public void Birthdates() { var response = new ClaimsResponse(); // Verify that they both start out as null Assert.IsNull(response.BirthDateRaw); Assert.IsFalse(response.BirthDate.HasValue); // Verify that null can be set. response.BirthDate = null; response.BirthDateRaw = null; Assert.IsNull(response.BirthDateRaw); Assert.IsFalse(response.BirthDate.HasValue); // Verify that the strong-typed BirthDate property can be set and that it affects the raw property. response.BirthDate = DateTime.Parse("April 4, 1984"); Assert.AreEqual(4, response.BirthDate.Value.Month); Assert.AreEqual("1984-04-04", response.BirthDateRaw); // Verify that the raw property can be set with a complete birthdate and that it affects the strong-typed property. response.BirthDateRaw = "1998-05-08"; Assert.AreEqual("1998-05-08", response.BirthDateRaw); Assert.AreEqual(DateTime.Parse("May 8, 1998", CultureInfo.InvariantCulture), response.BirthDate); // Verify that an partial raw birthdate works, and sets the strong-typed property to null since it cannot be represented. response.BirthDateRaw = "2000-00-00"; Assert.AreEqual("2000-00-00", response.BirthDateRaw); Assert.IsFalse(response.BirthDate.HasValue); }
public void DualIdentifierNoMatchInAssertionVerificationByDefault() { PositiveAssertionResponse assertion = this.GetPositiveAssertion(true); ClaimsResponse extension = new ClaimsResponse(); assertion.Extensions.Add(extension); var rp = CreateRelyingParty(); new PositiveAuthenticationResponse(assertion, rp); // this will throw if it fails to find a match }
/// <summary> /// Initializes a new instance of the <see cref="ClaimsResponseShim"/> class. /// </summary> /// <param name="response">The Simple Registration response to wrap.</param> internal ClaimsResponseShim(ClaimsResponse response) { Contract.Requires(response != null); ErrorUtilities.VerifyArgumentNotNull(response, "response"); this.response = response; }
private void ProccessData(ClaimsResponse claim, string identifier) { Email = claim.Email; FullName = claim.FullName; Nickname = claim.Nickname ?? claim.Email; ClaimedIdentifier = identifier; }
public async Task DualIdentifierNoMatchInAssertionVerificationByDefault() { PositiveAssertionResponse assertion = this.GetPositiveAssertion(true); ClaimsResponse extension = new ClaimsResponse(); assertion.Extensions.Add(extension); var rp = CreateRelyingParty(); await PositiveAuthenticationResponse.CreateAsync(assertion, rp, CancellationToken.None); // this will throw if it fails to find a match }
public static void Clear() { ProfileFields = null; FetchResponse = null; FriendlyLoginName = null; PapePolicies = null; GoogleAccessToken = null; }
private void addClaimInfo(ClaimsResponse claim, string identifier) { Email = claim.Email; FullName = claim.FullName; Nickname = claim.Nickname ?? claim.Email; IsSignedByProvider = claim.IsSignedByProvider; ClaimedIdentifier = identifier; }
public void DualIdentifierMatchesInAssertionVerification() { PositiveAssertionResponse assertion = this.GetPositiveAssertion(true); ClaimsResponse extension = new ClaimsResponse(); assertion.Extensions.Add(extension); var rp = CreateRelyingParty(); rp.SecuritySettings.AllowDualPurposeIdentifiers = true; new PositiveAuthenticationResponse(assertion, rp); // this will throw if it fails to find a match }
public void UnifyExtensionsAsSregWithSreg() { var sregInjected = new ClaimsResponse { Nickname = "andy", }; var axInjected = new FetchResponse(); axInjected.Attributes.Add(WellKnownAttributes.Name.Alias, "nate"); this.extensions.Add(sregInjected); this.extensions.Add(axInjected); var sreg = ExtensionsInteropHelper.UnifyExtensionsAsSreg(this.response, true); Assert.AreSame(sregInjected, sreg); Assert.AreEqual("andy", sreg.Nickname); }
