private async Task SendAssertionAsync(string relyingPartyRealm) { Uri providerEndpoint = new Uri(Request.Url, Page.ResolveUrl("~/server.aspx")); OpenIdProvider op = new OpenIdProvider(); try { // Send user input through identifier parser so we accept more free-form input. string rpSite = Identifier.Parse(relyingPartyRealm); var response = await op.PrepareUnsolicitedAssertionAsync(providerEndpoint, rpSite, Util.BuildIdentityUrl(), Util.BuildIdentityUrl()); await response.SendAsync(); this.Context.Response.End(); } catch (ProtocolException ex) { Label errorLabel = (Label)this.loginView.FindControl("errorLabel"); errorLabel.Visible = true; errorLabel.Text = ex.Message; } }
public async Task UnsolicitedAssertionRejected() { var opStore = new StandardProviderApplicationStore(); Handle(RPUri).By( async req => { var rp = new OpenIdRelyingParty(new StandardRelyingPartyApplicationStore(), this.HostFactories); rp.SecuritySettings.RejectUnsolicitedAssertions = true; IAuthenticationResponse response = await rp.GetResponseAsync(req); Assert.That(response, Is.Not.Null); Assert.AreEqual(AuthenticationStatus.Failed, response.Status); return new HttpResponseMessage(); }); Handle(OPUri).By( async req => { var op = new OpenIdProvider(opStore, this.HostFactories); return await this.AutoProviderActionAsync(op, req, CancellationToken.None); }); this.RegisterMockRPDiscovery(ssl: false); { var op = new OpenIdProvider(opStore, this.HostFactories); Identifier id = GetMockIdentifier(ProtocolVersion.V20); var assertion = await op.PrepareUnsolicitedAssertionAsync(OPUri, RPRealmUri, id, OPLocalIdentifiers[0]); using (var httpClient = this.HostFactories.CreateHttpClient()) { using (var response = await httpClient.GetAsync(assertion.Headers.Location)) { response.EnsureSuccessStatusCode(); } } } }
public async Task AssertionWithEndpointFilter() { var opStore = new StandardProviderApplicationStore(); Handle(RPUri).By( async req => { var rp = new OpenIdRelyingParty(new StandardRelyingPartyApplicationStore(), this.HostFactories); // Rig it to always deny the incoming OP rp.EndpointFilter = op => false; // Receive the unsolicited assertion var response = await rp.GetResponseAsync(req); Assert.That(response, Is.Not.Null); Assert.AreEqual(AuthenticationStatus.Failed, response.Status); return new HttpResponseMessage(); }); this.RegisterAutoProvider(); { var op = new OpenIdProvider(opStore, this.HostFactories); Identifier id = GetMockIdentifier(ProtocolVersion.V20); var assertion = await op.PrepareUnsolicitedAssertionAsync(OPUri, GetMockRealm(false), id, id); using (var httpClient = this.HostFactories.CreateHttpClient()) { using (var response = await httpClient.GetAsync(assertion.Headers.Location)) { response.EnsureSuccessStatusCode(); } } } }