public async Task UserSetupUrl() { // Construct a V1 immediate request Protocol protocol = Protocol.V11; OpenIdProvider provider = this.CreateProvider(); var immediateRequest = new CheckIdRequest(protocol.Version, OPUri, DotNetOpenAuth.OpenId.AuthenticationRequestMode.Immediate); immediateRequest.Realm = RPRealmUri; immediateRequest.ReturnTo = RPUri; immediateRequest.LocalIdentifier = "http://somebody"; var request = new AuthenticationRequest(provider, immediateRequest); // Now simulate the request being rejected and extract the user_setup_url request.IsAuthenticated = false; Uri userSetupUrl = ((NegativeAssertionResponse)await request.GetResponseAsync(CancellationToken.None)).UserSetupUrl; Assert.IsNotNull(userSetupUrl); // Now construct a new request as if it had just come in. var httpRequest = new HttpRequestMessage(HttpMethod.Get, userSetupUrl); var setupRequest = (AuthenticationRequest)await provider.GetRequestAsync(httpRequest); var setupRequestMessage = (CheckIdRequest)setupRequest.RequestMessage; // And make sure all the right properties are set. Assert.IsFalse(setupRequestMessage.Immediate); Assert.AreEqual(immediateRequest.Realm, setupRequestMessage.Realm); Assert.AreEqual(immediateRequest.ReturnTo, setupRequestMessage.ReturnTo); Assert.AreEqual(immediateRequest.LocalIdentifier, setupRequestMessage.LocalIdentifier); Assert.AreEqual(immediateRequest.Version, setupRequestMessage.Version); }
public void RelyingPartyVersion() { Protocol simulatedVersion = Protocol.v11; UriIdentifier id = TestSupport.GetIdentityUrl(TestSupport.Scenarios.AutoApproval, simulatedVersion.ProtocolVersion); // make up some OpenID 1.x looking message... NameValueCollection rp10Request = new NameValueCollection(); rp10Request[simulatedVersion.openid.mode] = simulatedVersion.Args.Mode.checkid_immediate; rp10Request[simulatedVersion.openid.identity] = id; rp10Request[simulatedVersion.openid.return_to] = TestSupport.ReturnTo.AbsoluteUri; rp10Request[simulatedVersion.openid.Realm] = TestSupport.Realm; OpenIdProvider op = TestSupport.CreateProvider(rp10Request); Assert.AreEqual(simulatedVersion.ProtocolVersion, ((DotNetOpenId.Provider.IAuthenticationRequest)op.Request).RelyingPartyVersion); // Verify V2.0 reporting. var rp20Request = TestSupport.CreateRelyingPartyRequest(true, TestSupport.Scenarios.AutoApproval, ProtocolVersion.V20); TestSupport.CreateRelyingPartyResponseThroughProvider(rp20Request, opReq => { Assert.AreEqual(ProtocolVersion.V20, opReq.RelyingPartyVersion); opReq.IsAuthenticated = true; }); }
public void UserSetupUrl() { // Construct a V1 immediate request Protocol protocol = Protocol.V11; OpenIdProvider provider = this.CreateProvider(); CheckIdRequest immediateRequest = new CheckIdRequest(protocol.Version, OPUri, DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequestMode.Immediate); immediateRequest.Realm = RPRealmUri; immediateRequest.ReturnTo = RPUri; immediateRequest.LocalIdentifier = "http://somebody"; AuthenticationRequest request = new AuthenticationRequest(provider, immediateRequest); // Now simulate the request being rejected and extract the user_setup_url request.IsAuthenticated = false; Uri userSetupUrl = ((NegativeAssertionResponse)request.Response).UserSetupUrl; Assert.IsNotNull(userSetupUrl); // Now construct a new request as if it had just come in. HttpRequestInfo httpRequest = new HttpRequestInfo { UrlBeforeRewriting = userSetupUrl }; var setupRequest = AuthenticationRequest_Accessor.AttachShadow(provider.GetRequest(httpRequest)); CheckIdRequest_Accessor setupRequestMessage = setupRequest.RequestMessage; // And make sure all the right properties are set. Assert.IsFalse(setupRequestMessage.Immediate); Assert.AreEqual(immediateRequest.Realm, setupRequestMessage.Realm); Assert.AreEqual(immediateRequest.ReturnTo, setupRequestMessage.ReturnTo); Assert.AreEqual(immediateRequest.LocalIdentifier, setupRequestMessage.LocalIdentifier); Assert.AreEqual(immediateRequest.Version, setupRequestMessage.Version); }