public void NoRequestedExtensions() { var sreg = ExtensionsInteropHelper.UnifyExtensionsAsSreg(this.request); Assert.IsNull(sreg); // Make sure we're still able to send an sreg response. var sregResponse = new ClaimsResponse(); this.request.AddResponseExtension(sregResponse); ExtensionsInteropHelper.ConvertSregToMatchRequest(this.request); var extensions = this.GetResponseExtensions(); Assert.AreSame(sregResponse, extensions.Single()); }
public void NoRequestedExtensions() { var sreg = ExtensionsInteropHelper.UnifyExtensionsAsSreg(this.request); Assert.IsNull(sreg); // Make sure we're still able to send an sreg response. // (not really a valid scenario, since OPs don't have public access // to directly create a response without a request. var sregResponse = new ClaimsResponse(); this.request.AddResponseExtension(sregResponse); ExtensionsInteropHelper.ConvertSregToMatchRequest(this.request); var extensions = this.GetResponseExtensions(); Assert.AreSame(sregResponse, extensions.Single()); }
public void CtorAndProperties() { var responseMessage = new IndirectSignedResponse(Protocol.V20.Version, this.returnTo); var ext = new ClaimsResponse(); responseMessage.Extensions.Add(ext); var response = new PositiveAnonymousResponse(responseMessage); Assert.AreEqual(AuthenticationStatus.ExtensionsOnly, response.Status); Assert.AreSame(responseMessage, response.Response); Assert.IsNull(response.ClaimedIdentifier); Assert.IsNull(response.FriendlyIdentifierForDisplay); Assert.IsNull(response.Exception); Assert.IsNull(response.Provider); Assert.AreSame(ext, response.GetUntrustedExtension<ClaimsResponse>()); }
public void Valid() { PositiveAssertionResponse assertion = this.GetPositiveAssertion(); ClaimsResponse extension = new ClaimsResponse(); assertion.Extensions.Add(extension); var rp = CreateRelyingParty(); var authResponse = new PositiveAuthenticationResponse(assertion, rp); Assert.AreEqual(AuthenticationStatus.Authenticated, authResponse.Status); Assert.IsNull(authResponse.Exception); Assert.AreEqual((string)assertion.ClaimedIdentifier, (string)authResponse.ClaimedIdentifier); Assert.AreEqual(authResponse.Endpoint.FriendlyIdentifierForDisplay, authResponse.FriendlyIdentifierForDisplay); Assert.AreSame(extension, authResponse.GetUntrustedExtension(typeof(ClaimsResponse))); Assert.AreSame(extension, authResponse.GetUntrustedExtension<ClaimsResponse>()); Assert.IsNull(authResponse.GetCallbackArgument("a")); Assert.AreEqual(0, authResponse.GetCallbackArguments().Count); }
private void LogUser(string openId, ClaimsResponse profileFields) { //recupero l'utente da db, oppure lo creo al volo se non esiste MTBUser user = DBHelper.LoadUser(openId); //non esiste? allora lo creo e lo metto nella sessione come NewUser, quindi //rimando alla pagina User che, solo dopo aver inserito i dati obblicatori, lo metterà //finalmente in sessione come User if (user == null) { user = new MTBUser(); user.OpenId = openId; user.Surname = ""; if (profileFields != null) { user.Name = profileFields.FullName; user.EMail = profileFields.Email; user.Nickname = profileFields.Nickname; if (profileFields.Gender != null) { switch (profileFields.Gender.Value) { case Gender.Male: user.Gender = MTBUser.GenderType.Male; break; case Gender.Female: user.Gender = MTBUser.GenderType.Female; break; default: break; } } if (profileFields.BirthDate != null) user.BirthDate = profileFields.BirthDate.Value; } LoginState.NewUser = user; Response.Redirect("User.aspx"); } else { LoginState.User = user; FormsAuthentication.RedirectFromLoginPage("", false); } }
