internal string GetExtensionClientScript(IClientScriptExtensionResponse extension)
{
var fields = IncomingExtensions.GetExtensionArguments(extension.TypeUri);
if (fields != null)
{
// The extension was found using the preferred TypeUri.
return(extension.InitializeJavaScriptData(fields, this, extension.TypeUri));
}
else
{
// The extension may still be found using secondary TypeUris.
if (extension.AdditionalSupportedTypeUris != null)
{
foreach (string typeUri in extension.AdditionalSupportedTypeUris)
{
fields = IncomingExtensions.GetExtensionArguments(typeUri);
if (fields != null)
{
// We found one of the older ones.
return(extension.InitializeJavaScriptData(fields, this, typeUri));
}
}
}
}
return(null);
}
internal async Task <HttpResponseMessage> ProcessResponseFromPopupAsync(HttpRequestMessage request, Action <AuthenticationStatus> callback, CancellationToken cancellationToken)
{
Requires.NotNull(request, "request");
string extensionsJson = null;
var authResponse = await this.NonVerifyingRelyingParty.GetResponseAsync(request, cancellationToken);
ErrorUtilities.VerifyProtocol(authResponse != null, OpenIdStrings.PopupRedirectMissingResponse);
// Give the caller a chance to notify the hosting page and fill up the clientScriptExtensions collection.
if (callback != null)
{
callback(authResponse.Status);
}
Logger.OpenId.DebugFormat("Popup or iframe callback from OP: {0}", request.RequestUri);
Logger.Controls.DebugFormat(
"An authentication response was found in a popup window or iframe using a non-verifying RP with status: {0}",
authResponse.Status);
if (authResponse.Status == AuthenticationStatus.Authenticated)
{
var extensionsDictionary = new Dictionary <string, string>();
foreach (var pair in this.clientScriptExtensions)
{
IClientScriptExtensionResponse extension = (IClientScriptExtensionResponse)authResponse.GetExtension(pair.Key);
if (extension == null)
{
continue;
}
var positiveResponse = (PositiveAuthenticationResponse)authResponse;
string js = extension.InitializeJavaScriptData(positiveResponse.Response);
if (!string.IsNullOrEmpty(js))
{
extensionsDictionary[pair.Value] = js;
}
}
extensionsJson = MessagingUtilities.CreateJsonObject(extensionsDictionary, true);
}
string payload = "document.URL";
if (request.Method == HttpMethod.Post)
{
// Promote all form variables to the query string, but since it won't be passed
// to any server (this is a javascript window-to-window transfer) the length of
// it can be arbitrarily long, whereas it was POSTed here probably because it
// was too long for HTTP transit.
UriBuilder payloadUri = new UriBuilder(request.RequestUri);
payloadUri.AppendQueryArgs(await Channel.ParseUrlEncodedFormContentAsync(request, cancellationToken));
payload = MessagingUtilities.GetSafeJavascriptValue(payloadUri.Uri.AbsoluteUri);
}
if (!string.IsNullOrEmpty(extensionsJson))
{
payload += ", " + extensionsJson;
}
return(InvokeParentPageScript("dnoa_internal.processAuthorizationResult(" + payload + ")"));
}
/// <summary>
/// Notifies the user agent via an AJAX response of a completed authentication attempt.
/// </summary>
protected override void ScriptClosingPopupOrIFrame()
{
Logger.OpenId.DebugFormat("AJAX (iframe) callback from OP: {0}", this.Page.Request.Url);
string extensionsJson = null;
var authResponse = RelyingPartyNonVerifying.GetResponse();
Logger.Controls.DebugFormat(
"The {0} control checked for an authentication response from a popup window or iframe using a non-verifying RP and found: {1}",
this.ID,
authResponse.Status);
if (authResponse.Status == AuthenticationStatus.Authenticated)
{
this.OnUnconfirmedPositiveAssertion(); // event handler will fill the clientScriptExtensions collection.
