bool IExtensionRequest.Deserialize(IDictionary<string, string> fields, DotNetOpenId.Provider.IRequest request, string typeUri) { if (fields == null) return false; string mode; fields.TryGetValue("mode", out mode); if (mode != Mode) return false; string updateUrl; fields.TryGetValue("update_url", out updateUrl); Uri updateUri; if (Uri.TryCreate(updateUrl, UriKind.Absolute, out updateUri)) UpdateUrl = updateUri; string requiredAliasString, optionalAliasString; fields.TryGetValue("if_available", out optionalAliasString); fields.TryGetValue("required", out requiredAliasString); var requiredAliases = parseAliasList(requiredAliasString); var optionalAliases = parseAliasList(optionalAliasString); // if an alias shows up in both lists, an exception will result implicitly. var allAliases = new List<string>(requiredAliases.Count + optionalAliases.Count); allAliases.AddRange(requiredAliases); allAliases.AddRange(optionalAliases); if (allAliases.Count == 0) { Logger.Error("Attribute Exchange extension did not provide any aliases in the if_available or required lists."); return false; } AliasManager aliasManager = new AliasManager(); foreach (var alias in allAliases) { string attributeTypeUri; if (fields.TryGetValue("type." + alias, out attributeTypeUri)) { aliasManager.SetAlias(alias, attributeTypeUri); AttributeRequest att = new AttributeRequest { TypeUri = attributeTypeUri, IsRequired = requiredAliases.Contains(alias), }; string countString; if (fields.TryGetValue("count." + alias, out countString)) { if (countString == "unlimited") att.Count = int.MaxValue; else { int count; if (int.TryParse(countString, out count) && count > 0) { att.Count = count; } else { Logger.Error("count." + alias + " could not be parsed into a positive integer."); } } } else { att.Count = 1; } AddAttribute(att); } else { Logger.Error("Type URI definition of alias " + alias + " is missing."); } } return true; }
bool IExtensionRequest.Deserialize(IDictionary<string, string> fields, DotNetOpenId.Provider.IRequest request, string typeUri) { if (fields == null) return false; string mode; fields.TryGetValue("mode", out mode); if (mode != Mode) return false; foreach (var att in FetchResponse.DeserializeAttributes(fields)) AddAttribute(att); return true; }
protected void ProviderEndpoint1_AuthenticationChallenge(object sender, DotNetOpenId.Provider.AuthenticationChallengeEventArgs e) { if (!e.Request.IsReturnUrlDiscoverable) { throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, "return_to could not be verified using RP discovery realm {0}.", e.Request.Realm)); } TestSupport.Scenarios scenario = (TestSupport.Scenarios)Enum.Parse(typeof(TestSupport.Scenarios), new Uri(e.Request.LocalIdentifier).AbsolutePath.TrimStart('/')); switch (scenario) { case TestSupport.Scenarios.AutoApproval: e.Request.IsAuthenticated = true; break; case TestSupport.Scenarios.ApproveOnSetup: e.Request.IsAuthenticated = !e.Request.Immediate; break; default: // All other scenarios are done programmatically only. throw new InvalidOperationException("Unrecognized scenario"); } e.Request.Response.Send(); }
public void AddExtension(DotNetOpenId.Extensions.IExtensionRequest extension) { if (extension == null) throw new ArgumentNullException("extension"); OutgoingExtensions.AddExtensionArguments(extension.TypeUri, extension.Serialize(this)); }