private static AuthenticationToken ProcessUserLogin(string claimedIdentifier, string friendlyIdentifier, ClaimsResponse claims, Token samlToken, bool trustedEmail) { // Create an account for this user if we don't already have one. AuthenticationToken openidToken = Database.DataContext.AuthenticationTokens.FirstOrDefault(token => token.ClaimedIdentifier == claimedIdentifier); if (openidToken == null) { // this is a user we haven't seen before. User user = new User(); openidToken = new AuthenticationToken { ClaimedIdentifier = claimedIdentifier, FriendlyIdentifier = friendlyIdentifier, }; user.AuthenticationTokens.Add(openidToken); // Gather information about the user if it's available. if (claims != null) { if (!string.IsNullOrEmpty(claims.Email)) { user.EmailAddress = claims.Email; user.EmailAddressVerified = trustedEmail; } if (!string.IsNullOrEmpty(claims.FullName)) { if (claims.FullName.IndexOf(' ') > 0) { user.FirstName = claims.FullName.Substring(0, claims.FullName.IndexOf(' ')).Trim(); user.LastName = claims.FullName.Substring(claims.FullName.IndexOf(' ')).Trim(); } else { user.FirstName = claims.FullName; } } } else if (samlToken != null) { string email, givenName, surname; if (samlToken.Claims.TryGetValue(ClaimTypes.Email, out email)) { user.EmailAddress = email; user.EmailAddressVerified = trustedEmail; } if (samlToken.Claims.TryGetValue(ClaimTypes.GivenName, out givenName)) { user.FirstName = givenName; } if (samlToken.Claims.TryGetValue(ClaimTypes.Surname, out surname)) { user.LastName = surname; } } Database.DataContext.AddToUsers(user); } else { openidToken.UsageCount++; openidToken.LastUsedUtc = DateTime.UtcNow; } return openidToken; }
/// <summary> /// Tests equality of two <see cref="ClaimsResponse"/> objects. /// </summary> /// <param name="obj">The <see cref="T:System.Object"/> to compare with the current <see cref="T:System.Object"/>.</param> /// <returns> /// true if the specified <see cref="T:System.Object"/> is equal to the current <see cref="T:System.Object"/>; otherwise, false. /// </returns> /// <exception cref="T:System.NullReferenceException"> /// The <paramref name="obj"/> parameter is null. /// </exception> public override bool Equals(object obj) { ClaimsResponse other = obj as ClaimsResponse; if (other == null) { return(false); } return (this.BirthDateRaw.EqualsNullSafe(other.BirthDateRaw) && this.Country.EqualsNullSafe(other.Country) && this.Language.EqualsNullSafe(other.Language) && this.Email.EqualsNullSafe(other.Email) && this.FullName.EqualsNullSafe(other.FullName) && this.Gender.Equals(other.Gender) && this.Nickname.EqualsNullSafe(other.Nickname) && this.PostalCode.EqualsNullSafe(other.PostalCode) && this.TimeZone.EqualsNullSafe(other.TimeZone)); }
internal static LoginProfile ProfileFromOpenId(ClaimsResponse spprofile, FetchResponse fetchprofile, string claimedId, string realmUrlString) { var profile = new LoginProfile { Link = claimedId, Id = claimedId, Provider = ProviderConstants.OpenId, }; if (spprofile != null) { //Fill profile.BirthDay = spprofile.BirthDateRaw; profile.DisplayName = spprofile.FullName; profile.EMail = spprofile.Email; profile.Name = spprofile.Nickname; profile.Gender = spprofile.Gender.HasValue ? spprofile.Gender.Value.ToString() : ""; profile.TimeZone = spprofile.TimeZone; profile.Locale = spprofile.Language; } if (fetchprofile != null) { profile.Name = fetchprofile.GetAttributeValue(WellKnownAttributes.Name.Alias); profile.LastName = fetchprofile.GetAttributeValue(WellKnownAttributes.Name.Last); profile.FirstName = fetchprofile.GetAttributeValue(WellKnownAttributes.Name.First); profile.DisplayName = fetchprofile.GetAttributeValue(WellKnownAttributes.Name.FullName); profile.MiddleName = fetchprofile.GetAttributeValue(WellKnownAttributes.Name.Middle); profile.Salutation = fetchprofile.GetAttributeValue(WellKnownAttributes.Name.Prefix); profile.Avatar = fetchprofile.GetAttributeValue(WellKnownAttributes.Media.Images.Default); profile.EMail = fetchprofile.GetAttributeValue(WellKnownAttributes.Contact.Email); profile.Gender = fetchprofile.GetAttributeValue(WellKnownAttributes.Person.Gender); profile.BirthDay = fetchprofile.GetAttributeValue(WellKnownAttributes.BirthDate.WholeBirthDate); } profile.RealmUrl = realmUrlString; return profile; }