public async Task UnsolicitedAssertion() { var opStore = new MemoryCryptoKeyAndNonceStore(); Handle(RPUri).By( async req => { var rp = new OpenIdRelyingParty(new MemoryCryptoKeyAndNonceStore(), this.HostFactories); IAuthenticationResponse response = await rp.GetResponseAsync(req); Assert.That(response, Is.Not.Null); Assert.AreEqual(AuthenticationStatus.Authenticated, response.Status); return(new HttpResponseMessage()); }); Handle(OPUri).By( async(req, ct) => { var op = new OpenIdProvider(opStore, this.HostFactories); return(await this.AutoProviderActionAsync(op, req, ct)); }); this.RegisterMockRPDiscovery(ssl: false); { var op = new OpenIdProvider(opStore, this.HostFactories); Identifier id = GetMockIdentifier(ProtocolVersion.V20); var assertion = await op.PrepareUnsolicitedAssertionAsync(OPUri, RPRealmUri, id, OPLocalIdentifiers[0]); using (var httpClient = this.HostFactories.CreateHttpClient()) { using (var response = await httpClient.GetAsync(assertion.Headers.Location)) { response.EnsureSuccessStatusCode(); } } } }
public void RequestNullOnEmptyRequest() { OpenIdProvider op = new OpenIdProvider(new ProviderMemoryStore(), providerEndpoint, emptyRequestUrl, new NameValueCollection()); Assert.IsNull(op.Request); }
public async Task AssertionWithEndpointFilter() { var opStore = new MemoryCryptoKeyAndNonceStore(); Handle(RPUri).By( async req => { var rp = new OpenIdRelyingParty(new MemoryCryptoKeyAndNonceStore(), this.HostFactories); // Rig it to always deny the incoming OP rp.EndpointFilter = op => false; // Receive the unsolicited assertion var response = await rp.GetResponseAsync(req); Assert.That(response, Is.Not.Null); Assert.AreEqual(AuthenticationStatus.Failed, response.Status); return(new HttpResponseMessage()); }); this.RegisterAutoProvider(); { var op = new OpenIdProvider(opStore, this.HostFactories); Identifier id = GetMockIdentifier(ProtocolVersion.V20); var assertion = await op.PrepareUnsolicitedAssertionAsync(OPUri, GetMockRealm(false), id, id); using (var httpClient = this.HostFactories.CreateHttpClient()) { using (var response = await httpClient.GetAsync(assertion.Headers.Location)) { response.EnsureSuccessStatusCode(); } } } }
/// <summary> /// Creates a standard <see cref="OpenIdProvider"/> instance for general testing. /// </summary> /// <returns>The new instance.</returns> protected OpenIdProvider CreateProvider() { var op = new OpenIdProvider(new StandardProviderApplicationStore()); op.Channel.WebRequestHandler = this.MockResponder.MockWebRequestHandler; op.DiscoveryServices.Add(new MockIdentifierDiscoveryService()); return(op); }
/// <summary> /// Gets a default implementation of a simple provider that responds to authentication requests /// per the scenario that is being simulated. /// </summary> /// <remarks> /// This is a very useful method to pass to the OpenIdCoordinator constructor for the Provider argument. /// </remarks> internal void RegisterAutoProvider() { this.Handle(OPUri).By( async(req, ct) => { var provider = new OpenIdProvider(new MemoryCryptoKeyAndNonceStore(), this.HostFactories); return(await this.AutoProviderActionAsync(provider, req, ct)); }); }
