Esempio n. 1
0
        bool IExtensionRequest.Deserialize(IDictionary<string, string> fields, DotNetOpenId.Provider.IRequest request, string typeUri)
        {
            if (fields == null) return false;
            string mode;
            fields.TryGetValue("mode", out mode);
            if (mode != Mode) return false;

            string updateUrl;
            fields.TryGetValue("update_url", out updateUrl);
            Uri updateUri;
            if (Uri.TryCreate(updateUrl, UriKind.Absolute, out updateUri))
                UpdateUrl = updateUri;

            string requiredAliasString, optionalAliasString;
            fields.TryGetValue("if_available", out optionalAliasString);
            fields.TryGetValue("required", out requiredAliasString);
            var requiredAliases = parseAliasList(requiredAliasString);
            var optionalAliases = parseAliasList(optionalAliasString);
            // if an alias shows up in both lists, an exception will result implicitly.
            var allAliases = new List<string>(requiredAliases.Count + optionalAliases.Count);
            allAliases.AddRange(requiredAliases);
            allAliases.AddRange(optionalAliases);
            if (allAliases.Count == 0) {
                Logger.Error("Attribute Exchange extension did not provide any aliases in the if_available or required lists.");
                return false;
            }
            AliasManager aliasManager = new AliasManager();
            foreach (var alias in allAliases) {
                string attributeTypeUri;
                if (fields.TryGetValue("type." + alias, out attributeTypeUri)) {
                    aliasManager.SetAlias(alias, attributeTypeUri);
                    AttributeRequest att = new AttributeRequest {
                        TypeUri = attributeTypeUri,
                        IsRequired = requiredAliases.Contains(alias),
                    };
                    string countString;
                    if (fields.TryGetValue("count." + alias, out countString)) {
                        if (countString == "unlimited")
                            att.Count = int.MaxValue;
                        else {
                            int count;
                            if (int.TryParse(countString, out count) && count > 0) {
                                att.Count = count;
                            } else {
                                Logger.Error("count." + alias + " could not be parsed into a positive integer.");
                            }
                        }
                    } else {
                        att.Count = 1;
                    }
                    AddAttribute(att);
                } else {
                    Logger.Error("Type URI definition of alias " + alias + " is missing.");
                }
            }

            return true;
        }
Esempio n. 2
0
        bool IExtensionRequest.Deserialize(IDictionary<string, string> fields, DotNetOpenId.Provider.IRequest request, string typeUri)
        {
            if (fields == null) return false;
            string mode;
            fields.TryGetValue("mode", out mode);
            if (mode != Mode) return false;

            foreach (var att in FetchResponse.DeserializeAttributes(fields))
                AddAttribute(att);

            return true;
        }
Esempio n. 3
0
 protected void ProviderEndpoint1_AuthenticationChallenge(object sender, DotNetOpenId.Provider.AuthenticationChallengeEventArgs e)
 {
     if (!e.Request.IsReturnUrlDiscoverable) {
         throw new ArgumentException(string.Format(CultureInfo.CurrentCulture,
             "return_to could not be verified using RP discovery realm {0}.", e.Request.Realm));
     }
     TestSupport.Scenarios scenario = (TestSupport.Scenarios)Enum.Parse(typeof(TestSupport.Scenarios),
         new Uri(e.Request.LocalIdentifier).AbsolutePath.TrimStart('/'));
     switch (scenario) {
         case TestSupport.Scenarios.AutoApproval:
             e.Request.IsAuthenticated = true;
             break;
         case TestSupport.Scenarios.ApproveOnSetup:
             e.Request.IsAuthenticated = !e.Request.Immediate;
             break;
         default:
             // All other scenarios are done programmatically only.
             throw new InvalidOperationException("Unrecognized scenario");
     }
     e.Request.Response.Send();
 }
Esempio n. 4
0
 public void AddExtension(DotNetOpenId.Extensions.IExtensionRequest extension)
 {
     if (extension == null) throw new ArgumentNullException("extension");
     OutgoingExtensions.AddExtensionArguments(extension.TypeUri, extension.Serialize(this));
 }
Esempio n. 5
0
			return fields;
		}

		bool IExtensionResponse.Deserialize(IDictionary<string, string> fields, DotNetOpenId.RelyingParty.IAuthenticationResponse response, string typeUri) {
			if (fields == null) return false;
			if (!fields.ContainsKey(Constants.ResponseParameters.AuthPolicies)) return false;

			ActualPolicies.Clear();
			string[] actualPolicies = fields[Constants.ResponseParameters.AuthPolicies].Split(' ');
			foreach (string policy in actualPolicies) {
				if (policy.Length > 0 && policy != AuthenticationPolicies.None)
					ActualPolicies.Add(policy);
			}