return fields; } bool IExtensionResponse.Deserialize(IDictionary<string, string> fields, DotNetOpenId.RelyingParty.IAuthenticationResponse response, string typeUri) { if (fields == null) return false; if (!fields.ContainsKey(Constants.ResponseParameters.AuthPolicies)) return false; ActualPolicies.Clear(); string[] actualPolicies = fields[Constants.ResponseParameters.AuthPolicies].Split(' '); foreach (string policy in actualPolicies) { if (policy.Length > 0 && policy != AuthenticationPolicies.None) ActualPolicies.Add(policy); } AuthenticationTimeUtc = null; string authTime; if (fields.TryGetValue(Constants.ResponseParameters.AuthTime, out authTime)) { DateTime authDateTime; if (DateTime.TryParse(authTime, CultureInfo.InvariantCulture, DateTimeStyles.AdjustToUniversal, out authDateTime) && authDateTime.Kind == DateTimeKind.Utc) { // may be unspecified per our option above AuthenticationTimeUtc = authDateTime; } else { Logger.ErrorFormat("Invalid format for {0} parameter: {1}", Constants.ResponseParameters.AuthTime, authTime); } } AssuranceLevels.Clear(); AliasManager authLevelAliases = PolicyRequest.FindIncomingAliases(fields); foreach (string authLevelAlias in authLevelAliases.Aliases) { string authValue; if (fields.TryGetValue(Constants.ResponseParameters.AuthLevelAliasPrefix + authLevelAlias, out authValue)) { string authLevelType = authLevelAliases.ResolveAlias(authLevelAlias); AssuranceLevels[authLevelType] = authValue; } }
protected void openIdTxt_LoggedIn(object sender, DotNetOpenId.RelyingParty.OpenIdEventArgs e) { if (e.Response.ClaimedIdentifier != null && e.Response.Status == DotNetOpenId.RelyingParty.AuthenticationStatus.Authenticated) { string userNameTxt = e.Response.ClaimedIdentifier; bool publicTerminal = true; if (Session["publicTerminal"] != null) publicTerminal = (bool)Session["publicTerminal"]; Operator.LoginOpenID(userNameTxt, e.Response.FriendlyIdentifierForDisplay, publicTerminal); login.Visible = false; if (LoggedIn != null) LoggedIn(this, new EventArgs()); } }
IDictionary<string, string> IExtensionResponse.Serialize(DotNetOpenId.Provider.IRequest authenticationRequest) { var fields = new Dictionary<string, string>(); fields.Add(Constants.ResponseParameters.AuthPolicies, PolicyRequest.SerializePolicies(ActualPolicies)); if (AuthenticationTimeUtc.HasValue) { fields.Add(Constants.ResponseParameters.AuthTime, AuthenticationTimeUtc.Value.ToUniversalTime().ToString(PermissibleDateTimeFormats[0], CultureInfo.InvariantCulture)); } if (NistAssuranceLevel.HasValue) { fields.Add(Constants.ResponseParameters.NistAuthLevel, ((int)NistAssuranceLevel).ToString(CultureInfo.InvariantCulture)); } return fields; }
#region IExtensionResponse Members IDictionary<string, string> IExtensionResponse.Serialize(DotNetOpenId.Provider.IRequest authenticationRequest) { var fields = new Dictionary<string, string>(); fields.Add(Constants.ResponseParameters.AuthPolicies, SerializePolicies(ActualPolicies)); if (AuthenticationTimeUtc.HasValue) { fields.Add(Constants.ResponseParameters.AuthTime, AuthenticationTimeUtc.Value.ToUniversalTime().ToString(PermissibleDateTimeFormats[0], CultureInfo.InvariantCulture)); } if (AssuranceLevels.Count > 0) { AliasManager aliases = new AliasManager(); aliases.AssignAliases(AssuranceLevels.Keys, Constants.AuthenticationLevels.PreferredTypeUriToAliasMap); // Add a definition for each Auth Level Type alias. foreach (string alias in aliases.Aliases) { fields.Add(Constants.AuthLevelNamespaceDeclarationPrefix + alias, aliases.ResolveAlias(alias)); } // Now use the aliases for those type URIs to list the individual values. foreach (var pair in AssuranceLevels) { fields.Add(Constants.ResponseParameters.AuthLevelAliasPrefix + aliases.GetAlias(pair.Key), pair.Value); } }