public async Task ExtensionsAreIdentifiedAsSignedOrUnsigned() { Protocol protocol = Protocol.Default; var opStore = new MemoryCryptoKeyAndNonceStore(); int rpStep = 0; Handle(RPUri).By( async req => { var rp = new OpenIdRelyingParty(new MemoryCryptoKeyAndNonceStore(), this.HostFactories); RegisterMockExtension(rp.Channel); switch (++rpStep) { case 1: var response = await rp.Channel.ReadFromRequestAsync <IndirectSignedResponse>(req, CancellationToken.None); Assert.AreEqual(1, response.SignedExtensions.Count(), "Signed extension should have been received."); Assert.AreEqual(0, response.UnsignedExtensions.Count(), "No unsigned extension should be present."); break; case 2: response = await rp.Channel.ReadFromRequestAsync <IndirectSignedResponse>(req, CancellationToken.None); Assert.AreEqual(0, response.SignedExtensions.Count(), "No signed extension should have been received."); Assert.AreEqual(1, response.UnsignedExtensions.Count(), "Unsigned extension should have been received."); break; default: throw Assumes.NotReachable(); } return(new HttpResponseMessage()); }); Handle(OPUri).By( async req => { var op = new OpenIdProvider(opStore, this.HostFactories); return(await AutoProviderActionAsync(op, req, CancellationToken.None)); }); { var op = new OpenIdProvider(opStore, this.HostFactories); RegisterMockExtension(op.Channel); var redirectingResponse = await op.Channel.PrepareResponseAsync(this.CreateResponseWithExtensions(protocol)); using (var httpClient = this.HostFactories.CreateHttpClient()) { using (var response = await httpClient.GetAsync(redirectingResponse.Headers.Location)) { response.EnsureSuccessStatusCode(); } } op.SecuritySettings.SignOutgoingExtensions = false; redirectingResponse = await op.Channel.PrepareResponseAsync(this.CreateResponseWithExtensions(protocol)); using (var httpClient = this.HostFactories.CreateHttpClient()) { using (var response = await httpClient.GetAsync(redirectingResponse.Headers.Location)) { response.EnsureSuccessStatusCode(); } } } }
public static void Register(OpenIdProvider provider) { if (provider == null) { throw new ArgumentNullException("provider"); } provider.ExtensionFactories.Add(new Acme()); }
internal static OpenIdProvider CreateProvider(NameValueCollection fields, bool useSsl) { Protocol protocol = fields != null?Protocol.Detect(fields.ToDictionary()) : Protocol.v20; Uri opEndpoint = GetFullUrl(ProviderPage, null, useSsl); var provider = new OpenIdProvider(ProviderStore, opEndpoint, opEndpoint, fields ?? new NameValueCollection()); return(provider); }
/// <summary> /// Gets the URL of the RP icon for the OP to display. /// </summary> /// <param name="realm">The realm of the RP where the authentication request originated.</param> /// <param name="provider">The Provider instance used to obtain the authentication request.</param> /// <returns> /// A sequence of the RP's icons it has available for the Provider to display, in decreasing preferred order. /// </returns> /// <value>The icon URL.</value> /// <remarks> /// This property is automatically set for the OP with the result of RP discovery. /// RPs should set this value by including an entry such as this in their XRDS document. /// <example> /// <Service xmlns="xri://$xrd*($v*2.0)"> /// <Type>http://specs.openid.net/extensions/ui/icon</Type> /// <URI>http://consumer.example.com/images/image.jpg</URI> /// </Service> /// </example> /// </remarks> public static IEnumerable <Uri> GetRelyingPartyIconUrls(Realm realm, OpenIdProvider provider) { Contract.Requires(realm != null); Contract.Requires(provider != null); ErrorUtilities.VerifyArgumentNotNull(realm, "realm"); ErrorUtilities.VerifyArgumentNotNull(provider, "provider"); return(GetRelyingPartyIconUrls(realm, provider.Channel.WebRequestHandler)); }
internal static OpenIdProvider CreateProviderForRequest(DotNetOpenId.RelyingParty.IAuthenticationRequest request) { IResponse relyingPartyAuthenticationRequest = request.RedirectingResponse; var rpWebMessageToOP = (Response)relyingPartyAuthenticationRequest; var rpMessageToOP = (IndirectMessageRequest)rpWebMessageToOP.EncodableMessage; var opEndpoint = (ServiceEndpoint)request.Provider; var provider = new OpenIdProvider(ProviderStore, opEndpoint.ProviderEndpoint, opEndpoint.ProviderEndpoint, rpMessageToOP.EncodedFields.ToNameValueCollection()); return(provider); }
