コード例 #1
0
 public override string GetLoginUrl(HttpContextBase context)
 {
     var culture = CultureInfo.CurrentCulture.Name.ToLowerInvariant();
     var builder = new StringBuilder();
     builder.Append("https://www.facebook.com/dialog/oauth");
     builder.Append("?response_type=token");
     builder.AppendFormat("&redirect_uri={0}", WebUtility.UrlEncode(string.Format("https://{0}/", context.Request.Headers["HOST"])));
     builder.AppendFormat("&client_id={0}", "");
     builder.AppendFormat("&scope={0}", "email");
     builder.AppendFormat("&state={0}", WebUtility.UrlEncode(context.IsAjaxRequest() ? string.Format("/{0}{1}", culture, context.Request.Url.Query) : context.Request.Url.PathAndQuery));
     return builder.ToString();
 }
コード例 #2
0
 public override string GetLoginUrl(HttpContextBase context)
 {
     var culture = CultureInfo.CurrentCulture.Name.ToLowerInvariant();
     var builder = new StringBuilder();
     builder.Append("https://oauth.vk.com/authorize");
     builder.AppendFormat("?client_id={0}", AuthSettings.VkClientId);
     builder.Append("&scope=email");
     builder.AppendFormat("&redirect_uri={0}", WebUtility.UrlEncode(string.Format("https://{0}/", context.Request.Headers["HOST"])));
     builder.Append("&response_type=code");
     builder.Append("&v=5.35");
     // Vk.com UrlDecode the state query before passing it back to us. This is different from how AAD, Google and Facebook do it.
     // Hence the double encoding below to work around that issue.
     builder.AppendFormat("&state={0}", WebUtility.UrlEncode(WebUtility.UrlEncode(context.IsAjaxRequest() ? string.Format("/{0}{1}", culture, context.Request.Url.Query) : context.Request.Url.PathAndQuery)));
     return builder.ToString();
 }
コード例 #3
0
 public override string GetLoginUrl(HttpContextBase context)
 {
     var culture = CultureInfo.CurrentCulture.Name.ToLowerInvariant();
     var builder = new StringBuilder();
     builder.Append(AuthSettings.BaseLoginUrl);
     builder.Append("?response_type=id_token");
     builder.AppendFormat("&redirect_uri={0}", WebUtility.UrlEncode(string.Format("https://{0}/", context.Request.Headers["HOST"])));
     builder.AppendFormat("&client_id={0}", AuthSettings.AADAppId);
     builder.Append("&response_mode=query");
     builder.AppendFormat("&resource={0}", WebUtility.UrlEncode("https://management.core.windows.net/"));
     builder.AppendFormat("&site_id={0}", "500879");
     builder.AppendFormat("&nonce={0}", Guid.NewGuid());
     builder.AppendFormat("&state={0}", WebUtility.UrlEncode(context.IsAjaxRequest() ? string.Format("/{0}{1}", culture, context.Request.Url.Query) : context.Request.Url.PathAndQuery));
     return builder.ToString();
 }
コード例 #4
0
        private static void PostReleaseRequestState(HttpContextBase context)
        {
            if (RequestIsWebResource(context))
                return;

            var builder = context.ClientResources();

            if(context.IsAjaxRequest())
            {
                if(context.IsPartialRenderingRequest())
                    context.Response.Filter = new ClientResourcesPartialViewResponseFilter(context.Response.Filter, context, builder);
            }
            else
                context.Response.Filter = new ClientResourcesResponseFilter(context.Response.Filter, context, builder);

            context.Trace.Write("ClientResourceManager", "Injected client resources into response");
        }
コード例 #5
0
 protected void AuthenticateRequest(HttpContextBase context, Func<HttpContextBase, TokenResults> providerSpecificAuthMethod)
 {
     try
     {
         switch (providerSpecificAuthMethod(context))
         {
             case TokenResults.DoesntExist:
                 if (context.IsAjaxRequest())
                 {
                     context.Response.Headers["LoginUrl"] = GetLoginUrl(context);
                     context.Response.StatusCode = 403; // Forbidden
                 }
                 else
                 {
                     context.Response.RedirectLocation = GetLoginUrl(context);
                     context.Response.StatusCode = 302; // Redirect
                 }
                 break;
             case TokenResults.ExistAndWrong:
                 // Ajax can never send an invalid Bearer token
                 context.Response.RedirectLocation = AuthSettings.LoginErrorPage;
                 context.Response.StatusCode = 302; // Redirect
                 break;
             case TokenResults.ExistsAndCorrect:
                 // Ajax can never send Bearer token
                 context.Response.Cookies.Add(CreateSessionCookie(context.User));
                 context.Response.RedirectLocation = context.Request["state"];
                 context.Response.StatusCode = 302; // Redirect
                 break;
             default:
                 //this should never happen
                 break;
         }
     }
     catch (Exception e)
     {
         SimpleTrace.Diagnostics.Error(e, "General Authentication Exception");
         context.Response.RedirectLocation = AuthSettings.LoginErrorPage;
         context.Response.StatusCode = 302; // Redirect
     }
     finally
     {
         context.Response.End();
     }
 }