public virtual ActionResult Authenticate(string returnUrl)
{
IAuthenticationResponse response = Openid.GetResponse();
if (response == null)
{
// Stage 2: user submitting Identifier
Identifier id;
if (Identifier.TryParse(Request.Form["openid_identifier"], out id))
{
try
{
IAuthenticationRequest request = Openid.CreateRequest(Request.Form["openid_identifier"]);
request.AddExtension(new ClaimsRequest
{
Email = DemandLevel.Require,
Nickname = DemandLevel.Request,
FullName = DemandLevel.Request,
BirthDate = DemandLevel.Request
});
return request.RedirectingResponse.AsActionResult();
}
catch (ProtocolException ex)
{
ViewData["Message"] = ex.Message;
return View("Login");
}
}
else
{
ViewData["Message"] = "Invalid identifier";
return View("Login");
}
}
else
{
// Stage 3: OpenID Provider sending assertion response
switch (response.Status)
{
case AuthenticationStatus.Authenticated:
var claimedId = Data.Core.Entities.User.NormalizeOpenId(response.ClaimedIdentifier.ToString().ToLower());
var sreg = response.GetExtension<ClaimsResponse>();
if (sreg == null)
{
ViewData["Message"] = "OpenId did not provide user information";
return View("Login");
}
// check if openid exists, if so log the user in.
// if openid doesn't exist and user is not logged in already then create user
// if openid doesn't exist and user is logged in then merge
var openId = new OpenId() { OpenIdClaim = claimedId, OpenIdProvider = OpenIdProvider.Other };
var checkUser = this._userService.Validate(openId);
// if openid exists in db
if (checkUser == null)
{
// show registration page
var model = new RegisterModel()
{
Email = sreg.Email,
OpenID = claimedId,
UserName = sreg.Nickname,
FullName = sreg.FullName
};
ViewData["Message"] = "Please complete the registration form to complete the process";
TempData["RegisterModel"] = model;
return this.RedirectToAction("Register");
}
else
{
if (User.Identity.IsAuthenticated)
{
// merge this open id with the current user
// show merge view
var model = new MergeModel()
{
Email = sreg.Email,
OpenID = claimedId,
UserName = sreg.Nickname,
FullName = sreg.FullName
};
ViewData["Message"] = "Please complete the registration form to complete the process";
return View("Merge", model);
}
else
{
FormsAuthentication.SetAuthCookie(checkUser.Username, true);
if (Url.IsLocalUrl(returnUrl))
{
return Redirect(returnUrl);
}
return this.RedirectToAction("Index", "Home");
}
}
/*var user = this._userService.Store(openId, sreg.Nickname, sreg.FullName, sreg.Email);
var groups = user.IsAdmin ? "Admin" : string.Empty;
var ticket = new FormsAuthenticationTicket(
1,
user.Id,
DateTime.Now,
DateTime.Now.AddYears(2),
true,
groups);
var encryptedTicket = FormsAuthentication.Encrypt(ticket);
var authenticationCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket) { Expires = ticket.Expiration };
Response.Cookies.Add(authenticationCookie);
if (!string.IsNullOrEmpty(returnUrl))
{
return Redirect(returnUrl);
}*/
return this.RedirectToAction("Index", "Home");
case AuthenticationStatus.Canceled:
ViewData["Message"] = "Canceled at provider";
return View("Login");
case AuthenticationStatus.Failed:
ViewData["Message"] = response.Exception.Message;
return View("Login");
}
}
return new EmptyResult();
}
public virtual ActionResult Register(RegisterModel model)
{
if (ModelState.IsValid)
{
// Attempt to register the user
//MembershipCreateStatus createStatus;
//Membership.CreateUser(model.UserName, model.Password, model.Email, passwordQuestion: null, passwordAnswer: null, isApproved: true, providerUserKey: null, status: out createStatus);
// grab open id if it exists
var openId = new OpenId() { OpenIdClaim = model.OpenID };
// create the account
var user = this._userService.Store(openId, model.UserName, model.FullName, model.Email, model.Password);
if (user != null)
{
FormsAuthentication.SetAuthCookie(user.Id, createPersistentCookie: false);
return RedirectToAction("Index", "Home");
}
ModelState.AddModelError(string.Empty, "Error creating user.");
/*if (createStatus == MembershipCreateStatus.Success)
{
FormsAuthentication.SetAuthCookie(model.UserName, createPersistentCookie: false);
return RedirectToAction("Index", "Home");
}
else
{
ModelState.AddModelError("", ErrorCodeToString(createStatus));
}*/
}
// If we got this far, something failed, redisplay form
return View(model);
}