public override void SetUp() { base.SetUp(); this.protocol = Protocol.Default; this.provider = this.CreateProvider(); this.checkIdRequest = new CheckIdRequest(this.protocol.Version, OPUri, AuthenticationRequestMode.Setup); this.checkIdRequest.Realm = RPRealmUri; this.checkIdRequest.ReturnTo = RPUri; this.request = new AuthenticationRequest(this.provider, this.checkIdRequest); }
public IDictionary <string, string> SendDirectMessageAndGetResponse(ServiceEndpoint providerEndpoint, IDictionary <string, string> fields) { OpenIdProvider provider = new OpenIdProvider(providerStore, providerEndpoint.ProviderEndpoint, providerEndpoint.ProviderEndpoint, fields.ToNameValueCollection()); Debug.Assert(provider.Request.IsResponseReady, "Direct messages should always have an immediately available response."); Response webResponse = (Response)provider.Request.Response; EncodableResponse opAuthResponse = (EncodableResponse)webResponse.EncodableMessage; return(opAuthResponse.EncodedFields); }
public void BasicUnsolicitedAssertion() { Mocks.MockHttpRequest.RegisterMockRPDiscovery(); TestSupport.Scenarios scenario = TestSupport.Scenarios.AutoApproval; Identifier claimedId = TestSupport.GetMockIdentifier(scenario, ProtocolVersion.V20); Identifier localId = TestSupport.GetDelegateUrl(scenario); OpenIdProvider op = TestSupport.CreateProvider(null); IResponse assertion = op.PrepareUnsolicitedAssertion(TestSupport.Realm, claimedId, localId); var rpResponse = TestSupport.CreateRelyingPartyResponse(TestSupport.RelyingPartyStore, assertion); Assert.AreEqual(AuthenticationStatus.Authenticated, rpResponse.Status); Assert.AreEqual(claimedId, rpResponse.ClaimedIdentifier); }
protected void Page_Load(object sender, EventArgs e) { TestSupport.Scenarios scenario = (TestSupport.Scenarios)Enum.Parse(typeof(TestSupport.Scenarios), Request.QueryString["user"]); UriBuilder providerEndpoint = new UriBuilder(Request.Url); providerEndpoint.Query = "user="******"GET" ? Request.QueryString : Request.Form); if (provider.Request != null) { if (!provider.Request.IsResponseReady) { var idreq = provider.Request as IAuthenticationRequest; idreq.ClaimedIdentifier = new Uri(Request.Url, Page.ResolveUrl("~/DirectedIdentityEndpoint.aspx?user="******"&version=" + ProtocolVersion.V20)); switch (scenario) { case TestSupport.Scenarios.AutoApproval: // immediately approve idreq.IsAuthenticated = true; break; case TestSupport.Scenarios.AutoApprovalAddFragment: idreq.SetClaimedIdentifierFragment("frag"); idreq.IsAuthenticated = true; break; case TestSupport.Scenarios.ApproveOnSetup: idreq.IsAuthenticated = !idreq.Immediate; break; case TestSupport.Scenarios.AlwaysDeny: idreq.IsAuthenticated = false; break; case TestSupport.Scenarios.ExtensionFullCooperation: case TestSupport.Scenarios.ExtensionPartialCooperation: throw new NotImplementedException(); //idreq.IsAuthenticated = true; //break; default: throw new InvalidOperationException("Unrecognized scenario"); } } provider.Request.Response.Send(); } }
public void UnsolicitedAssertionWithBadCapitalization() { Mocks.MockHttpRequest.RegisterMockRPDiscovery(); TestSupport.Scenarios scenario = TestSupport.Scenarios.AutoApproval; Identifier claimedId = TestSupport.GetMockIdentifier(scenario, ProtocolVersion.V20); claimedId = claimedId.ToString().ToUpper(); // make all caps, which is not right Identifier localId = TestSupport.GetDelegateUrl(scenario); OpenIdProvider op = TestSupport.CreateProvider(null); IResponse assertion = op.PrepareUnsolicitedAssertion(TestSupport.Realm, claimedId, localId); var rpResponse = TestSupport.CreateRelyingPartyResponse(TestSupport.RelyingPartyStore, assertion); Assert.AreEqual(AuthenticationStatus.Failed, rpResponse.Status); }
