/// <summary> /// Checks the incoming request and invokes a browser redirect if the URL has not been normalized. /// </summary> /// <seealso cref="IdentityEndpointNormalizationEventArgs.NormalizedIdentifier"/> protected virtual void OnNormalize() { UriIdentifier userSuppliedIdentifier = MessagingUtilities.GetRequestUrlFromContext(); var normalizationArgs = new IdentityEndpointNormalizationEventArgs(userSuppliedIdentifier); var normalizeUri = this.NormalizeUri; if (normalizeUri != null) { normalizeUri(this, normalizationArgs); } else { // Do some best-guess normalization. normalizationArgs.NormalizedIdentifier = BestGuessNormalization(normalizationArgs.UserSuppliedIdentifier); } // If we have a normalized form, we should use it. // We compare path and query with case sensitivity and host name without case sensitivity deliberately, // and the fragment will be asserted or cleared by the OP during authentication. if (normalizationArgs.NormalizedIdentifier != null && (!String.Equals(normalizationArgs.NormalizedIdentifier.Host, normalizationArgs.UserSuppliedIdentifier.Host, StringComparison.OrdinalIgnoreCase) || !String.Equals(normalizationArgs.NormalizedIdentifier.PathAndQuery, normalizationArgs.UserSuppliedIdentifier.PathAndQuery, StringComparison.Ordinal))) { Page.Response.Redirect(normalizationArgs.NormalizedIdentifier.AbsoluteUri); } }
protected void IdentityEndpoint20_NormalizeUri(object sender, IdentityEndpointNormalizationEventArgs e) { string username = Util.ExtractUserName(Page.Request.Url); e.NormalizedIdentifier = new Uri(Util.BuildIdentityUrl(username)); }