private bool IsValidForUserCreation(OpenIdEventArgs e, ClaimsResponse claim) { bool result = true; if (claim == null) { return false; } if (String.IsNullOrEmpty(claim.Email)) { return false; } if (String.IsNullOrEmpty(claim.FullName)) { return false; } if (!Email.IsValidEmailAddressSyntax(claim.Email)) { return false; } mojoProfileConfiguration profileConfig = mojoProfileConfiguration.GetConfig(); if (profileConfig.HasRequiredCustomProperties()) { result = false; } return result; }
private void DisplayResults(OpenIdEventArgs e, ClaimsResponse claim) { litResult.Text = "uri: " + e.ClaimedIdentifier.ToString() + "<br />" + "Full Name: " + claim.FullName + "<br />" + "Nickname: " + claim.Nickname + "<br />" + "Birthdate: " + claim.BirthDate.ToString() + "<br />" + "Country: " + claim.Country + "<br />" + "Culture: " + claim.Culture.ToString() + "<br />" + "Gender: " + claim.Gender + "<br />" + "Language: " + claim.Language + "<br />" + "MailAddress: " + claim.MailAddress + "<br />" + "Postal Code: " + claim.PostalCode + " <br />" + "Email: " + claim.Email + "<br />" + "TimeZone: " + claim.TimeZone + "<br />"; }
public static ClaimsResponse UnifyExtensionsAsSreg(this RelyingParty.IAuthenticationResponse response, bool allowUnsigned) { Contract.Requires<ArgumentNullException>(response != null); var resp = (RelyingParty.IAuthenticationResponse)response; var sreg = allowUnsigned ? resp.GetUntrustedExtension<ClaimsResponse>() : resp.GetExtension<ClaimsResponse>(); if (sreg != null) { return sreg; } AXAttributeFormats formats = AXAttributeFormats.All; sreg = new ClaimsResponse(); var fetchResponse = allowUnsigned ? resp.GetUntrustedExtension<FetchResponse>() : resp.GetExtension<FetchResponse>(); if (fetchResponse != null) { ((IOpenIdMessageExtension)sreg).IsSignedByRemoteParty = fetchResponse.IsSignedByProvider; sreg.BirthDateRaw = fetchResponse.GetAttributeValue(WellKnownAttributes.BirthDate.WholeBirthDate, formats); sreg.Country = fetchResponse.GetAttributeValue(WellKnownAttributes.Contact.HomeAddress.Country, formats); sreg.PostalCode = fetchResponse.GetAttributeValue(WellKnownAttributes.Contact.HomeAddress.PostalCode, formats); sreg.Email = fetchResponse.GetAttributeValue(WellKnownAttributes.Contact.Email, formats); sreg.FullName = fetchResponse.GetAttributeValue(WellKnownAttributes.Name.FullName, formats); sreg.Language = fetchResponse.GetAttributeValue(WellKnownAttributes.Preferences.Language, formats); sreg.Nickname = fetchResponse.GetAttributeValue(WellKnownAttributes.Name.Alias, formats); sreg.TimeZone = fetchResponse.GetAttributeValue(WellKnownAttributes.Preferences.TimeZone, formats); string gender = fetchResponse.GetAttributeValue(WellKnownAttributes.Person.Gender, formats); if (gender != null) { sreg.Gender = (Gender)genderEncoder.Decode(gender); } } return sreg; }
/// <summary> /// Initializes a new instance of the <see cref="ClaimsResponseShim"/> class. /// </summary> /// <param name="response">The Simple Registration response to wrap.</param> internal ClaimsResponseShim(ClaimsResponse response) { Requires.NotNull(response, "response"); this.response = response; }
public void InvalidRawBirthdate() { var response = new ClaimsResponse(); response.BirthDateRaw = "2008"; }
private void ParameterizedAXTest(AXAttributeFormats format) { var axInjected = new FetchRequest(); axInjected.Attributes.AddOptional(ExtensionsInteropHelper_Accessor.TransformAXFormat(WellKnownAttributes.Name.Alias, format)); axInjected.Attributes.AddRequired(ExtensionsInteropHelper_Accessor.TransformAXFormat(WellKnownAttributes.Name.FullName, format)); this.extensions.Add(axInjected); var sreg = ExtensionsInteropHelper.UnifyExtensionsAsSreg(this.request); Assert.AreSame(sreg, this.request.GetExtension<ClaimsRequest>()); Assert.AreEqual(DemandLevel.Request, sreg.Nickname); Assert.AreEqual(DemandLevel.Require, sreg.FullName); Assert.AreEqual(DemandLevel.NoRequest, sreg.Language); var sregResponse = new ClaimsResponse { Nickname = "andy", }; this.request.AddResponseExtension(sregResponse); ExtensionsInteropHelper.ConvertSregToMatchRequest(this.request); var extensions = this.GetResponseExtensions(); var axResponse = extensions.OfType<FetchResponse>().Single(); Assert.AreEqual("andy", axResponse.GetAttributeValue(ExtensionsInteropHelper_Accessor.TransformAXFormat(WellKnownAttributes.Name.Alias, format))); }
