private void AddUser(string name, string openId, string email)
{
var user = new User
{
Name = name,
OpenId = openId,
SignupDate = DateTime.Now,
Email = email
};
_users.Add(user);
_userRepository.Save(user);
}
public Profile(User user)
{
Username = user.Name;
}
//
// Get: /Authentication/Login/openid
public ActionResult Authenticate()
{
using (var relayingParty = new OpenIdRelyingParty())
{
var response = relayingParty.GetResponse();
if (response == null)
{
// Stage 2: user submitting Identifier
var openId = Request.Form["openid_identifier"];
var req = relayingParty.CreateRequest(openId);
req.AddExtension(new ClaimsRequest
{
Email = DemandLevel.Require,
FullName = DemandLevel.Require,
Nickname = DemandLevel.Request,
});
req.RedirectToProvider();
// todo - http://stackoverflow.com/questions/2724455/iauthenticationrequest-redirecttoprovider-is-not-supposed-to-return-yet-it-does
throw new Exception("Never gets here");
}
// Stage 3: OpenID Provider sending assertion response
switch (response.Status)
{
case AuthenticationStatus.Authenticated:
var claimedIdentifier = response.ClaimedIdentifier;
var user = Users.FindByOpenId(claimedIdentifier);
if (user != null)
{
// login
return RedirectFromLoginPage(user);
}
// register
var sreg = response.GetExtension<ClaimsResponse>();
if (sreg != null)
{
// todo (sreg has always been null when I tried to debug this)
// the Provider MAY not provide anything
// and even if it does, any of these attributes MAY be missing
var email = sreg.Email;
var fullName = sreg.FullName;
// get the rest of the attributes, and store them off somewhere.
}
var username = FixUsername(response.FriendlyIdentifierForDisplay);
user = new User
{
Name = username,
OpenId = claimedIdentifier,
SignupDate = DateTime.Now
};
Users.Save(user);
return RedirectFromLoginPage(user);
case AuthenticationStatus.Canceled:
ViewData["Message"] = "Canceled at provider";
// todo
return View("Login");
case AuthenticationStatus.Failed:
ViewData["Message"] = response.Exception.Message;
// todo
return View("Login");
default:
throw new Exception("Unknown status");
}
}
}
private ActionResult RedirectFromLoginPage(User user)
{
var returnUrl = Request.QueryString["ReturnURL"];
switch (returnUrl)
{
case null:
case "":
case "/":
FormsAuthentication.SetAuthCookie(user.Id.ToString(), true); //not set cookie
return RedirectToAction("Index", "Home");
}
FormsAuthentication.RedirectFromLoginPage(user.Id.ToString(), true);
return new EmptyResult();
}
private ActionResult LoginAsUser(string openID, IAuthenticationResponse response)
{
var user = Users.FindByOpenId(openID);
if (user != null)
{
// login
return RedirectFromLoginPage(user);
}
// register
if (response == null)
{
// handle non-open id (e.g. guest account)
user = new User
{
Name = "Guest",
OpenId = openID,
SignupDate = DateTime.Now
};
Users.Save(user);
return RedirectFromLoginPage(user);
}
var sreg = response.GetExtension<ClaimsResponse>();
if (sreg != null)
{
// todo (sreg has always been null when I tried to debug this)
// the Provider MAY not provide anything
// and even if it does, any of these attributes MAY be missing
var email = sreg.Email;
var fullName = sreg.FullName;
// get the rest of the attributes, and store them off somewhere.
}
var username = FixUsername(response.FriendlyIdentifierForDisplay);
user = new User
{
Name = username,
OpenId = openID,
SignupDate = DateTime.Now
};
Users.Save(user);
return RedirectFromLoginPage(user);
}
public override void SetupCore()
{
_user = CreateUser();
_userRepository.Save(_user);
}
