private bool IsValidForUserCreation(OpenIdEventArgs e, ClaimsResponse claim)
{
if (e == null)
{
return(false);
}
if (claim == null)
{
return(false);
}
if (e.ClaimedIdentifier == null)
{
return(false);
}
if (String.IsNullOrEmpty(claim.Email))
{
return(false);
}
if (String.IsNullOrEmpty(claim.FullName))
{
return(false);
}
if (!Email.IsValidEmailAddressSyntax(claim.Email))
{
return(false);
}
// if custom profile fields are required
// must pass them on to registration page
CProfileConfiguration profileConfig = CProfileConfiguration.GetConfig();
if (profileConfig != null)
{
if (profileConfig.HasRequiredCustomProperties())
{
return(false);
}
}
return(true);
}
protected void OpenIdLogin1_LoggedIn(object sender, OpenIdEventArgs e)
{
// prevent the base control from doing forms auth for us
e.Cancel = true;
Guid userGuid = SiteUser.GetUserGuidFromOpenId(
siteSettings.SiteId,
e.ClaimedIdentifier.ToString());
if (userGuid == Guid.Empty)
{
// if enough info is available auto create user
DoNewUserLogic(e);
}
else
{
DoExistingUserLogic(userGuid);
}
}
protected void OpenIdLogin1_LoggedIn1(object sender, OpenIdEventArgs e)
{
ExceptionHandler(this, () =>
{
e.Cancel = true;
if (e.Response != null)
{
string openId = e.Response.ClaimedIdentifier.ToString().Trim();
UserState.OpenIdResponse = new OpenIdResponse(e.Response);
if (UserState.OpenIdResponse.IsAuthenticated)
{
UserState.CurrentUser = PersonFacade.Select(openId);
if (UserState.CurrentUser != null && UserState.CurrentUser.PersonStatus.Equals(Status.Active))
{
SetLoginFormInActive();
SetLoginAuthenticatedActive();
}
else
{
SetLoginAuthenticatedInActive();
SetLoginFormInActive();
Response.Redirect("~/Account/register.aspx", true);
}
}
else
{
SetLoginAuthenticatedInActive();
SetLoginFormInActive();
Response.Redirect("~/Default.aspx", true);
}
}
});
}
protected void OpenIdLogin1_SetupRequired(object sender, OpenIdEventArgs e)
{
setupRequiredLabel.Visible = true;
}
/// <summary>
/// Fired upon login.
/// Note, that straight after login, forms auth will redirect the user to their original page. So this page may never be rendererd.
/// </summary>
protected void OpenIdLogin1_LoggedIn(object sender, OpenIdEventArgs e)
{
State.FriendlyLoginName = e.Response.FriendlyIdentifierForDisplay;
State.ProfileFields = e.Response.GetExtension <ClaimsResponse>();
State.PapePolicies = e.Response.GetExtension <PolicyResponse>();
}
protected void OpenIdLogin1_LoggingIn(object sender, OpenIdEventArgs e)
{
prepareRequest(e.Request);
}
protected void openIdSelector_LoggedIn(object sender, OpenIdEventArgs e)
{
this.LoginUser(RelyingPartyLogic.User.ProcessUserLogin(e.Response));
}
private void DoNewUserLogic(OpenIdEventArgs e)
{
if (e == null)
{
return;
}
ClaimsResponse claim = e.Response.GetExtension <ClaimsResponse>();
if (claim == null)
{
return;
}
if (IsValidForUserCreation(e, claim))
{
if (SiteUser.EmailExistsInDB(siteSettings.SiteId, claim.Email))
{
// show message that user should login and associate
// their open id account on their profile page.
lblError.Text = Resource.OpenIDRegisterUserEmailExistsMessage;
return;
}
else
{
// create user automagically since we have all
// the needed data
SiteUser newUser = new SiteUser(siteSettings);
newUser.Email = claim.Email;
newUser.Name = claim.FullName;
string loginName = newUser.Name.Replace(" ", ".").ToLower();
if (loginName.Length > 50)
{
loginName = loginName.Substring(0, 50);
}
if (SiteUser.LoginExistsInDB(
siteSettings.SiteId, loginName))
{
loginName = e.ClaimedIdentifier.ToString().Replace("http://", string.Empty).Replace("https://", string.Empty).Replace("/", string.Empty);
if (loginName.Length > 50)
{
loginName = loginName.Substring(0, 50);
}
int i = 1;
while (SiteUser.LoginExistsInDB(
siteSettings.SiteId, loginName))
{
loginName += i.ToString();
if (loginName.Length > 50)
{
loginName = loginName.Remove(40, 1);
}
i++;
}
}
newUser.LoginName = loginName;
newUser.Password = SiteUser.CreateRandomPassword(7, WebConfigSettings.PasswordGeneratorChars);
newUser.PasswordQuestion = Resource.ManageUsersDefaultSecurityQuestion;
newUser.PasswordAnswer = Resource.ManageUsersDefaultSecurityAnswer;
newUser.OpenIdUri = e.ClaimedIdentifier.ToString();
newUser.Save();
if (siteSettings.UseSecureRegistration)
{
newUser.SetRegistrationConfirmationGuid(Guid.NewGuid());
}
// track user ip address
UserLocation userLocation = new UserLocation(newUser.UserGuid, SiteUtils.GetIP4Address());
userLocation.SiteGuid = siteSettings.SiteGuid;
userLocation.Hostname = Page.Request.UserHostName;
userLocation.Save();
if (
(siteSettings.UseSecureRegistration) &&
(newUser.RegisterConfirmGuid != Guid.Empty)
)
{
Notification.SendRegistrationConfirmationLink(
SiteUtils.GetSmtpSettings(),
ResourceHelper.GetMessageTemplate("RegisterConfirmEmailMessage.config"),
siteSettings.DefaultEmailFromAddress,
siteSettings.DefaultFromEmailAlias,
newUser.Email,
siteSettings.SiteName,
WebUtils.GetSiteRoot() + "/ConfirmRegistration.aspx?ticket=" +
newUser.RegisterConfirmGuid.ToString());
lblError.Text = Resource.LoginUnconfirmedEmailMessage;
log.Info("Automatically created User " + newUser.Name + " on login from open id. Tried to login but email address is not confirmed.");
return;
}
if (siteSettings.UseEmailForLogin)
{
FormsAuthentication.SetAuthCookie(
newUser.Email, true);
}
else
{
FormsAuthentication.SetAuthCookie(
newUser.LoginName, true);
}
if (WebConfigSettings.UseFoldersInsteadOfHostnamesForMultipleSites)
{
string cookieName = "siteguid" + siteSettings.SiteGuid;
CookieHelper.SetCookie(cookieName, newUser.UserGuid.ToString(), true);
}
newUser.UpdateLastLoginTime();
string redirectUrl = GetRedirectPath();
CookieHelper.ExpireCookie(returnUrlCookieName);
WebUtils.SetupRedirect(this, redirectUrl);
return;
}
}
else
{
// user not found
// required fields not available from open id
// redirect to register page?