public bool ValidateOpenIDUser() { try { var response = consumer.GetResponse(); if (response.Status != AuthenticationStatus.Authenticated) { return false; } _sreg = response.GetExtension<ClaimsResponse>(); MembershipUser user = GetUserByOpenId(response.ClaimedIdentifier, true); if (user != null) { FormsAuthentication.RedirectFromLoginPage(user.UserName, false); return true; // never reached, due to redirect } else { throw new OpenIdNotLinkedException(response.ClaimedIdentifier); } } catch (ProtocolException ex) { if (WriteExceptionsToEventLog) { Utility.WriteToEventLog(ex, "ValidateOpenIDUser"); } return false; } catch (OpenIdNotLinkedException nlEx) { throw nlEx; } }
public void SetOpenIdProfileFields(ClaimsResponse value) { if (value == null) { throw new ArgumentNullException("value"); } this.DateOfBirth = value.BirthDate; this.countryDropdownList.SelectedValue = value.Country; this.emailTextBox.Text = value.Email; this.fullnameTextBox.Text = value.FullName; this.Gender = value.Gender; this.languageDropdownList.SelectedValue = value.Language; this.nicknameTextBox.Text = value.Nickname; this.postcodeTextBox.Text = value.PostalCode; this.timezoneDropdownList.SelectedValue = value.TimeZone; }
public void UnifyExtensionsAsSregWithBothSregAndAX() { var sregInjected = new ClaimsRequest { Nickname = DemandLevel.Request, }; this.extensions.Add(sregInjected); var axInjected = new FetchRequest(); axInjected.Attributes.AddOptional(WellKnownAttributes.Contact.Email); this.extensions.Add(axInjected); var sreg = ExtensionsInteropHelper.UnifyExtensionsAsSreg(this.request); Assert.AreSame(sregInjected, sreg); Assert.AreEqual(DemandLevel.Request, sreg.Nickname); Assert.AreEqual(DemandLevel.NoRequest, sreg.Email); var sregResponseInjected = new ClaimsResponse { Nickname = "andy", }; this.request.AddResponseExtension(sregResponseInjected); var axResponseInjected = new FetchResponse(); axResponseInjected.Attributes.Add(WellKnownAttributes.Contact.Email, "*****@*****.**"); this.request.AddResponseExtension(axResponseInjected); ExtensionsInteropHelper.ConvertSregToMatchRequest(this.request); var extensions = this.GetResponseExtensions(); var sregResponse = extensions.OfType<ClaimsResponse>().Single(); Assert.AreEqual("andy", sregResponse.Nickname); var axResponse = extensions.OfType<FetchResponse>().Single(); Assert.AreEqual("*****@*****.**", axResponse.GetAttributeValue(WellKnownAttributes.Contact.Email)); }
public OpenIdUser(ClaimsResponse claim, string identifier) { ProccessData(claim, identifier); }
public OpenIdUser(ClaimsResponse claim, string identifier) { addClaimInfo(claim, identifier); }
public static void Clear() { ProfileFields = null; FriendlyLoginName = null; PapePolicies = null; }
private bool IsValidForUserCreation(OpenIdEventArgs e, ClaimsResponse claim) { if (e == null) return false; if (claim == null) return false; if (e.ClaimedIdentifier == null) { return false; } if (String.IsNullOrEmpty(claim.Email)) { return false; } if (String.IsNullOrEmpty(claim.FullName)) { return false; } if (!Email.IsValidEmailAddressSyntax(claim.Email)) return false; // if custom profile fields are required // must pass them on to registration page mojoProfileConfiguration profileConfig = mojoProfileConfiguration.GetConfig(); if (profileConfig != null) { if (profileConfig.HasRequiredCustomProperties()) return false; } return true; }
public void EmptyMailAddress() { ClaimsResponse response = new ClaimsResponse(Constants.sreg_ns); response.Email = string.Empty; Assert.IsNull(response.MailAddress); }