var extensionsDictionary = new Dictionary <string, string>();
foreach (var pair in this.clientScriptExtensions)
{
IClientScriptExtensionResponse extension = (IClientScriptExtensionResponse)authResponse.GetExtension(pair.Key);
if (extension == null)
{
continue;
}
var positiveResponse = (PositiveAuthenticationResponse)authResponse;
string js = extension.InitializeJavaScriptData(positiveResponse.Response);
if (!string.IsNullOrEmpty(js))
{
extensionsDictionary[pair.Value] = js;
}
}
extensionsJson = MessagingUtilities.CreateJsonObject(extensionsDictionary, true);
}
string payload = "document.URL";
if (Page.Request.HttpMethod == "POST")
{
// Promote all form variables to the query string, but since it won't be passed
// to any server (this is a javascript window-to-window transfer) the length of
// it can be arbitrarily long, whereas it was POSTed here probably because it
// was too long for HTTP transit.
UriBuilder payloadUri = new UriBuilder(Page.Request.Url);
payloadUri.AppendQueryArgs(Page.Request.Form.ToDictionary());
payload = MessagingUtilities.GetSafeJavascriptValue(payloadUri.Uri.AbsoluteUri);
}
if (!string.IsNullOrEmpty(extensionsJson))
{
payload += ", " + extensionsJson;
}
this.CallbackUserAgentMethod("dnoa_internal.processAuthorizationResult(" + payload + ")");
}
/// <summary>
/// Processes the response received in a popup window or iframe to an AJAX-directed OpenID authentication.
/// </summary>
/// <param name="request">The incoming HTTP request that is expected to carry an OpenID authentication response.</param>
/// <param name="callback">The callback fired after the response status has been determined but before the Javascript response is formulated.</param>
/// <returns>
/// The HTTP response to send to this HTTP request.
/// </returns>
internal OutgoingWebResponse ProcessResponseFromPopup(HttpRequestInfo request, Action <AuthenticationStatus> callback)
{
Contract.Requires <ArgumentNullException>(request != null);
Contract.Ensures(Contract.Result <OutgoingWebResponse>() != null);
string extensionsJson = null;
var authResponse = this.NonVerifyingRelyingParty.GetResponse();
ErrorUtilities.VerifyProtocol(authResponse != null, "OpenID popup window or iframe did not recognize an OpenID response in the request.");
// Give the caller a chance to notify the hosting page and fill up the clientScriptExtensions collection.
if (callback != null)
{
callback(authResponse.Status);
}
Logger.OpenId.DebugFormat("Popup or iframe callback from OP: {0}", request.Url);
Logger.Controls.DebugFormat(
"An authentication response was found in a popup window or iframe using a non-verifying RP with status: {0}",
authResponse.Status);
if (authResponse.Status == AuthenticationStatus.Authenticated)
{
var extensionsDictionary = new Dictionary <string, string>();
foreach (var pair in this.clientScriptExtensions)
{
IClientScriptExtensionResponse extension = (IClientScriptExtensionResponse)authResponse.GetExtension(pair.Key);
if (extension == null)
{
continue;
}
var positiveResponse = (PositiveAuthenticationResponse)authResponse;
string js = extension.InitializeJavaScriptData(positiveResponse.Response);
if (!string.IsNullOrEmpty(js))
{
extensionsDictionary[pair.Value] = js;
}
}
extensionsJson = MessagingUtilities.CreateJsonObject(extensionsDictionary, true);
}
string payload = "document.URL";
if (request.HttpMethod == "POST")
{
// Promote all form variables to the query string, but since it won't be passed
// to any server (this is a javascript window-to-window transfer) the length of
// it can be arbitrarily long, whereas it was POSTed here probably because it
// was too long for HTTP transit.
UriBuilder payloadUri = new UriBuilder(request.Url);
payloadUri.AppendQueryArgs(request.Form.ToDictionary());
payload = MessagingUtilities.GetSafeJavascriptValue(payloadUri.Uri.AbsoluteUri);
}
if (!string.IsNullOrEmpty(extensionsJson))
{
payload += ", " + extensionsJson;
}
return(InvokeParentPageScript("dnoa_internal.processAuthorizationResult(" + payload + ")"));
}