			AuthenticationTimeUtc = null;
			string authTime;
			if (fields.TryGetValue(Constants.ResponseParameters.AuthTime, out authTime)) {
				DateTime authDateTime;
				if (DateTime.TryParse(authTime, CultureInfo.InvariantCulture, DateTimeStyles.AdjustToUniversal, out authDateTime) &&
					authDateTime.Kind == DateTimeKind.Utc) { // may be unspecified per our option above
					AuthenticationTimeUtc = authDateTime;
				} else {
					Logger.ErrorFormat("Invalid format for {0} parameter: {1}",
						Constants.ResponseParameters.AuthTime, authTime);
				}
			}

			AssuranceLevels.Clear();
			AliasManager authLevelAliases = PolicyRequest.FindIncomingAliases(fields);
			foreach (string authLevelAlias in authLevelAliases.Aliases) {
				string authValue;
				if (fields.TryGetValue(Constants.ResponseParameters.AuthLevelAliasPrefix + authLevelAlias, out authValue)) {
					string authLevelType = authLevelAliases.ResolveAlias(authLevelAlias);
					AssuranceLevels[authLevelType] = authValue;
				}
			}
Esempio n. 6
0
    protected void openIdTxt_LoggedIn(object sender, DotNetOpenId.RelyingParty.OpenIdEventArgs e)
    {
        if (e.Response.ClaimedIdentifier != null && 
            e.Response.Status == DotNetOpenId.RelyingParty.AuthenticationStatus.Authenticated)
        {
            string userNameTxt = e.Response.ClaimedIdentifier;
            bool publicTerminal = true;
            if (Session["publicTerminal"] != null)
                publicTerminal = (bool)Session["publicTerminal"];
            Operator.LoginOpenID(userNameTxt, e.Response.FriendlyIdentifierForDisplay, publicTerminal);

            login.Visible = false;
            if (LoggedIn != null)
                LoggedIn(this, new EventArgs());
        }
    }
Esempio n. 7
0
        IDictionary<string, string> IExtensionResponse.Serialize(DotNetOpenId.Provider.IRequest authenticationRequest)
        {
            var fields = new Dictionary<string, string>();

            fields.Add(Constants.ResponseParameters.AuthPolicies, PolicyRequest.SerializePolicies(ActualPolicies));
            if (AuthenticationTimeUtc.HasValue) {
                fields.Add(Constants.ResponseParameters.AuthTime, AuthenticationTimeUtc.Value.ToUniversalTime().ToString(PermissibleDateTimeFormats[0], CultureInfo.InvariantCulture));
            }
            if (NistAssuranceLevel.HasValue) {
                fields.Add(Constants.ResponseParameters.NistAuthLevel, ((int)NistAssuranceLevel).ToString(CultureInfo.InvariantCulture));
            }

            return fields;
        }
Esempio n. 8
0
		#region IExtensionResponse Members

		IDictionary<string, string> IExtensionResponse.Serialize(DotNetOpenId.Provider.IRequest authenticationRequest) {
			var fields = new Dictionary<string, string>();

			fields.Add(Constants.ResponseParameters.AuthPolicies, SerializePolicies(ActualPolicies));
			if (AuthenticationTimeUtc.HasValue) {
				fields.Add(Constants.ResponseParameters.AuthTime, AuthenticationTimeUtc.Value.ToUniversalTime().ToString(PermissibleDateTimeFormats[0], CultureInfo.InvariantCulture));
			}

			if (AssuranceLevels.Count > 0) {
				AliasManager aliases = new AliasManager();
				aliases.AssignAliases(AssuranceLevels.Keys, Constants.AuthenticationLevels.PreferredTypeUriToAliasMap);

				// Add a definition for each Auth Level Type alias.
				foreach (string alias in aliases.Aliases) {
					fields.Add(Constants.AuthLevelNamespaceDeclarationPrefix + alias, aliases.ResolveAlias(alias));
				}

				// Now use the aliases for those type URIs to list the individual values.
				foreach (var pair in AssuranceLevels) {
					fields.Add(Constants.ResponseParameters.AuthLevelAliasPrefix + aliases.GetAlias(pair.Key), pair.Value);
				}
			}
Esempio n. 9
0
        bool IExtensionResponse.Deserialize(IDictionary<string, string> fields, DotNetOpenId.RelyingParty.IAuthenticationResponse response, string typeUri)
        {
            if (fields == null) return false;
            if (!fields.ContainsKey(Constants.ResponseParameters.AuthPolicies)) return false;

            ActualPolicies.Clear();
            string[] actualPolicies = fields[Constants.ResponseParameters.AuthPolicies].Split(' ');
            foreach (string policy in actualPolicies) {
                if (policy.Length > 0)
                    ActualPolicies.Add(policy);
            }

