public RedirectResult RedirectToAuthenticate(string providerKey)
{
// Which provider are we after?
// NOTE: We don't want to use the default callback route, so we're specifying our own route, here.
var settings = _authenticationService.GetAuthenticateServiceSettings(providerKey, Request.Url,
"home/authenticatecallback");
// For shits and giggles, we'll remember the referrer to highlight that we can
// redirect back to where we started, if we want to.
string referrer = null;
if (Request != null &&
Request.UrlReferrer != null &&
!string.IsNullOrEmpty(Request.UrlReferrer.AbsoluteUri))
{
referrer = Request.UrlReferrer.AbsoluteUri;
}
// Create the CRSF Token.
var token = _antiForgery.CreateToken(referrer);
settings.State = token.ToSend;
// Remember this token for when we are handling the callback.
var cookie = new HttpCookie(_antiForgery.DefaultCookieName)
{
Value = token.ToKeep, HttpOnly = true
};
Response.Cookies.Add(cookie);
// Determine the provider's end point Url we need to redirect to.
var uri = _authenticationService.RedirectToAuthenticationProvider(settings);
// Kthxgo!
return(Redirect(uri.AbsoluteUri));
}
public RedirectResult RedirectToProvider(RedirectToProviderInputModel inputModel)
{
if (!ModelState.IsValid)
{
throw new ArgumentException(
"Some binding errors occured. This means at least one Request value (eg. form post or querystring parameter) provided is invalid. Generally, we need a ProviderName as a string.");
}
if (string.IsNullOrEmpty(inputModel.ProviderKey))
{
throw new ArgumentException(
"ProviderKey value missing. You need to supply a valid provider key so we know where to redirect the user Eg. google.");
}
// Grab the required Provider settings.
var settings = AuthenticationService.GetAuthenticateServiceSettings(inputModel.ProviderKey,
Request.Url,
Url.CallbackFromOAuthProvider());
// An OpenId specific settings provided?
if (!string.IsNullOrEmpty(inputModel.Identifier) &&
settings is IOpenIdAuthenticationServiceSettings)
{
Uri identifier;
if (!Uri.TryCreate(inputModel.Identifier, UriKind.RelativeOrAbsolute, out identifier))
{
throw new ArgumentException(
"Indentifier value was not in the correct Uri format. Eg. http://myopenid.com or https://yourname.myopenid.com");
}
((IOpenIdAuthenticationServiceSettings)settings).Identifier = identifier;
}
// Our convention is to remember some redirect url once we are finished in the callback.
// NOTE: If no redirectUrl data has been provided, then default to the Referrer, if one exists.
string extraData = null;
if (RedirectUrl != null &&
!string.IsNullOrEmpty(RedirectUrl.AbsoluteUri))
{
// We have extra state information we will need to retrieve.
extraData = RedirectUrl.AbsoluteUri;
}
else if (Request != null &&
Request.UrlReferrer != null &&
!string.IsNullOrEmpty(Request.UrlReferrer.AbsoluteUri))
{
extraData = Request.UrlReferrer.AbsoluteUri;
}
// Generate a token pair.
var token = _antiForgery.CreateToken(extraData);
// Put the "ToSend" value in the state parameter to send along to the OAuth Provider.
settings.State = token.ToSend;
// Serialize the ToKeep value in the cookie.
SerializeToken(Response, token.ToKeep);
// Determine the provider's end point Url we need to redirect to.
var uri = AuthenticationService.RedirectToAuthenticationProvider(settings);
// Kthxgo!
return(Redirect(uri.AbsoluteUri));
}