private static void SetCommenterValuesFromOpenIdResponse(IAuthenticationResponse response, Commenter commenter) { var claimsResponse = response.GetExtension<ClaimsResponse>(); if (claimsResponse != null) { if (string.IsNullOrWhiteSpace(commenter.Name) && string.IsNullOrWhiteSpace(claimsResponse.Nickname) == false) commenter.Name = claimsResponse.Nickname; else if (string.IsNullOrWhiteSpace(commenter.Name) && string.IsNullOrWhiteSpace(claimsResponse.FullName) == false) commenter.Name = claimsResponse.FullName; if (string.IsNullOrWhiteSpace(commenter.Email) && string.IsNullOrWhiteSpace(claimsResponse.Email) == false) commenter.Email = claimsResponse.Email; } var fetchResponse = response.GetExtension<FetchResponse>(); if (fetchResponse != null) // let us try from the attributes { if (string.IsNullOrWhiteSpace(commenter.Email)) commenter.Email = fetchResponse.GetAttributeValue(WellKnownAttributes.Contact.Email); if (string.IsNullOrWhiteSpace(commenter.Name)) { commenter.Name = fetchResponse.GetAttributeValue(WellKnownAttributes.Name.FullName) ?? fetchResponse.GetAttributeValue(WellKnownAttributes.Name.First) + " " + fetchResponse.GetAttributeValue(WellKnownAttributes.Name.Last); } if (string.IsNullOrWhiteSpace(commenter.Url)) { commenter.Url = fetchResponse.GetAttributeValue(WellKnownAttributes.Contact.Web.Blog) ?? fetchResponse.GetAttributeValue(WellKnownAttributes.Contact.Web.Homepage); } } }
private string GetFriendlyName(IAuthenticationResponse authResponse) { string friendlyName = ""; var sregResponse = authResponse.GetExtension <ClaimsResponse>(); var axResponse = authResponse.GetExtension <FetchResponse>(); if (sregResponse != null) { friendlyName = sregResponse.FullName.AsNullIfEmpty() ?? sregResponse.Nickname.AsNullIfEmpty() ?? sregResponse.Email; } else if (axResponse != null) { var fullName = axResponse.GetAttributeValue(WellKnownAttributes.Name.FullName); var firstName = axResponse.GetAttributeValue(WellKnownAttributes.Name.First); var lastName = axResponse.GetAttributeValue(WellKnownAttributes.Name.Last); var email = axResponse.GetAttributeValue(WellKnownAttributes.Contact.Email); friendlyName = fullName.AsNullIfEmpty() ?? ((!string.IsNullOrEmpty(firstName) && !string.IsNullOrEmpty(lastName)) ? firstName + " " + lastName : null) ?? email; } if (string.IsNullOrEmpty(friendlyName)) { friendlyName = authResponse.FriendlyIdentifierForDisplay; } return(friendlyName); }
protected override string HandleUnknownUser(IAuthenticationResponse response) { string username = response.ClaimedIdentifier.ToString(); string email = response.ClaimedIdentifier.ToString(); string comment = null; var sreg = response.GetExtension<DotNetOpenAuth.OpenId.Extensions.SimpleRegistration.ClaimsResponse>(); if (sreg != null) { if (sreg.Nickname != null) { comment = sreg.Nickname; } if (sreg.Email != null) { email = sreg.Email; } } var ax = response.GetExtension<DotNetOpenAuth.OpenId.Extensions.AttributeExchange.FetchResponse>(); if (ax != null) { if (ax.Attributes.Contains(WellKnownAttributes.Contact.Email)) { IList<string> emailAddresses = ax.Attributes[WellKnownAttributes.Contact.Email].Values; email = emailAddresses.Count > 0 ? emailAddresses[0] : email; } if (ax.Attributes.Contains(WellKnownAttributes.Name.Alias)) { IList<string> aliasNames = ax.Attributes[WellKnownAttributes.Name.Alias].Values; comment = aliasNames.Count > 0 ? aliasNames[0] : comment; } } try { var user = Membership.CreateUser(username, Guid.NewGuid().ToString(), email); NHOpenIDMembershipProvider idprov = Provider as NHOpenIDMembershipProvider; MembershipCreateStatus status; idprov.AddIdToUser(user, response.ClaimedIdentifier, out status); if (status == MembershipCreateStatus.Success) { if (String.IsNullOrEmpty(comment)) { user.Comment = email; } else { user.Comment = comment; } Provider.UpdateUser(user); return user.UserName; } else { Provider.DeleteUser(user.UserName, true); } } catch (MembershipCreateUserException) { return null; } return null; }
private static string GetFriendlyName(IAuthenticationResponse response) { var claimsResponse = response.GetExtension <ClaimsResponse>(); if (claimsResponse != null) { if (!string.IsNullOrEmpty(claimsResponse.FullName)) { return(claimsResponse.FullName); } if (!string.IsNullOrEmpty(claimsResponse.Nickname)) { return(claimsResponse.Email); } if (!string.IsNullOrEmpty(claimsResponse.Email)) { return(claimsResponse.Email); } } var fetchResponse = response.GetExtension <FetchResponse>(); if (fetchResponse != null) { var fullName = fetchResponse.GetAttributeValue(WellKnownAttributes.Name.FullName); if (!string.IsNullOrEmpty(fullName)) { return(fullName); } var firstName = fetchResponse.GetAttributeValue(WellKnownAttributes.Name.First); var lastName = fetchResponse.GetAttributeValue(WellKnownAttributes.Name.Last); if (!string.IsNullOrEmpty(firstName) && !string.IsNullOrEmpty(lastName)) { return(fullName + " " + lastName); } var email = fetchResponse.GetAttributeValue(WellKnownAttributes.Contact.Email); if (!string.IsNullOrEmpty(email)) { return(email); } } return(response.FriendlyIdentifierForDisplay); }
