public void Setup()
{
CheckIdRequest request = new CheckIdRequest(Protocol.V20.Version, OPUri, AuthenticationRequestMode.Immediate);
request.ReturnTo = RPUri;
this.response = new IndirectErrorResponse(request);
}
/// <summary>
/// Analyzes an incoming request message payload to discover what kind of
/// message is embedded in it and returns the type, or null if no match is found.
/// </summary>
/// <param name="recipient">The intended or actual recipient of the request message.</param>
/// <param name="fields">The name/value pairs that make up the message payload.</param>
/// <returns>
/// A newly instantiated <see cref="IProtocolMessage"/>-derived object that this message can
/// deserialize to. Null if the request isn't recognized as a valid protocol message.
/// </returns>
public IDirectedProtocolMessage GetNewRequestMessage(MessageReceivingEndpoint recipient, IDictionary <string, string> fields)
{
RequestBase message = null;
// Discern the OpenID version of the message.
Protocol protocol = Protocol.V11;
string ns;
if (fields.TryGetValue(Protocol.V20.openid.ns, out ns))
{
ErrorUtilities.VerifyProtocol(string.Equals(ns, Protocol.OpenId2Namespace, StringComparison.Ordinal), MessagingStrings.UnexpectedMessagePartValue, Protocol.V20.openid.ns, ns);
protocol = Protocol.V20;
}
string mode;
if (fields.TryGetValue(protocol.openid.mode, out mode))
{
if (string.Equals(mode, protocol.Args.Mode.cancel) ||
(string.Equals(mode, protocol.Args.Mode.setup_needed) && (protocol.Version.Major >= 2 || fields.ContainsKey(protocol.openid.user_setup_url))))
{
message = new NegativeAssertionResponse(protocol.Version, recipient.Location, mode);
}
else if (string.Equals(mode, protocol.Args.Mode.id_res))
{
if (fields.ContainsKey(protocol.openid.identity))
{
message = new PositiveAssertionResponse(protocol.Version, recipient.Location);
}
else
{
ErrorUtilities.VerifyProtocol(!fields.ContainsKey(protocol.openid.claimed_id), OpenIdStrings.IdentityAndClaimedIdentifierMustBeBothPresentOrAbsent);
message = new IndirectSignedResponse(protocol.Version, recipient.Location);
}
}
else if (string.Equals(mode, protocol.Args.Mode.error))
{
message = new IndirectErrorResponse(protocol.Version, recipient.Location);
}
else
{
ErrorUtilities.ThrowProtocol(MessagingStrings.UnexpectedMessagePartValue, protocol.openid.mode, mode);
}
}
if (message != null)
{
message.SetAsIncoming();
}
return(message);
}
/// <summary>
/// Prepares the return value for the GetRequest method in the event of an exception.
/// </summary>
/// <param name="ex">The exception that forms the basis of the error response. Must not be null.</param>
/// <param name="request">The incoming HTTP request. Must not be null.</param>
/// <param name="incomingMessage">The incoming message. May be null in the case that it was malformed.</param>
/// <returns>
/// Either the <see cref="IRequest"/> to return to the host site or null to indicate no response could be reasonably created and that the caller should rethrow the exception.
/// </returns>
private IRequest GetErrorResponse(ProtocolException ex, HttpRequestMessage request, IDirectedProtocolMessage incomingMessage)
{
Requires.NotNull(ex, "ex");
Requires.NotNull(request, "request");
Logger.OpenId.ErrorException("An exception was generated while processing an incoming OpenID request.", ex);
IErrorMessage errorMessage;
// We must create the appropriate error message type (direct vs. indirect)
// based on what we see in the request.
string returnTo = HttpUtility.ParseQueryString(request.RequestUri.Query)[Protocol.Default.openid.return_to];
if (returnTo != null)
{
// An indirect request message from the RP
// We need to return an indirect response error message so the RP can consume it.
