public void Serializable() {
var op = CreateProvider();
Protocol protocol = Protocol.V20;
var req = new SignedResponseRequest(protocol.Version, OPUri, AuthenticationRequestMode.Setup);
req.ReturnTo = RPUri;
var anonReq = new AnonymousRequest(op, req);
MemoryStream ms = new MemoryStream();
IFormatter formatter = new BinaryFormatter();
formatter.Serialize(ms, anonReq);
ms.Position = 0;
var req2 = (AnonymousRequest)formatter.Deserialize(ms);
Assert.That(req2, Is.Not.Null);
}
public async Task IsApprovedDeterminesReturnedMessage() {
var op = CreateProvider();
Protocol protocol = Protocol.V20;
var req = new SignedResponseRequest(protocol.Version, OPUri, AuthenticationRequestMode.Setup);
req.ReturnTo = RPUri;
var anonReq = new AnonymousRequest(op, req);
Assert.IsFalse(anonReq.IsApproved.HasValue);
anonReq.IsApproved = false;
Assert.IsInstanceOf<NegativeAssertionResponse>(await anonReq.GetResponseAsync(CancellationToken.None));
anonReq.IsApproved = true;
Assert.IsInstanceOf<IndirectSignedResponse>(await anonReq.GetResponseAsync(CancellationToken.None));
Assert.IsNotInstanceOf<PositiveAssertionResponse>(await anonReq.GetResponseAsync(CancellationToken.None));
}
public void IsApprovedDeterminesReturnedMessage()
{
var op = CreateProvider();
Protocol protocol = Protocol.V20;
var req = new SignedResponseRequest(protocol.Version, OPUri, AuthenticationRequestMode.Setup);
req.ReturnTo = RPUri;
var anonReq = new AnonymousRequest(op, req);
Assert.IsFalse(anonReq.IsApproved.HasValue);
anonReq.IsApproved = false;
Assert.IsInstanceOfType(anonReq.Response, typeof(NegativeAssertionResponse));
anonReq.IsApproved = true;
Assert.IsInstanceOfType(anonReq.Response, typeof(IndirectSignedResponse));
Assert.IsNotInstanceOfType(anonReq.Response, typeof(PositiveAssertionResponse));
}
/// <summary>
/// Gets the incoming OpenID request if there is one, or null if none was detected.
/// </summary>
/// <param name="request">The incoming HTTP request to extract the message from.</param>
/// <param name="cancellationToken">The cancellation token.</param>
/// <returns>
/// The request that the hosting Provider should process and then transmit the response for.
/// Null if no valid OpenID request was detected in the given HTTP request.
/// </returns>
/// <exception cref="ProtocolException">Thrown if the incoming message is recognized
/// but deviates from the protocol specification irrecoverably.</exception>
/// <remarks>
/// Requests may be infrastructural to OpenID and allow auto-responses, or they may
/// be authentication requests where the Provider site has to make decisions based
/// on its own user database and policies.
/// </remarks>
public async Task <IRequest> GetRequestAsync(HttpRequestMessage request, CancellationToken cancellationToken = default(CancellationToken))
{
Requires.NotNull(request, "request");
IDirectedProtocolMessage incomingMessage = null;
try {
incomingMessage = await this.Channel.ReadFromRequestAsync(request, cancellationToken);
if (incomingMessage == null)
{
// If the incoming request does not resemble an OpenID message at all,
// it's probably a user who just navigated to this URL, and we should
// just return null so the host can display a message to the user.
if (request.Method == HttpMethod.Get && !request.RequestUri.QueryStringContainPrefixedParameters(Protocol.Default.openid.Prefix))
{
return(null);
}
ErrorUtilities.ThrowProtocol(MessagingStrings.UnexpectedMessageReceivedOfMany);
}
IRequest result = null;
var checkIdMessage = incomingMessage as CheckIdRequest;
if (checkIdMessage != null)
{
result = new AuthenticationRequest(this, checkIdMessage);
}
if (result == null)
{
var extensionOnlyRequest = incomingMessage as SignedResponseRequest;
if (extensionOnlyRequest != null)
{
result = new AnonymousRequest(this, extensionOnlyRequest);
}
}
if (result == null)
{
var checkAuthMessage = incomingMessage as CheckAuthenticationRequest;
if (checkAuthMessage != null)
{
result = new AutoResponsiveRequest(incomingMessage, new CheckAuthenticationResponseProvider(checkAuthMessage, this), this.SecuritySettings);
}
}
if (result == null)
{
var associateMessage = incomingMessage as IAssociateRequestProvider;
if (associateMessage != null)
{
result = new AutoResponsiveRequest(incomingMessage, AssociateRequestProviderTools.CreateResponse(associateMessage, this.AssociationStore, this.SecuritySettings), this.SecuritySettings);
}
}
if (result != null)
{
foreach (var behavior in this.Behaviors)
{
if (await behavior.OnIncomingRequestAsync(result, cancellationToken))
{
// This behavior matched this request.
break;
}
}
return(result);
}
throw ErrorUtilities.ThrowProtocol(MessagingStrings.UnexpectedMessageReceivedOfMany);
} catch (ProtocolException ex) {
IRequest errorResponse = this.GetErrorResponse(ex, request, incomingMessage);
if (errorResponse == null)
{
throw;
}
return(errorResponse);
}
}
/// <summary>
/// Gets the incoming OpenID request if there is one, or null if none was detected.
