protected void beginButton_Click(object sender, EventArgs e) {
this.RegisterAsyncTask(
new PageAsyncTask(
async ct => {
if (!this.Page.IsValid) {
return; // don't login if custom validation failed.
}
try {
using (OpenIdRelyingParty rp = new OpenIdRelyingParty()) {
var request =
await
rp.CreateRequestAsync(this.openIdBox.Text, new HttpRequestWrapper(Request), Response.ClientDisconnectedToken);
request.IsExtensionOnly = true;
// This is where you would add any OpenID extensions you wanted
// to include in the request.
request.AddExtension(
new ClaimsRequest {
Email = DemandLevel.Request,
Country = DemandLevel.Request,
Gender = DemandLevel.Require,
PostalCode = DemandLevel.Require,
TimeZone = DemandLevel.Require,
});
await request.RedirectToProviderAsync(new HttpContextWrapper(Context), Response.ClientDisconnectedToken);
}
} catch (ProtocolException ex) {
// The user probably entered an Identifier that
// was not a valid OpenID endpoint.
this.openidValidator.Text = ex.Message;
this.openidValidator.IsValid = false;
}
}));
}
public async Task<ActionResult> Login(string returnUrl) {
var rp = new OpenIdRelyingParty(null);
Realm officialWebSiteHome = Realm.AutoDetect;
Uri returnTo = new Uri(this.Request.Url, this.Url.Action("Authenticate"));
var request = await rp.CreateRequestAsync(WellKnownProviders.Google, officialWebSiteHome, returnTo);
if (returnUrl != null) {
request.SetUntrustedCallbackArgument("returnUrl", returnUrl);
}
var redirectingResponse = await request.GetRedirectingResponseAsync();
return redirectingResponse.AsActionResult();
}
public async Task<ActionResult> OpenId(LoginModel model)
{
Identifier id;
if (Identifier.TryParse(model.OpenID_Identifier, out id))
{
try
{
var openId = new OpenIdRelyingParty();
var returnToUrl = new Uri(Url.Action("OpenIdCallback", "Authentication", new { ReturnUrl = model.ReturnUrl }, Request.Url.Scheme), UriKind.Absolute);
var requestTask = openId.CreateRequestAsync(id, Realm.AutoDetect, returnToUrl);
await requestTask;
var request = requestTask.Result;
// add request for name and email using sreg (OpenID Simple Registration
// Extension)
request.AddExtension(new ClaimsRequest
{
Email = DemandLevel.Require,
FullName = DemandLevel.Require,
Nickname = DemandLevel.Require
});
// also add AX request
var axRequest = new FetchRequest();
axRequest.Attributes.AddRequired(WellKnownAttributes.Name.FullName);
axRequest.Attributes.AddRequired(WellKnownAttributes.Name.First);
axRequest.Attributes.AddRequired(WellKnownAttributes.Name.Last);
axRequest.Attributes.AddRequired(WellKnownAttributes.Contact.Email);
request.AddExtension(axRequest);
var redirectingResponseTask = request.GetRedirectingResponseAsync();
await redirectingResponseTask;
return redirectingResponseTask.Result.AsActionResult();
}
catch (ProtocolException ex)
{
model.Message = ex.Message;
return View("Login", model);
}
}
else
{
model.Message = "Invalid identifier";
return View("Login", model);
}
}
public async Task<ActionResult> LogOn(LogOnModel model, string returnUrl) {
if (ModelState.IsValid) {
var rp = new OpenIdRelyingParty();
var request = await rp.CreateRequestAsync(model.UserSuppliedIdentifier, Realm.AutoDetect, new Uri(Request.Url, Url.Action("Authenticate")));
if (request != null) {
if (returnUrl != null) {
request.AddCallbackArguments("returnUrl", returnUrl);
}
var response = await request.GetRedirectingResponseAsync();
return response.AsActionResult();
} else {
ModelState.AddModelError(string.Empty, "The identifier you supplied is not recognized as a valid OpenID Identifier.");
}
}
// If we got this far, something failed, redisplay form
return View(model);
}
protected void Page_Load(object sender, EventArgs e) {
this.RegisterAsyncTask(
new PageAsyncTask(
async ct => {
using (var openid = new OpenIdRelyingParty()) {
// In order to receive the UIRequest as a response, we must register a custom extension factory.
openid.ExtensionFactories.Add(new UIRequestAtRelyingPartyFactory());
var response = await openid.GetResponseAsync(new HttpRequestWrapper(Request), Response.ClientDisconnectedToken);
if (response == null) {
// Submit an OpenID request which Google must reply to immediately.
// If the user hasn't established a trust relationship with this site yet,
// Google will not give us the user identity, but they will tell us whether the user
// at least has an active login session with them so we know whether to promote the
// "Log in with Google" button.
IAuthenticationRequest request =
await
openid.CreateRequestAsync(
"https://www.google.com/accounts/o8/id", new HttpRequestWrapper(Request), Response.ClientDisconnectedToken);
request.AddExtension(new UIRequest { Mode = UIModeDetectSession });
request.Mode = AuthenticationRequestMode.Immediate;
await request.RedirectToProviderAsync(new HttpContextWrapper(this.Context), Response.ClientDisconnectedToken);
} else {
if (response.Status == AuthenticationStatus.Authenticated) {
this.YouTrustUsLabel.Visible = true;
} else if (response.Status == AuthenticationStatus.SetupRequired) {
// Google refused to authenticate the user without user interaction.
// This is either because Google doesn't know who the user is yet,
// or because the user hasn't indicated to Google to trust this site.
// Google uniquely offers the RP a tip as to which of the above situations is true.
// Figure out which it is. In a real app, you might use this value to promote a
// Google login button on your site if you detect that a Google session exists.
var ext = response.GetUntrustedExtension<UIRequest>();
this.YouAreLoggedInLabel.Visible = ext != null && ext.Mode == UIModeDetectSession;
this.YouAreNotLoggedInLabel.Visible = !this.YouAreLoggedInLabel.Visible;
}
}
}
}));
}