/// <summary> /// Processes an incoming authorization-granted message from an SP and obtains an access token. /// </summary> /// <param name="openIdAuthenticationResponse">The OpenID authentication response that may be carrying an authorized request token.</param> /// <returns> /// The access token, or null if OAuth authorization was denied by the user or service provider. /// </returns> /// <remarks> /// The access token, if granted, is automatically stored in the <see cref="ConsumerBase.TokenManager"/>. /// The token manager instance must implement <see cref="IOpenIdOAuthTokenManager"/>. /// </remarks> public AuthorizedTokenResponse ProcessUserAuthorization(IAuthenticationResponse openIdAuthenticationResponse) { Requires.NotNull(openIdAuthenticationResponse, "openIdAuthenticationResponse"); Requires.ValidState(this.TokenManager is IOpenIdOAuthTokenManager); var openidTokenManager = this.TokenManager as IOpenIdOAuthTokenManager; ErrorUtilities.VerifyOperation(openidTokenManager != null, OAuthStrings.OpenIdOAuthExtensionRequiresSpecialTokenManagerInterface, typeof(IOpenIdOAuthTokenManager).FullName); // The OAuth extension is only expected in positive assertion responses. if (openIdAuthenticationResponse.Status != AuthenticationStatus.Authenticated) { return null; } // Retrieve the OAuth extension var positiveAuthorization = openIdAuthenticationResponse.GetExtension<AuthorizationApprovedResponse>(); if (positiveAuthorization == null) { return null; } // Prepare a message to exchange the request token for an access token. // We are careful to use a v1.0 message version so that the oauth_verifier is not required. var requestAccess = new AuthorizedTokenRequest(this.ServiceProvider.AccessTokenEndpoint, Protocol.V10.Version) { RequestToken = positiveAuthorization.RequestToken, ConsumerKey = this.ConsumerKey, }; // Retrieve the access token and store it in the token manager. openidTokenManager.StoreOpenIdAuthorizedRequestToken(this.ConsumerKey, positiveAuthorization); var grantAccess = this.Channel.Request<AuthorizedTokenResponse>(requestAccess); this.TokenManager.ExpireRequestTokenAndStoreNewAccessToken(this.ConsumerKey, positiveAuthorization.RequestToken, grantAccess.AccessToken, grantAccess.TokenSecret); // Provide the caller with the access token so it may be associated with the user // that is logging in. return grantAccess; }
/// <summary> /// Processes an incoming authorization-granted message from an SP and obtains an access token. /// </summary> /// <param name="openIdAuthenticationResponse">The OpenID authentication response that may be carrying an authorized request token.</param> /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The access token, or null if OAuth authorization was denied by the user or service provider. /// </returns> /// <remarks> /// The access token, if granted, is automatically stored in the <see cref="ConsumerBase.TokenManager" />. /// The token manager instance must implement <see cref="IOpenIdOAuthTokenManager" />. /// </remarks> public async Task<AccessTokenResponse> ProcessUserAuthorizationAsync(IAuthenticationResponse openIdAuthenticationResponse, CancellationToken cancellationToken = default(CancellationToken)) { Requires.NotNull(openIdAuthenticationResponse, "openIdAuthenticationResponse"); // The OAuth extension is only expected in positive assertion responses. if (openIdAuthenticationResponse.Status != AuthenticationStatus.Authenticated) { return null; } // Retrieve the OAuth extension var positiveAuthorization = openIdAuthenticationResponse.GetExtension<AuthorizationApprovedResponse>(); if (positiveAuthorization == null) { return null; } using (var client = this.CreateHttpClient(new AccessToken(positiveAuthorization.RequestToken, string.Empty))) { var request = new HttpRequestMessage(this.ServiceProvider.TokenRequestEndpointMethod, this.ServiceProvider.TokenRequestEndpoint); using (var response = await client.SendAsync(request, cancellationToken)) { response.EnsureSuccessStatusCode(); // Parse the response and ensure that it meets the requirements of the OAuth 1.0 spec. string content = await response.Content.ReadAsStringAsync(); var responseData = HttpUtility.ParseQueryString(content); string accessToken = responseData[Protocol.TokenParameter]; string tokenSecret = responseData[Protocol.TokenSecretParameter]; ErrorUtilities.VerifyProtocol(!string.IsNullOrEmpty(accessToken), MessagingStrings.RequiredParametersMissing, typeof(AuthorizedTokenResponse).Name, Protocol.TokenParameter); ErrorUtilities.VerifyProtocol(tokenSecret != null, MessagingStrings.RequiredParametersMissing, typeof(AuthorizedTokenResponse).Name, Protocol.TokenSecretParameter); responseData.Remove(Protocol.TokenParameter); responseData.Remove(Protocol.TokenSecretParameter); return new AccessTokenResponse(accessToken, tokenSecret, responseData); } } }