// Consistent with OpenID 2.0 section 5.2.3.
var indirectRequest = incomingMessage as SignedResponseRequest;
if (indirectRequest != null)
{
errorMessage = new IndirectErrorResponse(indirectRequest);
}
else
{
errorMessage = new IndirectErrorResponse(Protocol.Default.Version, new Uri(returnTo));
}
}
else if (request.Method == HttpMethod.Post)
{
// A direct request message from the RP
// We need to return a direct response error message so the RP can consume it.
// Consistent with OpenID 2.0 section 5.1.2.2.
errorMessage = new DirectErrorResponse(Protocol.Default.Version, incomingMessage);
}
else
{
// This may be an indirect request from an RP that was so badly
// formed that we cannot even return an error to the RP.
// The best we can do is display an error to the user.
// Returning null cues the caller to "throw;"
return(null);
}
errorMessage.ErrorMessage = ex.ToStringDescriptive();
// Allow host to log this error and issue a ticket #.
// We tear off the field to a local var for thread safety.
IErrorReporting hostErrorHandler = this.ErrorReporting;
if (hostErrorHandler != null)
{
errorMessage.Contact = hostErrorHandler.Contact;
errorMessage.Reference = hostErrorHandler.LogError(ex);
}
if (incomingMessage != null)
{
return(new AutoResponsiveRequest(incomingMessage, errorMessage, this.SecuritySettings));
}
else
{
return(new AutoResponsiveRequest(errorMessage, this.SecuritySettings));
}
}
/// <summary>
/// Analyzes an incoming request message payload to discover what kind of
/// message is embedded in it and returns the type, or null if no match is found.
/// </summary>
/// <param name="recipient">The intended or actual recipient of the request message.</param>
/// <param name="fields">The name/value pairs that make up the message payload.</param>
/// <returns>
/// A newly instantiated <see cref="IProtocolMessage"/>-derived object that this message can
/// deserialize to. Null if the request isn't recognized as a valid protocol message.
/// </returns>
public IDirectedProtocolMessage GetNewRequestMessage(MessageReceivingEndpoint recipient, IDictionary <string, string> fields)
{
ErrorUtilities.VerifyArgumentNotNull(recipient, "recipient");
ErrorUtilities.VerifyArgumentNotNull(fields, "fields");
RequestBase message = null;
// Discern the OpenID version of the message.
Protocol protocol = Protocol.V11;
string ns;
if (fields.TryGetValue(Protocol.V20.openid.ns, out ns))
{
ErrorUtilities.VerifyProtocol(string.Equals(ns, Protocol.OpenId2Namespace, StringComparison.Ordinal), MessagingStrings.UnexpectedMessagePartValue, Protocol.V20.openid.ns, ns);
protocol = Protocol.V20;
}
string mode;
if (fields.TryGetValue(protocol.openid.mode, out mode))
{
if (string.Equals(mode, protocol.Args.Mode.associate))
{
if (fields.ContainsKey(protocol.openid.dh_consumer_public))
{
message = new AssociateDiffieHellmanRequest(protocol.Version, recipient.Location);
}
else
{
message = new AssociateUnencryptedRequest(protocol.Version, recipient.Location);
}
}
else if (string.Equals(mode, protocol.Args.Mode.checkid_setup) ||
string.Equals(mode, protocol.Args.Mode.checkid_immediate))
{
AuthenticationRequestMode authMode = string.Equals(mode, protocol.Args.Mode.checkid_immediate) ? AuthenticationRequestMode.Immediate : AuthenticationRequestMode.Setup;
if (fields.ContainsKey(protocol.openid.identity))
{
message = new CheckIdRequest(protocol.Version, recipient.Location, authMode);
}
else
{
message = new SignedResponseRequest(protocol.Version, recipient.Location, authMode);
}
}
else if (string.Equals(mode, protocol.Args.Mode.cancel) ||
(string.Equals(mode, protocol.Args.Mode.setup_needed) && (protocol.Version.Major >= 2 || fields.ContainsKey(protocol.openid.user_setup_url))))
