public void Birthdates()
        {
            var response = new ClaimsResponse();
            // Verify that they both start out as null
            Assert.IsNull(response.BirthDateRaw);
            Assert.IsFalse(response.BirthDate.HasValue);

            // Verify that null can be set.
            response.BirthDate = null;
            response.BirthDateRaw = null;
            Assert.IsNull(response.BirthDateRaw);
            Assert.IsFalse(response.BirthDate.HasValue);

            // Verify that the strong-typed BirthDate property can be set and that it affects the raw property.
            response.BirthDate = DateTime.Parse("April 4, 1984");
            Assert.AreEqual(4, response.BirthDate.Value.Month);
            Assert.AreEqual("1984-04-04", response.BirthDateRaw);

            // Verify that the raw property can be set with a complete birthdate and that it affects the strong-typed property.
            response.BirthDateRaw = "1998-05-08";
            Assert.AreEqual("1998-05-08", response.BirthDateRaw);
            Assert.AreEqual(DateTime.Parse("May 8, 1998", CultureInfo.InvariantCulture), response.BirthDate);

            // Verify that an partial raw birthdate works, and sets the strong-typed property to null since it cannot be represented.
            response.BirthDateRaw = "2000-00-00";
            Assert.AreEqual("2000-00-00", response.BirthDateRaw);
            Assert.IsFalse(response.BirthDate.HasValue);
        }
		public void DualIdentifierNoMatchInAssertionVerificationByDefault() {
			PositiveAssertionResponse assertion = this.GetPositiveAssertion(true);
			ClaimsResponse extension = new ClaimsResponse();
			assertion.Extensions.Add(extension);
			var rp = CreateRelyingParty();
			new PositiveAuthenticationResponse(assertion, rp); // this will throw if it fails to find a match
		}
        /// <summary>
        /// Initializes a new instance of the <see cref="ClaimsResponseShim"/> class.
        /// </summary>
        /// <param name="response">The Simple Registration response to wrap.</param>
        internal ClaimsResponseShim(ClaimsResponse response)
        {
            Contract.Requires(response != null);
            ErrorUtilities.VerifyArgumentNotNull(response, "response");

            this.response = response;
        }
Exemple #4
0
 private void ProccessData(ClaimsResponse claim, string identifier)
 {
     Email = claim.Email;
     FullName = claim.FullName;
     Nickname = claim.Nickname ?? claim.Email;
     ClaimedIdentifier = identifier;
 }
		public async Task DualIdentifierNoMatchInAssertionVerificationByDefault() {
			PositiveAssertionResponse assertion = this.GetPositiveAssertion(true);
			ClaimsResponse extension = new ClaimsResponse();
			assertion.Extensions.Add(extension);
			var rp = CreateRelyingParty();
			await PositiveAuthenticationResponse.CreateAsync(assertion, rp, CancellationToken.None); // this will throw if it fails to find a match
		}
Exemple #6
0
 public static void Clear()
 {
     ProfileFields = null;
     FetchResponse = null;
     FriendlyLoginName = null;
     PapePolicies = null;
     GoogleAccessToken = null;
 }
 private void addClaimInfo(ClaimsResponse claim, string identifier)
 {
     Email = claim.Email;
     FullName = claim.FullName;
     Nickname = claim.Nickname ?? claim.Email;
     IsSignedByProvider = claim.IsSignedByProvider;
     ClaimedIdentifier = identifier;
 }
		public void DualIdentifierMatchesInAssertionVerification() {
			PositiveAssertionResponse assertion = this.GetPositiveAssertion(true);
			ClaimsResponse extension = new ClaimsResponse();
			assertion.Extensions.Add(extension);
			var rp = CreateRelyingParty();
			rp.SecuritySettings.AllowDualPurposeIdentifiers = true;
			new PositiveAuthenticationResponse(assertion, rp); // this will throw if it fails to find a match
		}
		public void UnifyExtensionsAsSregWithSreg() {
			var sregInjected = new ClaimsResponse {
				Nickname = "andy",
			};
			var axInjected = new FetchResponse();
			axInjected.Attributes.Add(WellKnownAttributes.Name.Alias, "nate");
			this.extensions.Add(sregInjected);
			this.extensions.Add(axInjected);
			var sreg = ExtensionsInteropHelper.UnifyExtensionsAsSreg(this.response, true);
			Assert.AreSame(sregInjected, sreg);
			Assert.AreEqual("andy", sreg.Nickname);
		}
        public void NoRequestedExtensions()
        {
            var sreg = ExtensionsInteropHelper.UnifyExtensionsAsSreg(this.request);
            Assert.IsNull(sreg);

