/// <summary>
/// Checks for incoming OpenID requests, responds to ones it can
/// respond to without policy checks, and fires events for custom
/// handling of the ones it cannot decide on automatically.
/// </summary>
/// <param name="e">The <see cref="T:System.EventArgs"/> object that contains the event data.</param>
protected override void OnLoad(EventArgs e)
{
base.OnLoad(e);
if (this.Enabled)
{
// Use the explicitly given state store on this control if there is one.
// Then try the configuration file specified one. Finally, use the default
// in-memory one that's built into OpenIdProvider.
using (OpenIdProvider provider = new OpenIdProvider(this.CustomApplicationStore ?? DotNetOpenAuthSection.Configuration.OpenId.Provider.ApplicationStore.CreateInstance(OpenIdProvider.HttpApplicationStore))) {
// determine what incoming message was received
IRequest request = provider.GetRequest();
if (request != null)
{
// process the incoming message appropriately and send the response
if (!request.IsResponseReady)
{
var idrequest = (IAuthenticationRequest)request;
PendingAuthenticationRequest = idrequest;
this.OnAuthenticationChallenge(idrequest);
}
else
{
PendingAuthenticationRequest = null;
}
if (request.IsResponseReady)
{
request.Response.Send();
Page.Response.End();
PendingAuthenticationRequest = null;
}
}
}
}
}
public ActionResult Provider()
{
IRequest request = OpenIdProvider.GetRequest();
if (request != null)
{
// Some requests are automatically handled by DotNetOpenAuth. If this is one, go ahead and let it go.
if (request.IsResponseReady)
{
return(OpenIdProvider.PrepareResponse(request).AsActionResult());
}
// This is apparently one that the host (the web site itself) has to respond to.
ProviderEndpoint.PendingRequest = (IHostProcessedRequest)request;
// Try responding immediately if possible.
ActionResult response;
if (this.AutoRespondIfPossible(out response))
{
return(response);
}
// We can't respond immediately with a positive result. But if we still have to respond immediately...
if (ProviderEndpoint.PendingRequest.Immediate)
{
// We can't stop to prompt the user -- we must just return a negative response.
return(this.SendAssertion());
}
return(this.RedirectToAction("SilentAccept"));
//return this.RedirectToAction("AskUser");
}
else
{
// No OpenID request was recognized. This may be a user that stumbled on the OP Endpoint.
return(this.View());
}
}
/// <summary>
/// A default implementation of a simple provider that responds to authentication requests
/// per the scenario that is being simulated.
/// </summary>
/// <param name="provider">The OpenIdProvider on which the process messages.</param>
/// <remarks>
/// This is a very useful method to pass to the OpenIdCoordinator constructor for the Provider argument.
/// </remarks>
internal void AutoProvider(OpenIdProvider provider) {
while (!((CoordinatingChannel)provider.Channel).RemoteChannel.IsDisposed) {
IRequest request = provider.GetRequest();
if (request == null) {
continue;
}
if (!request.IsResponseReady) {
var authRequest = (DotNetOpenAuth.OpenId.Provider.IAuthenticationRequest)request;
switch (this.AutoProviderScenario) {
case Scenarios.AutoApproval:
authRequest.IsAuthenticated = true;
break;
case Scenarios.AutoApprovalAddFragment:
authRequest.SetClaimedIdentifierFragment("frag");
authRequest.IsAuthenticated = true;
break;
case Scenarios.ApproveOnSetup:
authRequest.IsAuthenticated = !authRequest.Immediate;
break;
case Scenarios.AlwaysDeny:
authRequest.IsAuthenticated = false;
break;
default:
// All other scenarios are done programmatically only.
throw new InvalidOperationException("Unrecognized scenario");
}
}
provider.Respond(request);
}
}
public ActionResult Provider()
{
IRequest request = OpenIdProvider.GetRequest();
if (request != null)
{
var authRequest = request as IAuthenticationRequest;
if (authRequest != null)
{
// Hack: loads of people seem to jack up discovery and send the claimed id as the local id
// or maybe that's to "spec", for some definition of the OpenID Spec...
if (Current.LoggedInUser != null)
{
var localId = authRequest.LocalIdentifier;
if (localId != null && NobodyClaims(localId.ToString()))
{
Current.LogException(new Exception("Rewrote [" + localId.ToString() + "]"));
authRequest.LocalIdentifier = Current.LoggedInUser.GetClaimedIdentifier();
}
}
var sendAssertion = Current.LoggedInUser != null &&
(authRequest.IsDirectedIdentity || this.UserControlsIdentifier(authRequest));
if (sendAssertion)
{
if (!Current.LoggedInUser.HasGrantedAuthorization(authRequest.Realm.Host))
{
var session = CreationSession(authRequest);
return
(SafeRedirect(
(Func <string, ActionResult>)(new AccountController()).PromptForAuthorization,
new
{
session
}
));
}
// We know who the user is, and how to respond
return(this.SendAssertion(authRequest));
}
else
{
// A logged in user is trying to auth as somebody else.
// Proper response here is going to be to log them out, so they can log in.
if (Current.LoggedInUser != null)
{
Current.LoggedInUser.Logout(Current.Now);
}
// Stash the pending request into cache until they have
var session = CreationSession(authRequest);
return
(SafeRedirect(
(Func <string, ActionResult>)(new AccountController()).Login,
new
{
session
}
));
}
}
if (request.IsResponseReady)
{
var resp = OpenIdProvider.PrepareResponse(request).AsActionResult();
return(resp);
}
else
{
return
(SafeRedirect(
(Func <string, ActionResult>)(new AccountController()).Login
));
}
}
else
{
return(NotFound());
}
}