            AuthenticationTimeUtc = null;
            string authTime;
            if (fields.TryGetValue(Constants.ResponseParameters.AuthTime, out authTime)) {
                DateTime authDateTime;
                if (DateTime.TryParse(authTime, CultureInfo.InvariantCulture, DateTimeStyles.AdjustToUniversal, out authDateTime) &&
                    authDateTime.Kind == DateTimeKind.Utc) { // may be unspecified per our option above
                    AuthenticationTimeUtc = authDateTime;
                } else {
                    Logger.ErrorFormat("Invalid format for {0} parameter: {1}",
                        Constants.ResponseParameters.AuthTime, authTime);
                }
            }

            NistAssuranceLevel = null;
            string nistAuthLevel;
            if (fields.TryGetValue(Constants.ResponseParameters.NistAuthLevel, out nistAuthLevel)) {
                int nistAuthLevelNumber;
                if (int.TryParse(nistAuthLevel, out nistAuthLevelNumber) &&
                    nistAuthLevelNumber >= 0 && nistAuthLevelNumber <= 4) {
                    NistAssuranceLevel = (NistAssuranceLevel)nistAuthLevelNumber;
                } else {
                    Logger.Error("Invalid NIST level.");
                }
            }

            return true;
        }
Esempio n. 10
0
 internal static void SetAuthenticationFromScenario(Scenarios scenario, DotNetOpenId.Provider.IAuthenticationRequest request)
 {
     Assert.IsTrue(request.IsReturnUrlDiscoverable);
     switch (scenario) {
         case TestSupport.Scenarios.ExtensionFullCooperation:
         case TestSupport.Scenarios.ExtensionPartialCooperation:
         case TestSupport.Scenarios.AutoApproval:
             // immediately approve
             request.IsAuthenticated = true;
             break;
         case TestSupport.Scenarios.AutoApprovalAddFragment:
             request.SetClaimedIdentifierFragment("frag");
             request.IsAuthenticated = true;
             break;
         case TestSupport.Scenarios.ApproveOnSetup:
             request.IsAuthenticated = !request.Immediate;
             break;
         case TestSupport.Scenarios.AlwaysDeny:
             request.IsAuthenticated = false;
             break;
         default:
             throw new InvalidOperationException("Unrecognized scenario");
     }
 }
Esempio n. 11
0
 internal static IAuthenticationResponse CreateRelyingPartyResponseThroughProvider(
     DotNetOpenId.RelyingParty.IAuthenticationRequest request,
     Action<DotNetOpenId.Provider.IAuthenticationRequest> providerAction)
 {
     var rpReq = (AuthenticationRequest)request;
     var opResponse = CreateProviderResponseToRequest(rpReq, providerAction);
     // Be careful to use whatever store the original RP was using.
     var rp = CreateRelyingPartyResponse(rpReq.RelyingParty.Store, opResponse,
         ((AuthenticationRequest)request).RelyingParty.Settings.RequireSsl);
     Assert.IsNotNull(rp);
     return rp;
 }
Esempio n. 12
0
    internal static IResponse CreateProviderResponseToRequest(
        DotNetOpenId.RelyingParty.IAuthenticationRequest request,
        Action<DotNetOpenId.Provider.IAuthenticationRequest> prepareProviderResponse)
    {
        {
            // Sidetrack: Verify the return_to and realm URLs
            var consumerToProviderQuery = HttpUtility.ParseQueryString(request.RedirectingResponse.ExtractUrl().Query);
            Protocol protocol = Protocol.Detect(consumerToProviderQuery.ToDictionary());
            Assert.IsTrue(consumerToProviderQuery[protocol.openid.return_to].StartsWith(request.ReturnToUrl.AbsoluteUri, StringComparison.Ordinal));
            Assert.AreEqual(request.Realm.ToString(), consumerToProviderQuery[protocol.openid.Realm]);
        }

        var op = TestSupport.CreateProviderForRequest(request);
        var opReq = (DotNetOpenId.Provider.IAuthenticationRequest)op.Request;
        prepareProviderResponse(opReq);
        Assert.IsTrue(opReq.IsResponseReady);
        return opReq.Response;
    }
Esempio n. 13
0
 internal static OpenIdProvider CreateProviderForRequest(DotNetOpenId.RelyingParty.IAuthenticationRequest request)
 {
     IResponse relyingPartyAuthenticationRequest = request.RedirectingResponse;
     var rpWebMessageToOP = (Response)relyingPartyAuthenticationRequest;
     var rpMessageToOP = (IndirectMessageRequest)rpWebMessageToOP.EncodableMessage;
     var opEndpoint = (ServiceEndpoint)request.Provider;
     var provider = new OpenIdProvider(ProviderStore, opEndpoint.ProviderEndpoint,
         opEndpoint.ProviderEndpoint, rpMessageToOP.EncodedFields.ToNameValueCollection());
     return provider;
 }