            // Make sure we're still able to send an sreg response.
            var sregResponse = new ClaimsResponse();
            this.request.AddResponseExtension(sregResponse);
            ExtensionsInteropHelper.ConvertSregToMatchRequest(this.request);
            var extensions = this.GetResponseExtensions();
            Assert.AreSame(sregResponse, extensions.Single());
        }
		public void NoRequestedExtensions() {
			var sreg = ExtensionsInteropHelper.UnifyExtensionsAsSreg(this.request);
			Assert.IsNull(sreg);

			// Make sure we're still able to send an sreg response.
			// (not really a valid scenario, since OPs don't have public access
			// to directly create a response without a request.
			var sregResponse = new ClaimsResponse();
			this.request.AddResponseExtension(sregResponse);
			ExtensionsInteropHelper.ConvertSregToMatchRequest(this.request);
			var extensions = this.GetResponseExtensions();
			Assert.AreSame(sregResponse, extensions.Single());
		}
		public void CtorAndProperties() {
			var responseMessage = new IndirectSignedResponse(Protocol.V20.Version, this.returnTo);
			var ext = new ClaimsResponse();
			responseMessage.Extensions.Add(ext);
			var response = new PositiveAnonymousResponse(responseMessage);
			Assert.AreEqual(AuthenticationStatus.ExtensionsOnly, response.Status);
			Assert.AreSame(responseMessage, response.Response);
			Assert.IsNull(response.ClaimedIdentifier);
			Assert.IsNull(response.FriendlyIdentifierForDisplay);
			Assert.IsNull(response.Exception);
			Assert.IsNull(response.Provider);
			Assert.AreSame(ext, response.GetUntrustedExtension<ClaimsResponse>());
		}
		public void Valid() {
			PositiveAssertionResponse assertion = this.GetPositiveAssertion();
			ClaimsResponse extension = new ClaimsResponse();
			assertion.Extensions.Add(extension);
			var rp = CreateRelyingParty();
			var authResponse = new PositiveAuthenticationResponse(assertion, rp);
			Assert.AreEqual(AuthenticationStatus.Authenticated, authResponse.Status);
			Assert.IsNull(authResponse.Exception);
			Assert.AreEqual((string)assertion.ClaimedIdentifier, (string)authResponse.ClaimedIdentifier);
			Assert.AreEqual(authResponse.Endpoint.FriendlyIdentifierForDisplay, authResponse.FriendlyIdentifierForDisplay);
			Assert.AreSame(extension, authResponse.GetUntrustedExtension(typeof(ClaimsResponse)));
			Assert.AreSame(extension, authResponse.GetUntrustedExtension<ClaimsResponse>());
			Assert.IsNull(authResponse.GetCallbackArgument("a"));
			Assert.AreEqual(0, authResponse.GetCallbackArguments().Count);
		}
Exemple #14
0
    private void LogUser(string openId, ClaimsResponse profileFields)
    {
        //recupero l'utente da db, oppure lo creo al volo se non esiste
        MTBUser user = DBHelper.LoadUser(openId);