/// </summary>
/// <param name="httpRequestInfo">The incoming HTTP request to extract the message from.</param>
/// <returns>
/// The request that the hosting Provider should process and then transmit the response for.
/// Null if no valid OpenID request was detected in the given HTTP request.
/// </returns>
/// <remarks>
/// Requests may be infrastructural to OpenID and allow auto-responses, or they may
/// be authentication requests where the Provider site has to make decisions based
/// on its own user database and policies.
/// </remarks>
/// <exception cref="ProtocolException">Thrown if the incoming message is recognized
/// but deviates from the protocol specification irrecoverably.</exception>
public IRequest GetRequest(HttpRequestInfo httpRequestInfo) {
Contract.Requires<ArgumentNullException>(httpRequestInfo != null);
IDirectedProtocolMessage incomingMessage = null;
try {
incomingMessage = this.Channel.ReadFromRequest(httpRequestInfo);
if (incomingMessage == null) {
// If the incoming request does not resemble an OpenID message at all,
// it's probably a user who just navigated to this URL, and we should
// just return null so the host can display a message to the user.
if (httpRequestInfo.HttpMethod == "GET" && !httpRequestInfo.UrlBeforeRewriting.QueryStringContainPrefixedParameters(Protocol.Default.openid.Prefix)) {
return null;
}
ErrorUtilities.ThrowProtocol(MessagingStrings.UnexpectedMessageReceivedOfMany);
}
IRequest result = null;
var checkIdMessage = incomingMessage as CheckIdRequest;
if (checkIdMessage != null) {
result = new AuthenticationRequest(this, checkIdMessage);
}
if (result == null) {
var extensionOnlyRequest = incomingMessage as SignedResponseRequest;
if (extensionOnlyRequest != null) {
result = new AnonymousRequest(this, extensionOnlyRequest);
}
}
if (result == null) {
var checkAuthMessage = incomingMessage as CheckAuthenticationRequest;
if (checkAuthMessage != null) {
result = new AutoResponsiveRequest(incomingMessage, new CheckAuthenticationResponse(checkAuthMessage, this), this.SecuritySettings);
}
}
if (result == null) {
var associateMessage = incomingMessage as AssociateRequest;
if (associateMessage != null) {
result = new AutoResponsiveRequest(incomingMessage, associateMessage.CreateResponse(this.AssociationStore, this.SecuritySettings), this.SecuritySettings);
}
}
if (result != null) {
foreach (var behavior in this.Behaviors) {
if (behavior.OnIncomingRequest(result)) {
// This behavior matched this request.
break;
}
}
return result;
}
throw ErrorUtilities.ThrowProtocol(MessagingStrings.UnexpectedMessageReceivedOfMany);
} catch (ProtocolException ex) {
IRequest errorResponse = this.GetErrorResponse(ex, httpRequestInfo, incomingMessage);
if (errorResponse == null) {
throw;
}
return errorResponse;
}
}
/// <summary>
/// Gets the incoming OpenID request if there is one, or null if none was detected.
/// </summary>
/// <param name="httpRequestInfo">The incoming HTTP request to extract the message from.</param>
/// <returns>
/// The request that the hosting Provider should process and then transmit the response for.
/// Null if no valid OpenID request was detected in the given HTTP request.
/// </returns>
/// <remarks>
/// Requests may be infrastructural to OpenID and allow auto-responses, or they may
/// be authentication requests where the Provider site has to make decisions based
/// on its own user database and policies.
/// </remarks>
/// <exception cref="ProtocolException">Thrown if the incoming message is recognized
/// but deviates from the protocol specification irrecoverably.</exception>
public IRequest GetRequest(HttpRequestInfo httpRequestInfo)
{
Contract.Requires <ArgumentNullException>(httpRequestInfo != null);
IDirectedProtocolMessage incomingMessage = null;
try {
incomingMessage = this.Channel.ReadFromRequest(httpRequestInfo);
if (incomingMessage == null)
{
// If the incoming request does not resemble an OpenID message at all,
// it's probably a user who just navigated to this URL, and we should
// just return null so the host can display a message to the user.
