ActionResult AuthorizeUser(string claimedUserId, string ticket, string returnUrl, string userEmail = null, string userName = null) { bool updating = !string.IsNullOrEmpty(ticket); User user = CurrentServiceModel.GetUserFromOpenId(claimedUserId); if (updating) { if (user == null) { ViewData["Message"] = "User not registered"; return(View("Login")); } string newId = GetTicketId(ticket); CurrentServiceModel.UpdateOpenId(claimedUserId, newId); FormsAuthentication.SignOut(); } // Try to migrate users using old Google OpenID to OAuth2 if (user == null && !string.IsNullOrEmpty(userEmail)) { var currentUser = CurrentServiceModel.GetUserByEmail(userEmail); if (currentUser != null && currentUser.OpenId.StartsWith("https://www.google.com/accounts/o8/id")) { CurrentServiceModel.UpdateOpenId(currentUser.OpenId, claimedUserId); user = currentUser; } } // This is a new user, send them to a registration page if (user == null) { ViewData["openid"] = claimedUserId; if (Settings.Default.SupportsMultiApps) { return(Redirect(string.Format("~/home/User/register?openid={0}&name={1}&email={2}", Url.Encode(claimedUserId), Url.Encode(userName), Url.Encode(userEmail)))); } else { return(Redirect(string.Format("~/User/register?openid={0}&name={1}&email={2}", Url.Encode(claimedUserId), Url.Encode(userName), Url.Encode(userEmail)))); } } FormsAuthentication.SetAuthCookie(user.Login, false); if (!string.IsNullOrEmpty(returnUrl)) { return(Redirect(returnUrl)); } else if (updating) { return(Redirect(ControllerHelper.GetActionUrl("home", "Index", "Home"))); } else { return(RedirectToAction("Index", "Home")); } }
public ActionResult Authenticate(string returnUrl, string ticket) { var r = HttpContext.Request; bool updating = !string.IsNullOrEmpty(ticket); string loginView = "Login"; var response = openid.GetResponse(); if (response == null) { // Stage 2: user submitting Identifier Identifier id; if (Identifier.TryParse(Request.Form["openid_identifier"], out id)) { try { string host = updating ? Settings.Default.PreviousWebSiteHost : Settings.Default.WebSiteHost; Realm realm; if (host.All(c => char.IsDigit(c) || c == '.' || c == ':')) { realm = new Realm("http://" + host); } else { realm = new Realm("http://*." + host); } IAuthenticationRequest req = openid.CreateRequest(Request.Form["openid_identifier"]); // IAuthenticationRequest req = openid.CreateRequest (Request.Form["openid_identifier"], realm); OutgoingWebResponse res = req.RedirectingResponse; return(new InternalOutgoingWebResponseActionResult(res)); } catch (ProtocolException ex) { ViewData["Message"] = ex.Message; return(View(loginView)); } } else { ViewData["Message"] = "Invalid identifier"; return(View(loginView)); } } else { // Stage 3: OpenID Provider sending assertion response switch (response.Status) { case AuthenticationStatus.Authenticated: User user = CurrentServiceModel.GetUserFromOpenId(response.ClaimedIdentifier); if (updating) { if (user == null) { ViewData["Message"] = "User not registered"; return(View(loginView)); } string newId = GetTicketId(ticket); CurrentServiceModel.UpdateOpenId(response.ClaimedIdentifier, newId); FormsAuthentication.SignOut(); } // This is a new user, send them to a registration page if (user == null) { ViewData["openid"] = response.ClaimedIdentifier; if (Settings.Default.SupportsMultiApps) { return(Redirect(string.Format("~/home/User/register?openid={0}", Url.Encode(response.ClaimedIdentifier)))); } else { return(Redirect(string.Format("~/User/register?openid={0}", Url.Encode(response.ClaimedIdentifier)))); } } Session["FriendlyIdentifier"] = response.FriendlyIdentifierForDisplay; FormsAuthentication.SetAuthCookie(user.Login, false); if (!string.IsNullOrEmpty(returnUrl)) { return(Redirect(returnUrl)); } else if (updating) { return(Redirect(ControllerHelper.GetActionUrl("home", "Index", "Home"))); } else { return(RedirectToAction("Index", "Home")); } case AuthenticationStatus.Canceled: ViewData["Message"] = "Canceled at provider"; return(View(loginView)); case AuthenticationStatus.Failed: ViewData["Message"] = response.Exception.Message; return(View(loginView)); } } return(new EmptyResult()); }