        //non esiste? allora lo creo e lo metto nella sessione come NewUser, quindi
        //rimando alla pagina User che, solo dopo aver inserito i dati obblicatori, lo metterà
        //finalmente in sessione come User
        if (user == null)
        {
            user = new MTBUser();
            user.OpenId = openId;
            user.Surname = "";

            if (profileFields != null)
            {
                user.Name = profileFields.FullName;
                user.EMail = profileFields.Email;
                user.Nickname = profileFields.Nickname;
                if (profileFields.Gender != null)
                {
                    switch (profileFields.Gender.Value)
                    {
                        case Gender.Male:
                            user.Gender = MTBUser.GenderType.Male;
                            break;
                        case Gender.Female:
                            user.Gender = MTBUser.GenderType.Female;
                            break;
                        default:
                            break;
                    }
                }

                if (profileFields.BirthDate != null)
                    user.BirthDate = profileFields.BirthDate.Value;
            }

            LoginState.NewUser = user;
            Response.Redirect("User.aspx");
        }
        else
        {
            LoginState.User = user;
            FormsAuthentication.RedirectFromLoginPage("", false);
        }
    }
Exemple #15
0
		private static AuthenticationToken ProcessUserLogin(string claimedIdentifier, string friendlyIdentifier, ClaimsResponse claims, Token samlToken, bool trustedEmail) {
			// Create an account for this user if we don't already have one.
			AuthenticationToken openidToken = Database.DataContext.AuthenticationTokens.FirstOrDefault(token => token.ClaimedIdentifier == claimedIdentifier);
			if (openidToken == null) {
				// this is a user we haven't seen before.
				User user = new User();
				openidToken = new AuthenticationToken {
					ClaimedIdentifier = claimedIdentifier,
					FriendlyIdentifier = friendlyIdentifier,
				};
				user.AuthenticationTokens.Add(openidToken);

				// Gather information about the user if it's available.
				if (claims != null) {
					if (!string.IsNullOrEmpty(claims.Email)) {
						user.EmailAddress = claims.Email;
						user.EmailAddressVerified = trustedEmail;
					}
					if (!string.IsNullOrEmpty(claims.FullName)) {
						if (claims.FullName.IndexOf(' ') > 0) {
							user.FirstName = claims.FullName.Substring(0, claims.FullName.IndexOf(' ')).Trim();
							user.LastName = claims.FullName.Substring(claims.FullName.IndexOf(' ')).Trim();
						} else {
							user.FirstName = claims.FullName;
						}
					}
				} else if (samlToken != null) {
					string email, givenName, surname;
					if (samlToken.Claims.TryGetValue(ClaimTypes.Email, out email)) {
						user.EmailAddress = email;
						user.EmailAddressVerified = trustedEmail;
					}
					if (samlToken.Claims.TryGetValue(ClaimTypes.GivenName, out givenName)) {
						user.FirstName = givenName;
					}
					if (samlToken.Claims.TryGetValue(ClaimTypes.Surname, out surname)) {
						user.LastName = surname;
					}
				}

				Database.DataContext.AddToUsers(user);
			} else {
				openidToken.UsageCount++;
				openidToken.LastUsedUtc = DateTime.UtcNow;
			}
			return openidToken;
		}
        /// <summary>
        /// Tests equality of two <see cref="ClaimsResponse"/> objects.
        /// </summary>
        /// <param name="obj">The <see cref="T:System.Object"/> to compare with the current <see cref="T:System.Object"/>.</param>
        /// <returns>
        /// true if the specified <see cref="T:System.Object"/> is equal to the current <see cref="T:System.Object"/>; otherwise, false.
        /// </returns>
        /// <exception cref="T:System.NullReferenceException">
        /// The <paramref name="obj"/> parameter is null.
        /// </exception>
        public override bool Equals(object obj)
        {
            ClaimsResponse other = obj as ClaimsResponse;