private void SetUserInformationGeneric(IAuthenticationResponse response) { var userdata = response.GetExtension<ClaimsResponse>(); var email = userdata.Email; FullName = userdata.FullName; Email = email; }
public OpenIdAuthenticationParameters(IAuthenticationResponse authenticationResponse) { ExternalIdentifier = authenticationResponse.ClaimedIdentifier; ExternalDisplayIdentifier = authenticationResponse.FriendlyIdentifierForDisplay; _claims = new List<UserClaims>(); var claimsResponseTranslator = new OpenIdClaimsResponseClaimsTranslator(); var claims1 = claimsResponseTranslator.Translate(authenticationResponse.GetExtension<ClaimsResponse>()); if (claims1 != null) UserClaims.Add(claims1); var fetchResponseTranslator = new OpenIdFetchResponseClaimsTranslator(); var claims2 = fetchResponseTranslator.Translate(authenticationResponse.GetExtension<FetchResponse>()); if (claims2 != null) UserClaims.Add(claims2); }
public ActionResult OpenIdLogin(IAuthenticationResponse response) { switch (response.Status) { case AuthenticationStatus.Authenticated: var claimsResponse = response.GetExtension <ClaimsResponse>(); if (claimsResponse.Email == _adminEmail) { FormsAuthentication.SetAuthCookie(response.ClaimedIdentifier, false); return(RedirectToAction("Index", "Dashboard", new { area = "Admin" })); } break; case AuthenticationStatus.Canceled: ModelState.AddModelError("loginIdentifier", "Login was cancelled at the provider"); break; case AuthenticationStatus.Failed: ModelState.AddModelError("loginIdentifier", "Login failed using the provided OpenID identifier"); break; } return(new EmptyResult()); }
public static UserToken Login(IAuthenticationResponse resp) { if (resp == null) { return(null); } UserToken token = null; if (resp.Status == AuthenticationStatus.Authenticated) { ClaimsResponse ProfileFields = resp.GetExtension <ClaimsResponse>(); User user = GetUserByOpenIDIdentifier(resp.ClaimedIdentifier); if (user != null && user.Active) { token = user.ToToken(); } } Login(token, resp.ClaimedIdentifier); return(token); }
/// <summary> /// Gets the extra data obtained from the response message when authentication is successful. /// </summary> /// <param name="response"> /// The response message. /// </param> /// <returns>A dictionary of profile data; or null if no data is available.</returns> protected override Dictionary <string, string> GetExtraData(IAuthenticationResponse response) { FetchResponse fetchResponse = response.GetExtension <FetchResponse>(); if (fetchResponse != null) { var extraData = new Dictionary <string, string>(); extraData.Add("email", fetchResponse.GetAttributeValue(WellKnownAttributes.Contact.Email)); extraData.Add("country", fetchResponse.GetAttributeValue(WellKnownAttributes.Contact.HomeAddress.Country)); extraData.Add("firstName", fetchResponse.GetAttributeValue(WellKnownAttributes.Name.First)); extraData.Add("lastName", fetchResponse.GetAttributeValue(WellKnownAttributes.Name.Last)); //extraData.Add("city", fetchResponse.GetAttributeValue(WellKnownAttributes.Contact.HomeAddress.City)); //extraData.Add("postalcode", fetchResponse.GetAttributeValue(WellKnownAttributes.Contact.HomeAddress.PostalCode)); //extraData.Add("state", fetchResponse.GetAttributeValue(WellKnownAttributes.Contact.HomeAddress.State)); //extraData.Add("addressone", fetchResponse.GetAttributeValue(WellKnownAttributes.Contact.HomeAddress.StreetAddressLine1)); //extraData.Add("addresstwo", fetchResponse.GetAttributeValue(WellKnownAttributes.Contact.HomeAddress.StreetAddressLine2)); //extraData.Add("birthdate", fetchResponse.GetAttributeValue(WellKnownAttributes.BirthDate.WholeBirthDate)); //extraData.Add("companyname", fetchResponse.GetAttributeValue(WellKnownAttributes.Company.CompanyName)); //extraData.Add("jobtitle", fetchResponse.GetAttributeValue(WellKnownAttributes.Company.JobTitle)); //extraData.Add("gender", fetchResponse.GetAttributeValue(WellKnownAttributes.Person.Gender)); //extraData.Add("fullname", fetchResponse.GetAttributeValue(WellKnownAttributes.Name.FullName)); //extraData.Add("mobile", fetchResponse.GetAttributeValue(WellKnownAttributes.Contact.Phone.Mobile)); //extraData.Add("homepage", fetchResponse.GetAttributeValue(WellKnownAttributes.Contact.Web.Homepage)); return(extraData); } return(null); }
