public virtual ActionResult Authenticate(string returnUrl) { IAuthenticationResponse response = Openid.GetResponse(); if (response == null) { // Stage 2: user submitting Identifier Identifier id; if (Identifier.TryParse(Request.Form["openid_identifier"], out id)) { try { IAuthenticationRequest request = Openid.CreateRequest(Request.Form["openid_identifier"]); request.AddExtension(new ClaimsRequest { Email = DemandLevel.Require, Nickname = DemandLevel.Request, FullName = DemandLevel.Request, BirthDate = DemandLevel.Request }); return request.RedirectingResponse.AsActionResult(); } catch (ProtocolException ex) { ViewData["Message"] = ex.Message; return View("Login"); } } else { ViewData["Message"] = "Invalid identifier"; return View("Login"); } } else { // Stage 3: OpenID Provider sending assertion response switch (response.Status) { case AuthenticationStatus.Authenticated: var claimedId = Data.Core.Entities.User.NormalizeOpenId(response.ClaimedIdentifier.ToString().ToLower()); var sreg = response.GetExtension<ClaimsResponse>(); if (sreg == null) { ViewData["Message"] = "OpenId did not provide user information"; return View("Login"); } // check if openid exists, if so log the user in. // if openid doesn't exist and user is not logged in already then create user // if openid doesn't exist and user is logged in then merge var openId = new OpenId() { OpenIdClaim = claimedId, OpenIdProvider = OpenIdProvider.Other }; var checkUser = this._userService.Validate(openId); // if openid exists in db if (checkUser == null) { // show registration page var model = new RegisterModel() { Email = sreg.Email, OpenID = claimedId, UserName = sreg.Nickname, FullName = sreg.FullName }; ViewData["Message"] = "Please complete the registration form to complete the process"; TempData["RegisterModel"] = model; return this.RedirectToAction("Register"); } else { if (User.Identity.IsAuthenticated) { // merge this open id with the current user // show merge view var model = new MergeModel() { Email = sreg.Email, OpenID = claimedId, UserName = sreg.Nickname, FullName = sreg.FullName }; ViewData["Message"] = "Please complete the registration form to complete the process"; return View("Merge", model); } else { FormsAuthentication.SetAuthCookie(checkUser.Username, true); if (Url.IsLocalUrl(returnUrl)) { return Redirect(returnUrl); } return this.RedirectToAction("Index", "Home"); } } /*var user = this._userService.Store(openId, sreg.Nickname, sreg.FullName, sreg.Email); var groups = user.IsAdmin ? "Admin" : string.Empty; var ticket = new FormsAuthenticationTicket( 1, user.Id, DateTime.Now, DateTime.Now.AddYears(2), true, groups); var encryptedTicket = FormsAuthentication.Encrypt(ticket); var authenticationCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket) { Expires = ticket.Expiration }; Response.Cookies.Add(authenticationCookie); if (!string.IsNullOrEmpty(returnUrl)) { return Redirect(returnUrl); }*/ return this.RedirectToAction("Index", "Home"); case AuthenticationStatus.Canceled: ViewData["Message"] = "Canceled at provider"; return View("Login"); case AuthenticationStatus.Failed: ViewData["Message"] = response.Exception.Message; return View("Login"); } } return new EmptyResult(); }
public virtual ActionResult Register(RegisterModel model) { if (ModelState.IsValid) { // Attempt to register the user //MembershipCreateStatus createStatus; //Membership.CreateUser(model.UserName, model.Password, model.Email, passwordQuestion: null, passwordAnswer: null, isApproved: true, providerUserKey: null, status: out createStatus); // grab open id if it exists var openId = new OpenId() { OpenIdClaim = model.OpenID }; // create the account var user = this._userService.Store(openId, model.UserName, model.FullName, model.Email, model.Password); if (user != null) { FormsAuthentication.SetAuthCookie(user.Id, createPersistentCookie: false); return RedirectToAction("Index", "Home"); } ModelState.AddModelError(string.Empty, "Error creating user."); /*if (createStatus == MembershipCreateStatus.Success) { FormsAuthentication.SetAuthCookie(model.UserName, createPersistentCookie: false); return RedirectToAction("Index", "Home"); } else { ModelState.AddModelError("", ErrorCodeToString(createStatus)); }*/ } // If we got this far, something failed, redisplay form return View(model); }
/// <summary> /// Validates the specified open id. /// </summary> /// <param name="openId">The open id.</param> /// <returns> /// A user. /// </returns> public User Validate(OpenId openId) { // fix the provider if we can GetProvider(ref openId); // Lets find an existing user for the provider OR the email address if the provider doesn't exist. var user = DocumentSession.Query<User>() .SingleOrDefault(x => x.OpenIds.Any(y => y.OpenIdClaim == openId.OpenIdClaim && y.OpenIdProvider == openId.OpenIdProvider)); return user; }
