public bool ValidateSignature(HttpRequest request)
{
StringBuilder sb = new StringBuilder();
string[] keys = request.Params.AllKeys;
bool not_first = false;
string signed_fields = request.Params["openid.signed"];
if (signed_fields.IndexOf("claimed_id") < 0 || signed_fields.IndexOf("return_to") < 0)
{
return(false);
}
if (!request.Params["openid.return_to"].StartsWith(Domain))
{
return(false);
}
for (int i = 0; i < keys.Length; i++)
{
if (not_first)
{
sb.Append("&");
}
if (keys[i].StartsWith("openid."))
{
if (keys[i] == "openid.mode")
{
sb.Append(keys[i] + "=check_authentication");
}
else
{
sb.Append(keys[i] + "=" + request.Params[keys[i]]);
}
not_first = true;
}
}
HttpWebResponse response = HTTPComm.HttpReq(endpointUrl, sb.ToString(), "POST");
string result = HTTPComm.HttpPost(endpointUrl, sb.ToString());
if (result.Contains("is_valid:true\n"))
{
return(true);
}
return(false);
}
public static void respond(Message msg, HttpResponse response)
{
Dictionary <string, string> dict = new Dictionary <string, string>();
dict.Add("SymT", msg.SymT);
dict.Add("SignedBy", msg.SignedBy);
dict.Add("LargestParty", msg.largestParty);
dict.Add("Value", msg.value.ToString());
dict.Add("Certified", msg.certified.ToString());
XmlDocument doc = HTTPComm.GenerateXML(dict);
response.StatusCode = 200;
response.ContentType = "text/xml"; //must be 'text/xml'
response.ContentEncoding = System.Text.Encoding.UTF8; //we'd like UTF-8
doc.Save(response.Output);
}