private void SetUserInformationFromGoogle(IAuthenticationResponse response) { var userdata = response.GetExtension<FetchResponse>(); var firstname = userdata.GetAttributeValue(WellKnownAttributes.Name.First); var lastname = userdata.GetAttributeValue(WellKnownAttributes.Name.Last); FullName = firstname + " " + lastname; Email = userdata.GetAttributeValue(WellKnownAttributes.Contact.Email); }
/// <summary> /// Called when an incoming positive assertion is received. /// </summary> /// <param name="assertion">The positive assertion.</param> void IRelyingPartyBehavior.OnIncomingPositiveAssertion(IAuthenticationResponse assertion) { if (assertion.GetExtension <ClaimsResponse>() == null) { ClaimsResponse sreg = assertion.UnifyExtensionsAsSreg(true); ((PositiveAnonymousResponse)assertion).Response.Extensions.Add(sreg); } }
private static void SetCommenterValuesFromOpenIdResponse(IAuthenticationResponse response, Commenter commenter) { var claimsResponse = response.GetExtension <ClaimsResponse>(); if (claimsResponse != null) { if (string.IsNullOrWhiteSpace(commenter.Name) && string.IsNullOrWhiteSpace(claimsResponse.Nickname) == false) { commenter.Name = claimsResponse.Nickname; } else if (string.IsNullOrWhiteSpace(commenter.Name) && string.IsNullOrWhiteSpace(claimsResponse.FullName) == false) { commenter.Name = claimsResponse.FullName; } if (string.IsNullOrWhiteSpace(commenter.Email) && string.IsNullOrWhiteSpace(claimsResponse.Email) == false) { commenter.Email = claimsResponse.Email; } } var fetchResponse = response.GetExtension <FetchResponse>(); if (fetchResponse != null) // let us try from the attributes { if (string.IsNullOrWhiteSpace(commenter.Email)) { commenter.Email = fetchResponse.GetAttributeValue(WellKnownAttributes.Contact.Email); } if (string.IsNullOrWhiteSpace(commenter.Name)) { commenter.Name = fetchResponse.GetAttributeValue(WellKnownAttributes.Name.FullName) ?? fetchResponse.GetAttributeValue(WellKnownAttributes.Name.First) + " " + fetchResponse.GetAttributeValue(WellKnownAttributes.Name.Last); } if (string.IsNullOrWhiteSpace(commenter.Url)) { commenter.Url = fetchResponse.GetAttributeValue(WellKnownAttributes.Contact.Web.Blog) ?? fetchResponse.GetAttributeValue(WellKnownAttributes.Contact.Web.Homepage); } } }
/// <summary> /// Called when an incoming positive assertion is received. /// </summary> /// <param name="assertion">The positive assertion.</param> void IRelyingPartyBehavior.OnIncomingPositiveAssertion(IAuthenticationResponse assertion) { PolicyResponse pape = assertion.GetExtension <PolicyResponse>(); ErrorUtilities.VerifyProtocol( pape != null && pape.ActualPolicies.Contains(AuthenticationPolicies.USGovernmentTrustLevel1) && pape.ActualPolicies.Contains(AuthenticationPolicies.PrivatePersonalIdentifier), BehaviorStrings.PapeResponseOrRequiredPoliciesMissing); ErrorUtilities.VerifyProtocol(AllowPersonallyIdentifiableInformation || pape.ActualPolicies.Contains(AuthenticationPolicies.NoPersonallyIdentifiableInformation), BehaviorStrings.PapeResponseOrRequiredPoliciesMissing); if (pape.ActualPolicies.Contains(AuthenticationPolicies.NoPersonallyIdentifiableInformation)) { ErrorUtilities.VerifyProtocol( assertion.GetExtension <ClaimsResponse>() == null && assertion.GetExtension <FetchResponse>() == null, BehaviorStrings.PiiIncludedWithNoPiiPolicy); } }
/// <summary> /// Gets the extra data obtained from the response message when authentication is successful. /// </summary> /// <param name="response"> /// The response message. /// </param> /// <returns> /// </returns> protected override Dictionary<string, string> GetExtraData(IAuthenticationResponse response) { FetchResponse fetchResponse = response.GetExtension<FetchResponse>(); if (fetchResponse != null) { var extraData = new Dictionary<string, string>(); extraData.AddItemIfNotEmpty("email", fetchResponse.GetAttributeValue(WellKnownAttributes.Contact.Email)); extraData.AddItemIfNotEmpty("fullName", fetchResponse.GetAttributeValue(WellKnownAttributes.Name.FullName)); return extraData; } return null; }
protected override Dictionary<string, string> GetExtraData(IAuthenticationResponse response) { FetchResponse extension = response.GetExtension<FetchResponse>(); if (extension != null) { Dictionary<string, string> dictionary = new Dictionary<string, string>(); dictionary.Add("email", extension.GetAttributeValue("http://axschema.org/contact/email")); dictionary.Add("name", extension.GetAttributeValue("http://axschema.org/namePerson/first") + " " + extension.GetAttributeValue("http://axschema.org/namePerson/last")); return dictionary; } return null; }