if (httpRequestInfo.HttpMethod == "GET" && !httpRequestInfo.UrlBeforeRewriting.QueryStringContainPrefixedParameters(Protocol.Default.openid.Prefix))
{
return(null);
}
ErrorUtilities.ThrowProtocol(MessagingStrings.UnexpectedMessageReceivedOfMany);
}
IRequest result = null;
var checkIdMessage = incomingMessage as CheckIdRequest;
if (checkIdMessage != null)
{
result = new AuthenticationRequest(this, checkIdMessage);
}
if (result == null)
{
var extensionOnlyRequest = incomingMessage as SignedResponseRequest;
if (extensionOnlyRequest != null)
{
result = new AnonymousRequest(this, extensionOnlyRequest);
}
}
if (result == null)
{
var checkAuthMessage = incomingMessage as CheckAuthenticationRequest;
if (checkAuthMessage != null)
{
result = new AutoResponsiveRequest(incomingMessage, new CheckAuthenticationResponse(checkAuthMessage, this), this.SecuritySettings);
}
}
if (result == null)
{
var associateMessage = incomingMessage as AssociateRequest;
if (associateMessage != null)
{
result = new AutoResponsiveRequest(incomingMessage, associateMessage.CreateResponse(this.AssociationStore, this.SecuritySettings), this.SecuritySettings);
}
}
if (result != null)
{
foreach (var behavior in this.Behaviors)
{
if (behavior.OnIncomingRequest(result))
{
// This behavior matched this request.
break;
}
}
return(result);
}
throw ErrorUtilities.ThrowProtocol(MessagingStrings.UnexpectedMessageReceivedOfMany);
} catch (ProtocolException ex) {
IRequest errorResponse = this.GetErrorResponse(ex, httpRequestInfo, incomingMessage);
if (errorResponse == null)
{
throw;
}
return(errorResponse);
}
}
/// <summary>
/// Gets the incoming OpenID request if there is one, or null if none was detected.
/// </summary>
/// <param name="request">The incoming HTTP request to extract the message from.</param>
/// <param name="cancellationToken">The cancellation token.</param>
/// <returns>
/// The request that the hosting Provider should process and then transmit the response for.
/// Null if no valid OpenID request was detected in the given HTTP request.
/// </returns>
/// <exception cref="ProtocolException">Thrown if the incoming message is recognized
/// but deviates from the protocol specification irrecoverably.</exception>
/// <remarks>
/// Requests may be infrastructural to OpenID and allow auto-responses, or they may
/// be authentication requests where the Provider site has to make decisions based
/// on its own user database and policies.
/// </remarks>
public async Task<IRequest> GetRequestAsync(HttpRequestMessage request, CancellationToken cancellationToken = default(CancellationToken)) {
Requires.NotNull(request, "request");
IDirectedProtocolMessage incomingMessage = null;
try {
incomingMessage = await this.Channel.ReadFromRequestAsync(request, cancellationToken);
if (incomingMessage == null) {
// If the incoming request does not resemble an OpenID message at all,
// it's probably a user who just navigated to this URL, and we should
// just return null so the host can display a message to the user.
if (request.Method == HttpMethod.Get && !request.RequestUri.QueryStringContainPrefixedParameters(Protocol.Default.openid.Prefix)) {
return null;
}
ErrorUtilities.ThrowProtocol(MessagingStrings.UnexpectedMessageReceivedOfMany);
}
IRequest result = null;
var checkIdMessage = incomingMessage as CheckIdRequest;
if (checkIdMessage != null) {
result = new AuthenticationRequest(this, checkIdMessage);
}
if (result == null) {
var extensionOnlyRequest = incomingMessage as SignedResponseRequest;
if (extensionOnlyRequest != null) {
result = new AnonymousRequest(this, extensionOnlyRequest);
}
}
if (result == null) {
var checkAuthMessage = incomingMessage as CheckAuthenticationRequest;
if (checkAuthMessage != null) {
result = new AutoResponsiveRequest(incomingMessage, new CheckAuthenticationResponseProvider(checkAuthMessage, this), this.SecuritySettings);
}
}
if (result == null) {
var associateMessage = incomingMessage as IAssociateRequestProvider;
if (associateMessage != null) {
result = new AutoResponsiveRequest(incomingMessage, AssociateRequestProviderTools.CreateResponse(associateMessage, this.AssociationStore, this.SecuritySettings), this.SecuritySettings);
}
}
if (result != null) {
foreach (var behavior in this.Behaviors) {
if (await behavior.OnIncomingRequestAsync(result, cancellationToken)) {
// This behavior matched this request.
break;
}
}
return result;
}
throw ErrorUtilities.ThrowProtocol(MessagingStrings.UnexpectedMessageReceivedOfMany);
} catch (ProtocolException ex) {
IRequest errorResponse = this.GetErrorResponse(ex, request, incomingMessage);
if (errorResponse == null) {
throw;
}
return errorResponse;
}
}