            if (other == null)
            {
                return(false);
            }

            return
                (this.BirthDateRaw.EqualsNullSafe(other.BirthDateRaw) &&
                 this.Country.EqualsNullSafe(other.Country) &&
                 this.Language.EqualsNullSafe(other.Language) &&
                 this.Email.EqualsNullSafe(other.Email) &&
                 this.FullName.EqualsNullSafe(other.FullName) &&
                 this.Gender.Equals(other.Gender) &&
                 this.Nickname.EqualsNullSafe(other.Nickname) &&
                 this.PostalCode.EqualsNullSafe(other.PostalCode) &&
                 this.TimeZone.EqualsNullSafe(other.TimeZone));
        }
 internal static LoginProfile ProfileFromOpenId(ClaimsResponse spprofile, FetchResponse fetchprofile, string claimedId, string realmUrlString)
 {
     var profile = new LoginProfile
     {
         Link = claimedId,
         Id = claimedId,
         Provider = ProviderConstants.OpenId,
     };
     if (spprofile != null)
     {
         //Fill
         profile.BirthDay = spprofile.BirthDateRaw;
         profile.DisplayName = spprofile.FullName;
         profile.EMail = spprofile.Email;
         profile.Name = spprofile.Nickname;
         profile.Gender = spprofile.Gender.HasValue ? spprofile.Gender.Value.ToString() : "";
         profile.TimeZone = spprofile.TimeZone;
         profile.Locale = spprofile.Language;
     }
     if (fetchprofile != null)
     {
         profile.Name = fetchprofile.GetAttributeValue(WellKnownAttributes.Name.Alias);
         profile.LastName = fetchprofile.GetAttributeValue(WellKnownAttributes.Name.Last);
         profile.FirstName = fetchprofile.GetAttributeValue(WellKnownAttributes.Name.First);
         profile.DisplayName = fetchprofile.GetAttributeValue(WellKnownAttributes.Name.FullName);
         profile.MiddleName = fetchprofile.GetAttributeValue(WellKnownAttributes.Name.Middle);
         profile.Salutation = fetchprofile.GetAttributeValue(WellKnownAttributes.Name.Prefix);
         profile.Avatar = fetchprofile.GetAttributeValue(WellKnownAttributes.Media.Images.Default);
         profile.EMail = fetchprofile.GetAttributeValue(WellKnownAttributes.Contact.Email);
         profile.Gender = fetchprofile.GetAttributeValue(WellKnownAttributes.Person.Gender);
         profile.BirthDay = fetchprofile.GetAttributeValue(WellKnownAttributes.BirthDate.WholeBirthDate);
     }
     profile.RealmUrl = realmUrlString;
     return profile;
 }
        private bool IsValidForUserCreation(OpenIdEventArgs e, ClaimsResponse claim)
        {
            bool result = true;

            if (claim == null) { return false; }

            if (String.IsNullOrEmpty(claim.Email)) { return false; }
            if (String.IsNullOrEmpty(claim.FullName)) { return false; }

            if (!Email.IsValidEmailAddressSyntax(claim.Email)) { return false; }

            mojoProfileConfiguration profileConfig = mojoProfileConfiguration.GetConfig();
            if (profileConfig.HasRequiredCustomProperties()) { result = false; }

            return result;
        }
 private void DisplayResults(OpenIdEventArgs e, ClaimsResponse claim)
 {
     litResult.Text = "uri: " + e.ClaimedIdentifier.ToString() + "<br />"
         + "Full Name: " + claim.FullName + "<br />"
         + "Nickname: " + claim.Nickname + "<br />"
         + "Birthdate: " + claim.BirthDate.ToString() + "<br />"
         + "Country: " + claim.Country + "<br />"
         + "Culture: " + claim.Culture.ToString() + "<br />"
         + "Gender: " + claim.Gender + "<br />"
         + "Language: " + claim.Language + "<br />"
         + "MailAddress: " + claim.MailAddress + "<br />"
         + "Postal Code: " + claim.PostalCode + " <br />"
         + "Email: " + claim.Email + "<br />"
         + "TimeZone: " + claim.TimeZone + "<br />";
 }
		public static ClaimsResponse UnifyExtensionsAsSreg(this RelyingParty.IAuthenticationResponse response, bool allowUnsigned) {
			Contract.Requires<ArgumentNullException>(response != null);

			var resp = (RelyingParty.IAuthenticationResponse)response;
			var sreg = allowUnsigned ? resp.GetUntrustedExtension<ClaimsResponse>() : resp.GetExtension<ClaimsResponse>();
			if (sreg != null) {
				return sreg;
			}

