.CryptoKey key)
        {
            using (IEntityContext context = DependencyInjection.Get<IEntityContext>())
            {
                using (IOAuth2CryptoKeyRepository repository = DependencyInjection.Get<IOAuth2CryptoKeyRepository>(InjectionParameter.Create("context", context)))
                {
                    Entity.OAuth2CryptoKey _key = new Entity.OAuth2CryptoKey();
                    _key.ID = Guid.NewGuid();
                    _key.Bucket = bucket;
                    _key.Handle = handle;
                    _key.Secret = Encoding.Unicode.GetString(key.Key);
                    _key.ExpiresUtc = key.ExpiresUtc;

                    repository.AddOrUpdate(_key);
                }

                context.Commit();
            }
        }
Beispiel #29
0
		public void StoreNewRequestToken(DotNetOpenAuth.OAuth.Messages.UnauthorizedTokenRequest request, DotNetOpenAuth.OAuth.Messages.ITokenSecretContainingMessage response) {
			throw new NotImplementedException();
		}
Beispiel #30
0
 public bool IsAuthorizationValid(DotNetOpenAuth.OAuth2.ChannelElements.IAuthorizationDescription authorization)
 {
     return true;
 }