protected override Dictionary<string, string> GetExtraData(IAuthenticationResponse response) { var fetchResponse = response.GetExtension<FetchResponse>(); if (fetchResponse != null) { var extraData = new Dictionary<string, string>(); extraData.AddItemIfNotEmpty(ClaimTypes.IsPersistent, fetchResponse.GetAttributeValue(ClaimTypes.IsPersistent)); return extraData; } return null; }
protected override Dictionary <string, string> GetExtraData(IAuthenticationResponse response) { var fetchResponse = response.GetExtension <FetchResponse>(); if (fetchResponse != null) { var extraData = new Dictionary <string, string>(); extraData.AddItemIfNotEmpty(ClaimTypes.IsPersistent, fetchResponse.GetAttributeValue(ClaimTypes.IsPersistent)); extraData.AddItemIfNotEmpty(ClaimTypes.AuthenticationMethod, fetchResponse.GetAttributeValue(ClaimTypes.AuthenticationMethod)); return(extraData); } return(null); }
public OpenIdAuthenticationParameters(IAuthenticationResponse authenticationResponse) { ExternalIdentifier = authenticationResponse.ClaimedIdentifier; ExternalDisplayIdentifier = authenticationResponse.FriendlyIdentifierForDisplay; _claims = new List <UserClaims>(); var claimsResponseTranslator = new OpenIdClaimsResponseClaimsTranslator(); var claims1 = claimsResponseTranslator.Translate(authenticationResponse.GetExtension <ClaimsResponse>()); if (claims1 != null) { UserClaims.Add(claims1); } var fetchResponseTranslator = new OpenIdFetchResponseClaimsTranslator(); var claims2 = fetchResponseTranslator.Translate(authenticationResponse.GetExtension <FetchResponse>()); if (claims2 != null) { UserClaims.Add(claims2); } }
private Interfaces.IAuthenticationResponse GetUserIdentity(IAuthenticationResponse response) { var identifier = response.ClaimedIdentifier; var fetch = response.GetExtension<FetchResponse>(); Interfaces.IUserIdentity userIdentity = (fetch == null) ? null : Factory.GetUserIdentity(response.ClaimedIdentifier.ToString(), fetch.GetAttributeValue(WellKnownAttributes.Name.First), fetch.GetAttributeValue(WellKnownAttributes.Name.Last), fetch.GetAttributeValue(WellKnownAttributes.Contact.Email)); return Factory.AuthenticationResponse(userIdentity); }
public static OpenIdUserData CreateFromResponse(IAuthenticationResponse r) { var userData = new OpenIdUserData(); var claimsResponse = r.GetExtension <ClaimsResponse>(); if (claimsResponse != null) { userData.Email = claimsResponse.Email; userData.DisplayName = claimsResponse.Nickname ?? claimsResponse.FullName; } return(userData); }
/// <summary> /// Gets the extra data obtained from the response message when authentication is successful. /// </summary> /// <param name="response"> /// The response message. /// </param> /// <returns>A dictionary of profile data; or null if no data is available.</returns> protected override NameValueCollection GetExtraData(IAuthenticationResponse response) { FetchResponse fetchResponse = response.GetExtension<FetchResponse>(); if (fetchResponse != null) { var extraData = new NameValueCollection(); extraData.AddItemIfNotEmpty("email", fetchResponse.GetAttributeValue(WellKnownAttributes.Contact.Email)); extraData.AddItemIfNotEmpty("country", fetchResponse.GetAttributeValue(WellKnownAttributes.Contact.HomeAddress.Country)); extraData.AddItemIfNotEmpty("firstName", fetchResponse.GetAttributeValue(WellKnownAttributes.Name.First)); extraData.AddItemIfNotEmpty("lastName", fetchResponse.GetAttributeValue(WellKnownAttributes.Name.Last)); return extraData; } return null; }
/// <summary> /// Log member in from response informations. /// </summary> /// <param name="response">A successfull response from the relying party</param> public void LogInMember(IAuthenticationResponse response) { var fetch = response.GetExtension(typeof(ClaimsResponse)) as ClaimsResponse; string email = null; if (fetch != null) { email = fetch.Email; } Member connectedMember = email == null ? _membershipService.LogIn(response.ClaimedIdentifier.ToString()) : _membershipService.LogIn(response.ClaimedIdentifier.ToString(), email); _sessionRegistry.MemberInformations.UserName = connectedMember.UserName; _sessionRegistry.MemberInformations.OpenId = response.ClaimedIdentifier.ToString(); }
/// <summary> /// Gets the extra data obtained from the response message when authentication is successful. /// </summary> /// <param name="response"> /// The response message. /// </param> /// <returns>A dictionary of profile data; or null if no data is available.</returns> protected override Dictionary <string, string> GetExtraData(IAuthenticationResponse response) { FetchResponse fetchResponse = response.GetExtension <FetchResponse>(); if (fetchResponse != null) { var extraData = new Dictionary <string, string>(); extraData.AddItemIfNotEmpty("email", fetchResponse.GetAttributeValue(WellKnownAttributes.Contact.Email)); extraData.AddItemIfNotEmpty("fullName", fetchResponse.GetAttributeValue(WellKnownAttributes.Name.FullName)); return(extraData); } return(null); }
