Beispiel #1
0
        private static AuthRequest ParseIdentityInfo(FetchResponse response)
        {
            string server = null;
            string deleg = null;
            string rel, href;
            foreach (NameValueCollection attrs in LinkParser.ParseLinkAttrs(response.data, response.length, response.charset))
            {
            rel = attrs["rel"];
            if (rel != null)
            {
            href = attrs["href"];
            if (rel == "openid.server" && server == null)
            if (href != null)
                server = href;

            if (rel == "openid.delegate" && deleg == null)
            if (href != null)
                deleg = href;
            }
            }

            if (server == null)
            throw new ParseException();

            AuthRequest request = new AuthRequest();

            request.serverUri = UriUtil.NormalizeUri(server);

            if (deleg == null)
            request.serverId = response.finalUri;
            else
            request.serverId = UriUtil.NormalizeUri(deleg);

            return request;
        }
Beispiel #2
0
        private void GenToken(Uri consumerId, ref AuthRequest request)
        {
            string timestamp = DateTime.UtcNow.ToFileTimeUtc().ToString();

            MemoryStream ms = new MemoryStream();
            byte[] temp = ASCIIEncoding.ASCII.GetBytes(timestamp);
            ms.Write(temp, 0, temp.Length);
            ms.WriteByte(0);

            temp = ASCIIEncoding.ASCII.GetBytes(request.nonce);
            ms.Write(temp, 0, temp.Length);
            ms.WriteByte(0);

            temp = ASCIIEncoding.ASCII.GetBytes(consumerId.AbsoluteUri);
            ms.Write(temp, 0, temp.Length);
            ms.WriteByte(0);

            temp = ASCIIEncoding.ASCII.GetBytes(request.serverId.AbsoluteUri);
            ms.Write(temp, 0, temp.Length);
            ms.WriteByte(0);

            temp = ASCIIEncoding.ASCII.GetBytes(request.serverUri.AbsoluteUri);
            ms.Write(temp, 0, temp.Length);

            HMACSHA1 hmac = new HMACSHA1(this.store.AuthKey);
            byte[] hash = hmac.ComputeHash(ms);
            MemoryStream ms2 = new MemoryStream();
            ms2.Write(hash, 0, hash.Length);
            ms.WriteTo(ms2);
            request.token = CryptUtil.ToBase64String(ms2.ToArray());
        }
Beispiel #3
0
        /// <summary>
        ///  This method is called to construct the redirect URL sent
        ///  to the browser to ask the server to verify its identity.
        ///  The generated redirect should be sent to the browser
        ///  which initiated the authorization request.
        /// </summary>
        ///
        /// <param name="request">
        ///  An instance of <see cref="AuthRequest"/> as returned
        ///  from BeginAuth.
        /// </param>
        /// <param name="returnTo">
        ///  The URL the identity server should redirect back to.
        /// </param>
        /// <param name="trustRoot">
        ///  This represents the consumer to the identity server. For example,
        ///  an ASP application would probably send an absolute URL using
        ///  the Application path. The OpenId spec,
        ///  http://www.openid.net/specs.bml#mode-checkid_immediate, 
        ///  has more information on what the trust_root value is for
        ///  and what its form can be.
        /// </param>
        /// 
        /// <returns>
        ///  This method returns a <see cref="System.Uri"/>
        ///  representing the URL to redirect to when such a URL is
        ///  successfully constructed.
        /// </returns>
        public Uri CreateRedirect(Mode mode, AuthRequest request, Uri returnTo, string trustRoot)
        {
            Association assoc = GetAssociation(request.serverUri, true);

            UriBuilder redir = new UriBuilder(request.serverUri);
            UriUtil.AppendQueryArgument(redir, "openid.identity", request.serverId.AbsoluteUri);
            UriUtil.AppendQueryArgument(redir, "openid.return_to", returnTo.AbsoluteUri);
            UriUtil.AppendQueryArgument(redir, "openid.trust_root", trustRoot);

            switch (mode) {
            case Mode.IMMEDIATE:
            UriUtil.AppendQueryArgument(redir, "openid.mode", "checkid_immediate");
            break;
            case Mode.SETUP:
            UriUtil.AppendQueryArgument(redir, "openid.mode", "checkid_setup");
            break;
            }

            if (assoc != null)
            UriUtil.AppendQueryArgument(redir, "openid.assoc_handle", assoc.Handle);

            this.store.StoreNonce(request.nonce);

            return new Uri(redir.ToString(), true);
        }