			AXAttributeFormats formats = AXAttributeFormats.All;
			sreg = new ClaimsResponse();
			var fetchResponse = allowUnsigned ? resp.GetUntrustedExtension<FetchResponse>() : resp.GetExtension<FetchResponse>();
			if (fetchResponse != null) {
				((IOpenIdMessageExtension)sreg).IsSignedByRemoteParty = fetchResponse.IsSignedByProvider;
				sreg.BirthDateRaw = fetchResponse.GetAttributeValue(WellKnownAttributes.BirthDate.WholeBirthDate, formats);
				sreg.Country = fetchResponse.GetAttributeValue(WellKnownAttributes.Contact.HomeAddress.Country, formats);
				sreg.PostalCode = fetchResponse.GetAttributeValue(WellKnownAttributes.Contact.HomeAddress.PostalCode, formats);
				sreg.Email = fetchResponse.GetAttributeValue(WellKnownAttributes.Contact.Email, formats);
				sreg.FullName = fetchResponse.GetAttributeValue(WellKnownAttributes.Name.FullName, formats);
				sreg.Language = fetchResponse.GetAttributeValue(WellKnownAttributes.Preferences.Language, formats);
				sreg.Nickname = fetchResponse.GetAttributeValue(WellKnownAttributes.Name.Alias, formats);
				sreg.TimeZone = fetchResponse.GetAttributeValue(WellKnownAttributes.Preferences.TimeZone, formats);
				string gender = fetchResponse.GetAttributeValue(WellKnownAttributes.Person.Gender, formats);
				if (gender != null) {
					sreg.Gender = (Gender)genderEncoder.Decode(gender);
				}
			}

			return sreg;
		}
		/// <summary>
		/// Initializes a new instance of the <see cref="ClaimsResponseShim"/> class.
		/// </summary>
		/// <param name="response">The Simple Registration response to wrap.</param>
		internal ClaimsResponseShim(ClaimsResponse response)
		{
			Requires.NotNull(response, "response");

			this.response = response;
		}
		public void InvalidRawBirthdate() {
			var response = new ClaimsResponse();
			response.BirthDateRaw = "2008";
		}
        private void ParameterizedAXTest(AXAttributeFormats format)
        {
            var axInjected = new FetchRequest();
            axInjected.Attributes.AddOptional(ExtensionsInteropHelper_Accessor.TransformAXFormat(WellKnownAttributes.Name.Alias, format));
            axInjected.Attributes.AddRequired(ExtensionsInteropHelper_Accessor.TransformAXFormat(WellKnownAttributes.Name.FullName, format));
            this.extensions.Add(axInjected);
            var sreg = ExtensionsInteropHelper.UnifyExtensionsAsSreg(this.request);
            Assert.AreSame(sreg, this.request.GetExtension<ClaimsRequest>());
            Assert.AreEqual(DemandLevel.Request, sreg.Nickname);
            Assert.AreEqual(DemandLevel.Require, sreg.FullName);
            Assert.AreEqual(DemandLevel.NoRequest, sreg.Language);

            var sregResponse = new ClaimsResponse {
                Nickname = "andy",
            };
            this.request.AddResponseExtension(sregResponse);
            ExtensionsInteropHelper.ConvertSregToMatchRequest(this.request);
            var extensions = this.GetResponseExtensions();
            var axResponse = extensions.OfType<FetchResponse>().Single();
            Assert.AreEqual("andy", axResponse.GetAttributeValue(ExtensionsInteropHelper_Accessor.TransformAXFormat(WellKnownAttributes.Name.Alias, format)));
        }
        public bool ValidateOpenIDUser()
        {
            try
            {
                var response = consumer.GetResponse();
                if (response.Status != AuthenticationStatus.Authenticated)
                {
                    return false;
                }

                _sreg = response.GetExtension<ClaimsResponse>();

