private static AuthRequest ParseIdentityInfo(FetchResponse response)
{
string server = null;
string deleg = null;
string rel, href;
foreach (NameValueCollection attrs in LinkParser.ParseLinkAttrs(response.data, response.length, response.charset))
{
rel = attrs["rel"];
if (rel != null)
{
href = attrs["href"];
if (rel == "openid.server" && server == null)
if (href != null)
server = href;
if (rel == "openid.delegate" && deleg == null)
if (href != null)
deleg = href;
}
}
if (server == null)
throw new ParseException();
AuthRequest request = new AuthRequest();
request.serverUri = UriUtil.NormalizeUri(server);
if (deleg == null)
request.serverId = response.finalUri;
else
request.serverId = UriUtil.NormalizeUri(deleg);
return request;
}
private void GenToken(Uri consumerId, ref AuthRequest request)
{
string timestamp = DateTime.UtcNow.ToFileTimeUtc().ToString();
MemoryStream ms = new MemoryStream();
byte[] temp = ASCIIEncoding.ASCII.GetBytes(timestamp);
ms.Write(temp, 0, temp.Length);
ms.WriteByte(0);
temp = ASCIIEncoding.ASCII.GetBytes(request.nonce);
ms.Write(temp, 0, temp.Length);
ms.WriteByte(0);
temp = ASCIIEncoding.ASCII.GetBytes(consumerId.AbsoluteUri);
ms.Write(temp, 0, temp.Length);
ms.WriteByte(0);
temp = ASCIIEncoding.ASCII.GetBytes(request.serverId.AbsoluteUri);
ms.Write(temp, 0, temp.Length);
ms.WriteByte(0);
temp = ASCIIEncoding.ASCII.GetBytes(request.serverUri.AbsoluteUri);
ms.Write(temp, 0, temp.Length);
HMACSHA1 hmac = new HMACSHA1(this.store.AuthKey);
byte[] hash = hmac.ComputeHash(ms);
MemoryStream ms2 = new MemoryStream();
ms2.Write(hash, 0, hash.Length);
ms.WriteTo(ms2);
request.token = CryptUtil.ToBase64String(ms2.ToArray());
}
/// <summary>
/// This method is called to construct the redirect URL sent
/// to the browser to ask the server to verify its identity.
/// The generated redirect should be sent to the browser
/// which initiated the authorization request.
/// </summary>
///
/// <param name="request">
/// An instance of <see cref="AuthRequest"/> as returned
/// from BeginAuth.
/// </param>
/// <param name="returnTo">
/// The URL the identity server should redirect back to.
/// </param>
/// <param name="trustRoot">
/// This represents the consumer to the identity server. For example,
/// an ASP application would probably send an absolute URL using
/// the Application path. The OpenId spec,
/// http://www.openid.net/specs.bml#mode-checkid_immediate,
/// has more information on what the trust_root value is for
/// and what its form can be.
/// </param>
///
/// <returns>
/// This method returns a <see cref="System.Uri"/>
/// representing the URL to redirect to when such a URL is
/// successfully constructed.
/// </returns>
public Uri CreateRedirect(Mode mode, AuthRequest request, Uri returnTo, string trustRoot)
{
Association assoc = GetAssociation(request.serverUri, true);
UriBuilder redir = new UriBuilder(request.serverUri);
UriUtil.AppendQueryArgument(redir, "openid.identity", request.serverId.AbsoluteUri);
UriUtil.AppendQueryArgument(redir, "openid.return_to", returnTo.AbsoluteUri);
UriUtil.AppendQueryArgument(redir, "openid.trust_root", trustRoot);
switch (mode) {
case Mode.IMMEDIATE:
UriUtil.AppendQueryArgument(redir, "openid.mode", "checkid_immediate");
break;
case Mode.SETUP:
UriUtil.AppendQueryArgument(redir, "openid.mode", "checkid_setup");
break;
}
if (assoc != null)
UriUtil.AppendQueryArgument(redir, "openid.assoc_handle", assoc.Handle);
this.store.StoreNonce(request.nonce);
return new Uri(redir.ToString(), true);
}