bool IExtensionResponse.Deserialize(IDictionary<string, string> fields, DotNetOpenId.RelyingParty.IAuthenticationResponse response, string typeUri) { if (fields == null) return false; if (!fields.ContainsKey(Constants.ResponseParameters.AuthPolicies)) return false; ActualPolicies.Clear(); string[] actualPolicies = fields[Constants.ResponseParameters.AuthPolicies].Split(' '); foreach (string policy in actualPolicies) { if (policy.Length > 0) ActualPolicies.Add(policy); } AuthenticationTimeUtc = null; string authTime; if (fields.TryGetValue(Constants.ResponseParameters.AuthTime, out authTime)) { DateTime authDateTime; if (DateTime.TryParse(authTime, CultureInfo.InvariantCulture, DateTimeStyles.AdjustToUniversal, out authDateTime) && authDateTime.Kind == DateTimeKind.Utc) { // may be unspecified per our option above AuthenticationTimeUtc = authDateTime; } else { Logger.ErrorFormat("Invalid format for {0} parameter: {1}", Constants.ResponseParameters.AuthTime, authTime); } } NistAssuranceLevel = null; string nistAuthLevel; if (fields.TryGetValue(Constants.ResponseParameters.NistAuthLevel, out nistAuthLevel)) { int nistAuthLevelNumber; if (int.TryParse(nistAuthLevel, out nistAuthLevelNumber) && nistAuthLevelNumber >= 0 && nistAuthLevelNumber <= 4) { NistAssuranceLevel = (NistAssuranceLevel)nistAuthLevelNumber; } else { Logger.Error("Invalid NIST level."); } } return true; }
internal static void SetAuthenticationFromScenario(Scenarios scenario, DotNetOpenId.Provider.IAuthenticationRequest request) { Assert.IsTrue(request.IsReturnUrlDiscoverable); switch (scenario) { case TestSupport.Scenarios.ExtensionFullCooperation: case TestSupport.Scenarios.ExtensionPartialCooperation: case TestSupport.Scenarios.AutoApproval: // immediately approve request.IsAuthenticated = true; break; case TestSupport.Scenarios.AutoApprovalAddFragment: request.SetClaimedIdentifierFragment("frag"); request.IsAuthenticated = true; break; case TestSupport.Scenarios.ApproveOnSetup: request.IsAuthenticated = !request.Immediate; break; case TestSupport.Scenarios.AlwaysDeny: request.IsAuthenticated = false; break; default: throw new InvalidOperationException("Unrecognized scenario"); } }
internal static IAuthenticationResponse CreateRelyingPartyResponseThroughProvider( DotNetOpenId.RelyingParty.IAuthenticationRequest request, Action<DotNetOpenId.Provider.IAuthenticationRequest> providerAction) { var rpReq = (AuthenticationRequest)request; var opResponse = CreateProviderResponseToRequest(rpReq, providerAction); // Be careful to use whatever store the original RP was using. var rp = CreateRelyingPartyResponse(rpReq.RelyingParty.Store, opResponse, ((AuthenticationRequest)request).RelyingParty.Settings.RequireSsl); Assert.IsNotNull(rp); return rp; }
internal static IResponse CreateProviderResponseToRequest( DotNetOpenId.RelyingParty.IAuthenticationRequest request, Action<DotNetOpenId.Provider.IAuthenticationRequest> prepareProviderResponse) { { // Sidetrack: Verify the return_to and realm URLs var consumerToProviderQuery = HttpUtility.ParseQueryString(request.RedirectingResponse.ExtractUrl().Query); Protocol protocol = Protocol.Detect(consumerToProviderQuery.ToDictionary()); Assert.IsTrue(consumerToProviderQuery[protocol.openid.return_to].StartsWith(request.ReturnToUrl.AbsoluteUri, StringComparison.Ordinal)); Assert.AreEqual(request.Realm.ToString(), consumerToProviderQuery[protocol.openid.Realm]); } var op = TestSupport.CreateProviderForRequest(request); var opReq = (DotNetOpenId.Provider.IAuthenticationRequest)op.Request; prepareProviderResponse(opReq); Assert.IsTrue(opReq.IsResponseReady); return opReq.Response; }
internal static OpenIdProvider CreateProviderForRequest(DotNetOpenId.RelyingParty.IAuthenticationRequest request) { IResponse relyingPartyAuthenticationRequest = request.RedirectingResponse; var rpWebMessageToOP = (Response)relyingPartyAuthenticationRequest; var rpMessageToOP = (IndirectMessageRequest)rpWebMessageToOP.EncodableMessage; var opEndpoint = (ServiceEndpoint)request.Provider; var provider = new OpenIdProvider(ProviderStore, opEndpoint.ProviderEndpoint, opEndpoint.ProviderEndpoint, rpMessageToOP.EncodedFields.ToNameValueCollection()); return provider; }