public OpenIdUser ResponseIntoUser(IAuthenticationResponse response) { var claimResponseUntrusted = response.GetUntrustedExtension<ClaimsResponse>(); var claimResponse = response.GetExtension<ClaimsResponse>(); if (claimResponse != null) { return new OpenIdUser(claimResponse, response.ClaimedIdentifier); } if (claimResponseUntrusted != null) { return new OpenIdUser(claimResponseUntrusted, response.ClaimedIdentifier); } return null; }
/// <summary> /// Log member in from response informations. /// </summary> /// <param name="response">A successfull response from the relying party</param> public void LogInMember(IAuthenticationResponse response) { var fetch = response.GetExtension(typeof(ClaimsResponse)) as ClaimsResponse; string email = null; if (fetch != null) { email = fetch.Email; } Member connectedMember = email == null ? _membershipService.LogIn(response.ClaimedIdentifier.ToString()) : _membershipService.LogIn(response.ClaimedIdentifier.ToString(), email); _sessionRegistry.MemberInformations.UserName = connectedMember.UserName; _sessionRegistry.MemberInformations.OpenId = response.ClaimedIdentifier.ToString(); }
protected override Dictionary <string, string> GetExtraData(IAuthenticationResponse response) { var fetchResponse = response.GetExtension <FetchResponse>(); if (fetchResponse == null) { return(null); } var result = new Dictionary <string, string> (); var fullname = fetchResponse.GetAttributeValue(WellKnownAttributes.Name.First) + " " + fetchResponse.GetAttributeValue(WellKnownAttributes.Name.Last); result.Add(FULLNAME_KEY, fullname); return(result); }
private void ConsumeOpenIdResponse(IAuthenticationResponse response) { FetchResponse fetch = response.GetExtension <FetchResponse>(); if (null != fetch) { Session["OpenIdResponse_trustScore"] = fetch.GetAttributeValue("http://schema.wave.com/endpoint/descriptor/trustScore"); Session["OpenIdResponse_needsSetup"] = fetch.GetAttributeValue("http://schema.wave.com/endpoint/descriptor/needsSetup"); Session["OpenIdResponse_setupURL"] = fetch.GetAttributeValue("http://schema.wave.com/endpoint/descriptor/setupURL"); // needsSetup and setupURL only returned if needed. Returned value is null otherwise. } Session["FriendlyIdentifier"] = response.FriendlyIdentifierForDisplay; FormsAuthentication.SetAuthCookie(response.ClaimedIdentifier, false); return; }
/// <summary> /// Gets the extra data obtained from the response message when authentication is successful. /// </summary> /// <param name="response"> /// The response message. /// </param> /// <returns>A dictionary of profile data; or null if no data is available.</returns> protected override NameValueCollection GetExtraData(IAuthenticationResponse response) { FetchResponse fetchResponse = response.GetExtension <FetchResponse>(); if (fetchResponse != null) { var extraData = new NameValueCollection(); extraData.AddItemIfNotEmpty("email", fetchResponse.GetAttributeValue(WellKnownAttributes.Contact.Email)); extraData.AddItemIfNotEmpty("country", fetchResponse.GetAttributeValue(WellKnownAttributes.Contact.HomeAddress.Country)); extraData.AddItemIfNotEmpty("firstName", fetchResponse.GetAttributeValue(WellKnownAttributes.Name.First)); extraData.AddItemIfNotEmpty("lastName", fetchResponse.GetAttributeValue(WellKnownAttributes.Name.Last)); return(extraData); } return(null); }
private static string FetchEmail(IAuthenticationResponse response) { var fetch = response.GetExtension<FetchResponse>(); string email = string.Empty; if (fetch != null) { email = fetch.GetAttributeValue(WellKnownAttributes.Contact.Email); } if (string.IsNullOrEmpty(email)) { throw new InvalidOperationException("Email is required, but was not supplied by the OpenID provider."); } return email; }
/// <summary> /// Gets the extra data obtained from the response message when authentication is successful. /// </summary> /// <param name="response"> /// The response message. /// </param> /// <returns>A dictionary of profile data; or null if no data is available.</returns> protected override Dictionary <string, string> GetExtraData(IAuthenticationResponse response) { FetchResponse fetchResponse = response.GetExtension <FetchResponse>(); if (fetchResponse != null) { var extraData = new Dictionary <string, string>(); extraData.Add("email", fetchResponse.GetAttributeValue(WellKnownAttributes.Contact.Email)); extraData.Add("country", fetchResponse.GetAttributeValue(WellKnownAttributes.Contact.HomeAddress.Country)); extraData.Add("firstname", fetchResponse.GetAttributeValue(WellKnownAttributes.Name.First)); extraData.Add("lastname", fetchResponse.GetAttributeValue(WellKnownAttributes.Name.Last)); return(extraData); } return(null); }