                MembershipUser user = GetUserByOpenId(response.ClaimedIdentifier, true);
                if (user != null)
                {
                    FormsAuthentication.RedirectFromLoginPage(user.UserName, false);
                    return true; // never reached, due to redirect
                }
                else
                {
                    throw new OpenIdNotLinkedException(response.ClaimedIdentifier);
                }
            }
            catch (ProtocolException ex)
            {
                if (WriteExceptionsToEventLog)
                {
                    Utility.WriteToEventLog(ex, "ValidateOpenIDUser");
                }

                return false;
            }
            catch (OpenIdNotLinkedException nlEx)
            {
                throw nlEx;
            }
        }
		public void SetOpenIdProfileFields(ClaimsResponse value) {
			if (value == null) {
				throw new ArgumentNullException("value");
			}

			this.DateOfBirth = value.BirthDate;
			this.countryDropdownList.SelectedValue = value.Country;
			this.emailTextBox.Text = value.Email;
			this.fullnameTextBox.Text = value.FullName;
			this.Gender = value.Gender;
			this.languageDropdownList.SelectedValue = value.Language;
			this.nicknameTextBox.Text = value.Nickname;
			this.postcodeTextBox.Text = value.PostalCode;
			this.timezoneDropdownList.SelectedValue = value.TimeZone;
		}
        public void UnifyExtensionsAsSregWithBothSregAndAX()
        {
            var sregInjected = new ClaimsRequest {
                Nickname = DemandLevel.Request,
            };
            this.extensions.Add(sregInjected);
            var axInjected = new FetchRequest();
            axInjected.Attributes.AddOptional(WellKnownAttributes.Contact.Email);
            this.extensions.Add(axInjected);
            var sreg = ExtensionsInteropHelper.UnifyExtensionsAsSreg(this.request);
            Assert.AreSame(sregInjected, sreg);
            Assert.AreEqual(DemandLevel.Request, sreg.Nickname);
            Assert.AreEqual(DemandLevel.NoRequest, sreg.Email);

            var sregResponseInjected = new ClaimsResponse {
                Nickname = "andy",
            };
            this.request.AddResponseExtension(sregResponseInjected);
            var axResponseInjected = new FetchResponse();
            axResponseInjected.Attributes.Add(WellKnownAttributes.Contact.Email, "*****@*****.**");
            this.request.AddResponseExtension(axResponseInjected);
            ExtensionsInteropHelper.ConvertSregToMatchRequest(this.request);
            var extensions = this.GetResponseExtensions();
            var sregResponse = extensions.OfType<ClaimsResponse>().Single();
            Assert.AreEqual("andy", sregResponse.Nickname);
            var axResponse = extensions.OfType<FetchResponse>().Single();
            Assert.AreEqual("*****@*****.**", axResponse.GetAttributeValue(WellKnownAttributes.Contact.Email));
        }
Exemple #27
0
 public OpenIdUser(ClaimsResponse claim, string identifier)
 {
     ProccessData(claim, identifier);
 }
 public OpenIdUser(ClaimsResponse claim, string identifier)
 {
     addClaimInfo(claim, identifier);
 }
Exemple #29
0
 public static void Clear()
 {
     ProfileFields = null;
     FriendlyLoginName = null;
     PapePolicies = null;
 }
        private bool IsValidForUserCreation(OpenIdEventArgs e, ClaimsResponse claim)
        {
            if (e == null) return false;
            if (claim == null) return false;
            if (e.ClaimedIdentifier == null) { return false; }

            if (String.IsNullOrEmpty(claim.Email)) { return false; }
            if (String.IsNullOrEmpty(claim.FullName)) { return false; }

            if (!Email.IsValidEmailAddressSyntax(claim.Email)) return false;

            // if custom profile fields are required
            // must pass them on to registration page
            mojoProfileConfiguration profileConfig = mojoProfileConfiguration.GetConfig();
            if (profileConfig != null)
            {
                if (profileConfig.HasRequiredCustomProperties()) return false;
            }

            return true;
        }
		public void EmptyMailAddress() {
			ClaimsResponse response = new ClaimsResponse(Constants.sreg_ns);
			response.Email = string.Empty;
			Assert.IsNull(response.MailAddress);
		}