private void SendAssertion(string relyingPartyRealm) { Uri providerEndpoint = new Uri(Request.Url, Page.ResolveUrl("~/server.aspx")); OpenIdProvider op = new OpenIdProvider(); try { // Send user input through identifier parser so we accept more free-form input. string rpSite = Identifier.Parse(relyingPartyRealm); op.PrepareUnsolicitedAssertion(providerEndpoint, rpSite, Util.BuildIdentityUrl(), Util.BuildIdentityUrl()).Send(); } catch (ProtocolException ex) { Label errorLabel = (Label)this.loginView.FindControl("errorLabel"); errorLabel.Visible = true; errorLabel.Text = ex.Message; } }
/// <summary> /// Initializes a new instance of the <see cref="CheckAuthenticationResponse"/> class /// for use by the Provider. /// </summary> /// <param name="request">The request that this message is responding to.</param> /// <param name="provider">The OpenID Provider that is preparing to send this response.</param> internal CheckAuthenticationResponse(CheckAuthenticationRequest request, OpenIdProvider provider) : base(request.Version, request) { ErrorUtilities.VerifyArgumentNotNull(provider, "provider"); // The channel's binding elements have already set the request's IsValid property // appropriately. We just copy it into the response message. this.IsValid = request.IsValid; // Confirm the RP should invalidate the association handle only if the association // really doesn't exist. OpenID 2.0 section 11.4.2.2. IndirectSignedResponse signedResponse = new IndirectSignedResponse(request); string invalidateHandle = ((ITamperResistantOpenIdMessage)signedResponse).InvalidateHandle; if (invalidateHandle != null && provider.AssociationStore.GetAssociation(AssociationRelyingPartyType.Smart, invalidateHandle) == null) { this.InvalidateHandle = invalidateHandle; } }
public void ProcessRequest(HttpContext context) { OpenIdProvider provider = new OpenIdProvider(); if (provider.Request != null) { // Some OpenID requests are automatable and can be responded to immediately. if (!provider.Request.IsResponseReady) { // But authentication requests cannot be responded to until something on // this site decides whether to approve or disapprove the authentication. var idrequest = (IAuthenticationRequest)provider.Request; // We store the authentication request in the user's session so that // redirects and user prompts can appear and eventually some page can decide // to respond to the OpenID authentication request either affirmatively or // negatively. ProviderEndpoint.PendingAuthenticationRequest = idrequest; // We delegate that approval process to our utility method that we share // with our other Provider sample page server.aspx. Util.ProcessAuthenticationChallenge(idrequest); // As part of authentication approval, the user may need to authenticate // to this Provider and/or decide whether to allow the requesting RP site // to log this user in. If any UI needs to be presented to the user, // the previous call to ProcessAuthenticationChallenge MAY not return // due to a redirect to some ASPX page. } else { // Some other automatable OpenID request is coming down, so clear // any previously session stored authentication request that might be // stored for this user. ProviderEndpoint.PendingAuthenticationRequest = null; } // Whether this was an automated message or an authentication message, // if there is a response ready to send back immediately, do so. if (provider.Request.IsResponseReady) { provider.Request.Response.Send(); ProviderEndpoint.PendingAuthenticationRequest = null; } } }
public void Serializable() { OpenIdProvider provider = this.CreateProvider(); CheckIdRequest immediateRequest = new CheckIdRequest(Protocol.Default.Version, OPUri, DotNetOpenAuth.OpenId.AuthenticationRequestMode.Immediate); immediateRequest.Realm = RPRealmUri; immediateRequest.ReturnTo = RPUri; immediateRequest.LocalIdentifier = "http://somebody"; AuthenticationRequest request = new AuthenticationRequest(provider, immediateRequest); MemoryStream ms = new MemoryStream(); IFormatter formatter = new BinaryFormatter(); formatter.Serialize(ms, request); ms.Position = 0; var req2 = (AuthenticationRequest)formatter.Deserialize(ms); Assert.That(req2, Is.Not.Null); }