private OpenIdUser ResponseIntoUser(IAuthenticationResponse response) { OpenIdUser user = null; var claimResponseUntrusted = response.GetUntrustedExtension<FetchResponse>(); var claimResponse = response.GetExtension<FetchResponse>(); if (claimResponse != null) { user = new OpenIdUser(claimResponse, response.ClaimedIdentifier); } else if (claimResponseUntrusted != null) { user = new OpenIdUser(claimResponseUntrusted, response.ClaimedIdentifier); } return user; }
private OpenIdUser ResponseIntoUser(IAuthenticationResponse response) { OpenIdUser user = null; var claimResponseUntrusted = response.GetUntrustedExtension <FetchResponse>(); var claimResponse = response.GetExtension <FetchResponse>(); if (claimResponse != null) { user = new OpenIdUser(claimResponse, response.ClaimedIdentifier); } else if (claimResponseUntrusted != null) { user = new OpenIdUser(claimResponseUntrusted, response.ClaimedIdentifier); } return(user); }
protected async void Page_Load(object sender, EventArgs e) { this.openIdBox.Focus(); using (OpenIdRelyingParty rp = new OpenIdRelyingParty()) { IAuthenticationResponse response = await rp.GetResponseAsync(new HttpRequestWrapper(this.Request), this.Response.ClientDisconnectedToken); if (response != null) { switch (response.Status) { case AuthenticationStatus.ExtensionsOnly: this.ExtensionResponsesPanel.Visible = true; // This is the "success" status we get when no authentication was requested. var sreg = response.GetExtension <ClaimsResponse>(); if (sreg != null) { this.emailLabel.Text = sreg.Email; this.timeZoneLabel.Text = sreg.TimeZone; this.postalCodeLabel.Text = sreg.PostalCode; this.countryLabel.Text = sreg.Country; if (sreg.Gender.HasValue) { this.genderLabel.Text = sreg.Gender.Value.ToString(); } } break; case AuthenticationStatus.Canceled: this.resultMessage.Text = "Canceled at OP. This may be a sign that the OP doesn't support this message."; break; case AuthenticationStatus.Failed: this.resultMessage.Text = "OP returned a failure: " + response.Exception; break; case AuthenticationStatus.SetupRequired: case AuthenticationStatus.Authenticated: default: this.resultMessage.Text = "OP returned an unexpected response."; break; } } } }
protected override Dictionary<string, string> GetExtraData(IAuthenticationResponse response) { var fetchResponse = response.GetExtension<FetchResponse>(); if (fetchResponse != null) { var extraData = new Dictionary<string, string> { {"email", fetchResponse.GetAttributeValue(WellKnownAttributes.Contact.Email)}, {"country", fetchResponse.GetAttributeValue(WellKnownAttributes.Contact.HomeAddress.Country)}, {"firstName", fetchResponse.GetAttributeValue(WellKnownAttributes.Name.First)}, {"lastName", fetchResponse.GetAttributeValue(WellKnownAttributes.Name.Last)} }; return extraData; } return null; }
private AWT2Demo.Domain.Entities.User CreateUserFromOpenIDResponse(IAuthenticationResponse response) { var fetch = response.GetExtension <FetchResponse>(); string email = String.Empty; string firstName = String.Empty; string lastName = String.Empty; if (fetch != null) { email = fetch.GetAttributeValue(WellKnownAttributes.Contact.Email); firstName = fetch.GetAttributeValue(WellKnownAttributes.Name.First); lastName = fetch.GetAttributeValue(WellKnownAttributes.Name.Last); } return(_userRepo.AddUserForClaimedIdentifier(response.ClaimedIdentifier, email, firstName, lastName)); }
private User EnsureUserExists(IAuthenticationResponse response) { var user = Users.Read().SingleOrDefault(u => u.identifier == response.ClaimedIdentifier.ToString()); if (user == null) { var claim = response.GetExtension <ClaimsResponse>(); user = new User { identifier = response.ClaimedIdentifier.ToString(), name = claim.FullName, email = claim.Email }; return(Users.Create(user)); } return(user); }
private IUser GetLoggedUser(IAuthenticationResponse authResponse) { var sregResponse = authResponse.GetExtension <ClaimsResponse>(); var fullName = sregResponse.IfNotNull(r => r.FullName.AsNullIfEmpty()); var nickName = sregResponse.IfNotNull(r => r.Nickname.AsNullIfEmpty()); var email = sregResponse.IfNotNull(r => r.Email.AsNullIfEmpty()); var userToLogin = new User() { ClaimedIdentifier = authResponse.ClaimedIdentifier, Email = email, FullName = fullName, Nickname = nickName }; var loggedUser = LoginUser(userToLogin, false); //setting to true could result in lots of users creating their logins unnecessorily return(loggedUser); }