// Or show message with Link to
// register page
string registerLinkHref = siteRoot
+ "/Secure/RegisterWithOpenID.aspx";
litNotRegisteredYetMessage.Text
= string.Format(
Resource.OpenIDMustRegisterBeforeLoginMesage,
registerLinkHref);
}
}
protected void OpenIdLogin1_Canceled(object sender, OpenIdEventArgs e)
{
lblLoginCanceled.Visible = true;
}
protected void OpenIdLogin_LoggedIn(object sender, OpenIdEventArgs e)
{
LogUser(e.ClaimedIdentifier.ToString(), e.Response.GetExtension <ClaimsResponse>());
}
protected void OpenIdAjaxTextBox1_UnconfirmedPositiveAssertion(object sender, OpenIdEventArgs e)
{
// This is where we register extensions that we want to have available in javascript
// on the browser.
OpenIdAjaxTextBox1.RegisterClientScriptExtension <ClaimsResponse>("sreg");
}
protected void OpenIdAjaxTextBox1_LoggingIn(object sender, OpenIdEventArgs e)
{
e.Request.AddExtension(new ClaimsRequest {
Email = DemandLevel.Request,
});
}
protected void OpenIdLogin1_LoggedIn(object sender, OpenIdEventArgs e)
{
State.FriendlyLoginName = e.Response.FriendlyIdentifierForDisplay;
}
private void DoNewUserLogic(OpenIdEventArgs e)
{
if (e == null)
{
return;
}
ClaimsResponse claim = e.Response.GetExtension <ClaimsResponse>();
if (claim == null)
{
return;
}
if (IsValidForUserCreation(e, claim))
{
if (SiteUser.EmailExistsInDB(siteSettings.SiteId, claim.Email))
{
// show message that user should login and associate
// their open id account on their profile page.
lblError.Text = Resource.OpenIDRegisterUserEmailExistsMessage;
}
else
{
// create user automagically since we have all
// the needed data
string loginName
= SecurityHelper.RemoveMarkup(e.ClaimedIdentifier.ToString().Replace("http://", string.Empty).Replace("https://", string.Empty).Replace("/", string.Empty));
CreateUser(
e.ClaimedIdentifier.ToString(),
claim.Email,
loginName,
SecurityHelper.RemoveMarkup(claim.FullName));
return;
}
}
else
{
// prompt user to enter needed fields
CookieHelper.SetSecureCookie(openidCookieName, e.ClaimedIdentifier.ToString());
if (
(claim != null) &&
(claim.Email != null) &&
(claim.Email.Length > 3) &&
(Email.IsValidEmailAddressSyntax(claim.Email))
)
{
CookieHelper.SetSecureCookie(openIdEmailCookieName, claim.Email);
divEmailInput.Visible = false;
divEmailDisplay.Visible = true;
litEmail.Text = claim.Email;
}
else
{
divEmailInput.Visible = true;
divEmailDisplay.Visible = false;
}
if (
(claim != null) &&
(claim.FullName != null) &&
(claim.FullName.Length > 0)
)
{
CookieHelper.SetSecureCookie(openIdFullNameCookieName, SecurityHelper.RemoveMarkup(claim.FullName));
}
pnlNeededProfileProperties.Visible = true;
pnlOpenID.Visible = false;
if (e.ClaimedIdentifier != null)
{
litOpenIDURI.Text = e.ClaimedIdentifier.ToString();
}
//PopulateRequiredProfileControls();
//DisplayResults(e);
litInfoNeededMessage.Text = Resource.OpenIDAdditionalInfoNeededMessage;
}
}
protected void identifierBox_LoggingIn(object sender, OpenIdEventArgs e)
{
var consumer = CreateConsumer();
consumer.AttachAuthorizationRequest(e.Request, "http://tempuri.org/IDataApi/GetName");
}
void OpenIdLogin1_Failed(object sender, OpenIdEventArgs e)
{
lblLoginFailed.Visible = true;
}
protected void identifierBox_Failed(object sender, OpenIdEventArgs e)
{
this.MultiView1.SetActiveView(this.AuthenticationFailed);
}
protected void openIdBox_LoggedIn(object sender, OpenIdEventArgs e)
{
this.AddIdentifier(e.ClaimedIdentifier, e.Response.FriendlyIdentifierForDisplay);
}
protected void OpenIdAjaxTextBox1_LoggedIn(object sender, OpenIdEventArgs e)
{
string claimedId = e.Response.ClaimedIdentifier;
// Do something here
}