/// <summary> /// Gets the provider. /// </summary> /// <param name="openId">The open id.</param> private static void GetProvider(ref OpenId openId) { // get identifier var identifier = openId.OpenIdClaim.ToLowerInvariant(); // default openId.OpenIdProvider = OpenIdProvider.Other; // override if (identifier.StartsWith(@"https://www.google.com/accounts/o8/id")) { openId.OpenIdProvider = OpenIdProvider.Google; } if (identifier.StartsWith(@"https://me.yahoo.com")) { openId.OpenIdProvider = OpenIdProvider.Yahoo; } if (identifier.Contains(@"//www.google.com/profiles/")) { openId.OpenIdProvider = OpenIdProvider.GoogleProfiles; } if (identifier.StartsWith(@"http://stackauth.com/")) { openId.OpenIdProvider = OpenIdProvider.StackAuth; } // http://username.myopenid.com if (identifier.Contains(@".myopenid.com")) // ^https?:\/\/([-.\w]+)(\.myopenid\.com)+.*$ { openId.OpenIdProvider = OpenIdProvider.MyOpenId; } // http://username.livejournal.com if (identifier.Contains(@".livejournal.com")) { openId.OpenIdProvider = OpenIdProvider.LiveJournal; } // http://openid.aol.com/[Username] if (identifier.Contains(@"http://openid.aol.com/")) { openId.OpenIdProvider = OpenIdProvider.Aol; } // http://openid.claimid.com/USERNAME if (identifier.Contains(@"http://openid.claimid.com/")) { openId.OpenIdProvider = OpenIdProvider.ClaimID; } // http://clickpass.com/public/<username> if (identifier.Contains(@"http://clickpass.com/public/")) { openId.OpenIdProvider = OpenIdProvider.ClickPass; } // blogname.blogspot.com if (identifier.Contains(@".blogspot.com")) { openId.OpenIdProvider = OpenIdProvider.Blogger; } // username.wordpress.com if (identifier.Contains(@".wordpress.com")) { openId.OpenIdProvider = OpenIdProvider.WordPress; } // www.myspace.com/username if (identifier.Contains(@"www.myspace.com")) { openId.OpenIdProvider = OpenIdProvider.MySpace; } // example.pip.verisignalbs.com <- really? Verisign easy to type url... nice if (identifier.Contains(@".pip.verisignalbs.com")) { openId.OpenIdProvider = OpenIdProvider.Versign; } }
/// <summary> /// Stores the specified open id. /// </summary> /// <param name="openId">The open id.</param> /// <param name="userName">Name of the user.</param> /// <param name="fullName">The full name.</param> /// <param name="email">The email.</param> /// <param name="password">The password.</param> /// <returns> /// The validated user. /// </returns> public User Store(OpenId openId, string userName, string fullName, string email, string password) { // the user might not have provided an openid. This could be empty. // conditions Condition.Requires(userName).IsNotNullOrWhiteSpace(); Condition.Requires(fullName).IsNotNullOrWhiteSpace(); var hasOpenId = !string.IsNullOrWhiteSpace(openId.OpenIdClaim); // triggered condition if (hasOpenId) { // fix the provider if we can GetProvider(ref openId); // check has email! maybe this should be an absolute requirement anyway. if (IsVerifiedEmailProvider(openId.OpenIdClaim)) { Condition.Requires(email).IsNotNullOrWhiteSpace(); } } // Lets find an existing user for the provider OR the email address if the provider doesn't exist. If this was a signup without openid then just check the email. var user = hasOpenId ? DocumentSession.Query<User>().SingleOrDefault( x => x.OpenIds.Any( y => y.OpenIdClaim == openId.OpenIdClaim && y.OpenIdProvider == openId.OpenIdProvider)) ?? DocumentSession.Query<User>().SingleOrDefault(x => x.Email == email) : DocumentSession.Query<User>().SingleOrDefault(x => x.Email == email); // if user exists if (user != null) { // User exists, so lets update the OpenId data, for this user. if (user.OpenIds != null) { var existingProvider = user.OpenIds.SingleOrDefault(x => x.OpenIdProvider == openId.OpenIdProvider); if (existingProvider != null) { user.OpenIds.Remove(existingProvider); } } else { user.OpenIds = new List<OpenId>(); } user.OpenIds.Add(openId); } else { // Ok. No user at all. We create one and store it. user = new User { Username = userName, Email = email, Id = null, FullName = fullName, CreationDate = DateTimeOffset.Now, IsActive = true, OAuthData = new List<OAuthData>(), OpenIds = new List<OpenId>(), FavoriteTags = new List<string> { "ravendb", "c#", "asp.net-mvc3" } // obviously this needs to be changed.... }; if (hasOpenId) { // add the openid user.OpenIds.Add(openId); } // set the user's password HashPassword.SetPassword(ref user, password); } DocumentSession.Store(user); DocumentSession.SaveChanges(); return user; }