/// <summary> /// A default implementation of a simple provider that responds to authentication requests /// per the scenario that is being simulated. /// </summary> /// <param name="provider">The OpenIdProvider on which the process messages.</param> /// <remarks> /// This is a very useful method to pass to the OpenIdCoordinator constructor for the Provider argument. /// </remarks> internal void AutoProvider(OpenIdProvider provider) { while (!((CoordinatingChannel)provider.Channel).RemoteChannel.IsDisposed) { IRequest request = provider.GetRequest(); if (request == null) { continue; } if (!request.IsResponseReady) { var authRequest = (DotNetOpenAuth.OpenId.Provider.IAuthenticationRequest)request; switch (this.AutoProviderScenario) { case Scenarios.AutoApproval: authRequest.IsAuthenticated = true; break; case Scenarios.AutoApprovalAddFragment: authRequest.SetClaimedIdentifierFragment("frag"); authRequest.IsAuthenticated = true; break; case Scenarios.ApproveOnSetup: authRequest.IsAuthenticated = !authRequest.Immediate; break; case Scenarios.AlwaysDeny: authRequest.IsAuthenticated = false; break; default: // All other scenarios are done programmatically only. throw new InvalidOperationException("Unrecognized scenario"); } } provider.SendResponse(request); } }
/// <summary> /// Gets a default implementation of a simple provider that responds to authentication requests /// per the scenario that is being simulated. /// </summary> /// <remarks> /// This is a very useful method to pass to the OpenIdCoordinator constructor for the Provider argument. /// </remarks> internal async Task <HttpResponseMessage> AutoProviderActionAsync(OpenIdProvider provider, HttpRequestMessage req, CancellationToken ct) { IRequest request = await provider.GetRequestAsync(req, ct); Assert.That(request, Is.Not.Null); if (!request.IsResponseReady) { var authRequest = (IAuthenticationRequest)request; switch (this.AutoProviderScenario) { case Scenarios.AutoApproval: authRequest.IsAuthenticated = true; break; case Scenarios.AutoApprovalAddFragment: authRequest.SetClaimedIdentifierFragment("frag"); authRequest.IsAuthenticated = true; break; case Scenarios.ApproveOnSetup: authRequest.IsAuthenticated = !authRequest.Immediate; break; case Scenarios.AlwaysDeny: authRequest.IsAuthenticated = false; break; default: // All other scenarios are done programmatically only. throw new InvalidOperationException("Unrecognized scenario"); } } return(await provider.PrepareResponseAsync(request, ct)); }
public override void SetUp() { base.SetUp(); SuspendLogging(); this.provider = CreateProvider(); }
public override void SetUp() { base.SetUp(); this.provider = this.CreateProvider(); }
/// <summary> /// Handles all GET and POST requests for OpenID identifier pages and endpoint /// server communication /// </summary> protected override void ProcessRequest( string path, Stream request, Stream response, IOSHttpRequest httpRequest, IOSHttpResponse httpResponse) { Uri providerEndpoint = new Uri(String.Format("{0}://{1}{2}", httpRequest.Url.Scheme, httpRequest.Url.Authority, httpRequest.Url.AbsolutePath)); // Defult to returning HTML content httpResponse.ContentType = ContentType; try { string forPost; using (StreamReader sr = new StreamReader(httpRequest.InputStream)) forPost = sr.ReadToEnd(); NameValueCollection postQuery = HttpUtility.ParseQueryString(forPost); NameValueCollection getQuery = HttpUtility.ParseQueryString(httpRequest.Url.Query); NameValueCollection openIdQuery = (postQuery.GetValues("openid.mode") != null ? postQuery : getQuery); OpenIdProvider provider = new OpenIdProvider(m_openidStore, providerEndpoint, httpRequest.Url, openIdQuery); if (provider.Request != null) { if (!provider.Request.IsResponseReady && provider.Request is IAuthenticationRequest) { IAuthenticationRequest authRequest = (IAuthenticationRequest)provider.Request; string[] passwordValues = postQuery.GetValues("pass"); UserAccount account; if (TryGetAccount(new Uri(authRequest.ClaimedIdentifier.ToString()), out account)) { // Check for form POST data if (passwordValues != null && passwordValues.Length == 1) { if (account != null && (m_authenticationService.Authenticate(account.PrincipalID, Util.Md5Hash(passwordValues[0]), 30) != string.Empty)) { authRequest.IsAuthenticated = true; } else { authRequest.IsAuthenticated = false; } } else { // Authentication was requested, send the client a login form using (StreamWriter writer = new StreamWriter(response)) writer.Write(String.Format(LOGIN_PAGE, account.FirstName, account.LastName)); return; } } else { // Cannot find an avatar matching the claimed identifier authRequest.IsAuthenticated = false; } } // Add OpenID headers to the response foreach (string key in provider.Request.Response.Headers.Keys) { httpResponse.AddHeader(key, provider.Request.Response.Headers[key]); } string[] contentTypeValues = provider.Request.Response.Headers.GetValues("Content-Type"); if (contentTypeValues != null && contentTypeValues.Length == 1) { httpResponse.ContentType = contentTypeValues[0]; } // Set the response code and document body based on the OpenID result httpResponse.StatusCode = (int)provider.Request.Response.Code; response.Write(provider.Request.Response.Body, 0, provider.Request.Response.Body.Length); response.Close(); } else if (httpRequest.Url.AbsolutePath.Contains("/openid/server")) { // Standard HTTP GET was made on the OpenID endpoint, send the client the default error page using (StreamWriter writer = new StreamWriter(response)) writer.Write(ENDPOINT_PAGE); } else { // Try and lookup this avatar UserAccount account; if (TryGetAccount(httpRequest.Url, out account)) { using (StreamWriter writer = new StreamWriter(response)) { // TODO: Print out a full profile page for this avatar writer.Write(String.Format(OPENID_PAGE, httpRequest.Url.Scheme, httpRequest.Url.Authority, account.FirstName, account.LastName)); } } else { // Couldn't parse an avatar name, or couldn't find the avatar in the user server using (StreamWriter writer = new StreamWriter(response)) writer.Write(INVALID_OPENID_PAGE); } } } catch (Exception ex) { httpResponse.StatusCode = (int)HttpStatusCode.InternalServerError; using (StreamWriter writer = new StreamWriter(response)) writer.Write(ex.Message); } }
public void GivenAValidHttpOpenIdIdentifier_RedirectToAuthenticate_ReturnsAValidEndPoint() { // Arrange. const string xrdsLocation = "https://www.myopenid.com/xrds"; // 302 Redirect :P var mockRestResponseRedirect = new Mock<IRestResponse>(); mockRestResponseRedirect.Setup(x => x.StatusCode).Returns(HttpStatusCode.Redirect); mockRestResponseRedirect.Setup(x => x.Headers) .Returns(new List<Parameter> { new Parameter { Name = "Location", Type = ParameterType.HttpHeader, Value = "https://myopenid.com/" } }); var mockRestClientRedirect = new Mock<IRestClient>(); mockRestClientRedirect.Setup(x => x.BaseUrl).Returns("http://myopenId.com/"); mockRestClientRedirect.Setup(x => x.Execute(It.IsAny<IRestRequest>())) .Returns(mockRestResponseRedirect.Object); // 200 OK with the Xrds location. var mockRestResponseOk = new Mock<IRestResponse>(); mockRestResponseOk.Setup(x => x.StatusCode).Returns(HttpStatusCode.OK); mockRestResponseOk.Setup(x => x.Headers) .Returns(new List<Parameter> { new Parameter { Name = "X-XRDS-Location", Type = ParameterType.HttpHeader, Value = xrdsLocation } }); var mockRestClientOk = new Mock<IRestClient>(); mockRestClientOk.Setup(x => x.BaseUrl).Returns("https://myopenId.com/"); mockRestClientOk.Setup(x => x.Execute(It.IsAny<IRestRequest>())) .Returns(mockRestResponseOk.Object); const string yahooXrdsXml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><xrds:XRDS xmlns:xrds=\"xri://$xrds\" xmlns:openid=\"http://openid.net/xmlns/1.0\" xmlns=\"xri://$xrd*($v*2.0)\"><XRD><Service priority=\"0\"><Type>http://specs.openid.net/auth/2.0/server</Type><Type>http://specs.openid.net/extensions/pape/1.0</Type><Type>http://openid.net/srv/ax/1.0</Type><Type>http://specs.openid.net/extensions/oauth/1.0</Type><Type>http://specs.openid.net/extensions/ui/1.0/lang-pref</Type><Type>http://specs.openid.net/extensions/ui/1.0/mode/popup</Type><Type>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier</Type><Type>http://www.idmanagement.gov/schema/2009/05/icam/no-pii.pdf</Type><Type>http://www.idmanagement.gov/schema/2009/05/icam/openid-trust-level1.pdf</Type><Type>http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf</Type><URI>https://open.login.yahooapis.com/openid/op/auth</URI></Service></XRD></xrds:XRDS>"; const string myOpenIdXrdsXml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><xrds:XRDS xmlns:xrds=\"xri://$xrds\" xmlns:ux=\"http://specs.openid.net/extensions/ux/1.0\" xmlns=\"xri://$xrd*($v*2.0)\"> <XRD> <Service priority=\"0\"><Type>http://specs.openid.net/auth/2.0/server</Type><Type>http://openid.net/sreg/1.0</Type><URI priority=\"0\">https://www.myopenid.com/server</URI></Service><Service><Type>http://specs.openid.net/extensions/ux/1.0/friendlyname</Type><ux:friendlyname>MyOpenID</ux:friendlyname></Service><Service><Type>http://specs.openid.net/extensions/ux/1.0/img</Type><ux:img url=\"https://www.myopenid.com/static/images/myopenid_selector.png\" width=\"48\" height=\"48\"></ux:img></Service></XRD></xrds:XRDS>"; var mockRestResponseXrds = new Mock<IRestResponse>(); mockRestResponseXrds.Setup(x => x.StatusCode).Returns(HttpStatusCode.OK); mockRestResponseXrds.Setup(x => x.Content).Returns(myOpenIdXrdsXml); var mockRestClientXrds = new Mock<IRestClient>(); mockRestClientXrds.Setup(x => x.BaseUrl).Returns(xrdsLocation); mockRestClientXrds.Setup(x => x.Execute(It.IsAny<IRestRequest>())) .Returns(mockRestResponseXrds.Object); var mockRestClients = new List<IRestClient> { mockRestClientRedirect.Object, mockRestClientOk.Object, mockRestClientXrds.Object }; var openIdProvider = new OpenIdProvider { RestClientFactory = new RestClientFactory(mockRestClients) }; var authenticationServiceSettings = new OpenIdAuthenticationServiceSettings { Identifier = new Uri("http://myopenId.com/"), CallBackUri = new Uri("http://whatever.com:9999") }; // Act. var result = openIdProvider.RedirectToAuthenticate(authenticationServiceSettings); // Assert. Assert.NotNull(result); Assert.Equal("https://www.myopenid.com/server?openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&openid.identity=http://specs.openid.net/auth/2.0/identifier_select&openid.mode=checkid_setup&openid.ns=http://specs.openid.net/auth/2.0&openid.ns.sreg=http://openid.net/extensions/sreg/1.1&openid.sreg.required=nickname&openid.sreg.optional=email,fullname,gender,language&no_ssl=true&openid.return_to=http://whatever.com:9999/&openid.realm=http://whatever.com:9999/", result.AbsoluteUri); }
public void CtorNullStore() { OpenIdProvider op = new OpenIdProvider(null, providerEndpoint, emptyRequestUrl, new NameValueCollection()); }
public void CtorNullQuery() { OpenIdProvider op = new OpenIdProvider(new ProviderMemoryStore(), providerEndpoint, emptyRequestUrl, null); }
public void CtorNullRequestUrl() { OpenIdProvider op = new OpenIdProvider(new ProviderMemoryStore(), providerEndpoint, null, new NameValueCollection()); }