{
message = new NegativeAssertionResponse(protocol.Version, recipient.Location, mode);
}
else if (string.Equals(mode, protocol.Args.Mode.id_res))
{
if (fields.ContainsKey(protocol.openid.identity))
{
message = new PositiveAssertionResponse(protocol.Version, recipient.Location);
}
else
{
message = new IndirectSignedResponse(protocol.Version, recipient.Location);
}
}
else if (string.Equals(mode, protocol.Args.Mode.check_authentication))
{
message = new CheckAuthenticationRequest(protocol.Version, recipient.Location);
}
else if (string.Equals(mode, protocol.Args.Mode.error))
{
message = new IndirectErrorResponse(protocol.Version, recipient.Location);
}
else
{
ErrorUtilities.ThrowProtocol(MessagingStrings.UnexpectedMessagePartValue, protocol.openid.mode, mode);
}
}
if (message != null)
{
message.SetAsIncoming();
}
return(message);
}
/// <summary>
/// Prepares the return value for the GetRequest method in the event of an exception.
/// </summary>
/// <param name="ex">The exception that forms the basis of the error response. Must not be null.</param>
/// <param name="httpRequestInfo">The incoming HTTP request. Must not be null.</param>
/// <param name="incomingMessage">The incoming message. May be null in the case that it was malformed.</param>
/// <returns>
/// Either the <see cref="IRequest"/> to return to the host site or null to indicate no response could be reasonably created and that the caller should rethrow the exception.
/// </returns>
private IRequest GetErrorResponse(ProtocolException ex, HttpRequestInfo httpRequestInfo, IDirectedProtocolMessage incomingMessage)
{
ErrorUtilities.VerifyArgumentNotNull(ex, "ex");
ErrorUtilities.VerifyArgumentNotNull(httpRequestInfo, "httpRequestInfo");
Logger.Error("An exception was generated while processing an incoming OpenID request.", ex);
IErrorMessage errorMessage;
// We must create the appropriate error message type (direct vs. indirect)
// based on what we see in the request.
if (httpRequestInfo.QueryString[Protocol.Default.openid.return_to] != null)
{
// An indirect request message from the RP
// We need to return an indirect response error message so the RP can consume it.
// Consistent with OpenID 2.0 section 5.2.3.
var indirectRequest = incomingMessage as SignedResponseRequest;
if (indirectRequest != null)
{
errorMessage = new IndirectErrorResponse(indirectRequest);
}
else
{
errorMessage = new IndirectErrorResponse(Protocol.Default.Version, new Uri(httpRequestInfo.QueryString[Protocol.Default.openid.return_to]));
}
}
else if (httpRequestInfo.HttpMethod == "POST")
{
// A direct request message from the RP
// We need to return a direct response error message so the RP can consume it.
// Consistent with OpenID 2.0 section 5.1.2.2.
errorMessage = new DirectErrorResponse(Protocol.Default.Version, incomingMessage);
}
else
{
// This may be an indirect request from an RP that was so badly
// formed that we cannot even return an error to the RP.
// The best we can do is display an error to the user.
// Returning null cues the caller to "throw;"
return(null);
}
errorMessage.ErrorMessage = ex.GetAllMessages();
// Allow host to log this error and issue a ticket #.
// We tear off the field to a local var for thread safety.
IErrorReporting hostErrorHandler = this.ErrorReporting;
if (hostErrorHandler != null)
{
errorMessage.Contact = hostErrorHandler.Contact;
errorMessage.Reference = hostErrorHandler.LogError(ex);
}
if (incomingMessage != null)
{
return(new AutoResponsiveRequest(this, incomingMessage, errorMessage));
}
else
{
return(new AutoResponsiveRequest(this, errorMessage));
}
}