protected void Page_Load(object sender, EventArgs e) { this.RegisterAsyncTask( new PageAsyncTask( async ct => { if (!IsPostBack && string.Equals(Request.Url.Host, "localhost", StringComparison.OrdinalIgnoreCase)) { // Disable the button since the scenario won't work under localhost, // and this will help encourage the user to read the the text above the button. this.beginButton.Enabled = false; } IAuthenticationResponse authResponse = await relyingParty.GetResponseAsync(new HttpRequestWrapper(Request), Response.ClientDisconnectedToken); if (authResponse != null) { switch (authResponse.Status) { case AuthenticationStatus.Authenticated: State.FetchResponse = authResponse.GetExtension <FetchResponse>(); AccessTokenResponse accessToken = await Global.GoogleWebConsumer.ProcessUserAuthorizationAsync(authResponse, Response.ClientDisconnectedToken); if (accessToken != null) { State.GoogleAccessToken = accessToken.AccessToken; FormsAuthentication.SetAuthCookie(authResponse.ClaimedIdentifier, false); Response.Redirect("~/MembersOnly/DisplayGoogleContacts.aspx"); } else { MultiView1.SetActiveView(AuthorizationDenied); } break; case AuthenticationStatus.Canceled: case AuthenticationStatus.Failed: default: this.MultiView1.SetActiveView(this.AuthenticationFailed); break; } } })); }
protected virtual Dictionary <string, string> CreateAuthInfo(IAuthenticationResponse response) { // This is where you would look for any OpenID extension responses included // in the authentication assertion. var claimsResponse = response.GetExtension <ClaimsResponse>(); var authInfo = claimsResponse.ToDictionary(); authInfo["user_id"] = response.ClaimedIdentifier; //a url // Store off the "friendly" username to display -- NOT for username lookup authInfo["openid_ref"] = response.FriendlyIdentifierForDisplay; var provided = GetAttributeEx(response); foreach (var entry in provided) { authInfo[entry.Key] = entry.Value; } return(authInfo); }
/// <summary> /// Extracts an Attribute Exchange response, if one exists /// </summary> private Dictionary<string, string> GetAttributeEx(IAuthenticationResponse response) { var ret = new Dictionary<string, string>(); var fetchResponse = response.GetExtension<FetchResponse>(); if (fetchResponse == null) return ret; var names = new List<string>(); var emails = new List<string>(); if (fetchResponse.Attributes.Contains("http://schema.openid.net/namePerson")) names.AddRange(fetchResponse.Attributes["http://schema.openid.net/namePerson"].Values); if (fetchResponse.Attributes.Contains(WellKnownAttributes.Name.FullName)) names.AddRange(fetchResponse.Attributes[WellKnownAttributes.Name.FullName].Values); if (fetchResponse.Attributes.Contains(WellKnownAttributes.Name.Alias)) names.AddRange(fetchResponse.Attributes[WellKnownAttributes.Name.Alias].Values); if (fetchResponse.Attributes.Contains(WellKnownAttributes.Name.First)) names.AddRange(fetchResponse.Attributes[WellKnownAttributes.Name.First].Values); if (fetchResponse.Attributes.Contains(WellKnownAttributes.Name.Last)) names.AddRange(fetchResponse.Attributes[WellKnownAttributes.Name.Last].Values); if (fetchResponse.Attributes.Contains("http://schema.openid.net/contact/email")) emails.AddRange(fetchResponse.Attributes["http://schema.openid.net/contact/email"].Values); if (fetchResponse.Attributes.Contains(WellKnownAttributes.Contact.Email)) emails.AddRange(fetchResponse.Attributes[WellKnownAttributes.Contact.Email].Values); if (names.Count > 0) ret["FullName"] = names[0]; if (emails.Count > 0) ret["Email"] = emails[0]; return ret; }
/// <summary> /// Creates a Graywulf principal from the authentication response. /// </summary> /// <param name="response"></param> /// <returns></returns> /// <remarks> /// The function also creates and initializer a registry user object by /// filling in the available information. The user is not save to the /// registry. /// </remarks> private GraywulfPrincipal CreatePrincipal(IAuthenticationResponse response) { var identity = new GraywulfIdentity() { Protocol = this.Protocol, AuthorityName = this.AuthorityName, AuthorityUri = response.Provider.Uri.ToString(), Identifier = response.ClaimedIdentifier, IsAuthenticated = false, User = new User() }; var fetch = response.GetExtension <FetchResponse>(); if (fetch.Attributes.Contains(WellKnownAttributes.Contact.Email)) { identity.User.Name = Util.EmailFormatter.ToUsername(fetch.Attributes[WellKnownAttributes.Contact.Email].Values[0]); } identity.User.Title = fetch.Attributes.Contains(WellKnownAttributes.Name.Prefix) ? fetch.Attributes[WellKnownAttributes.Name.Prefix].Values[0] : ""; identity.User.FirstName = fetch.Attributes.Contains(WellKnownAttributes.Name.First) ? fetch.Attributes[WellKnownAttributes.Name.First].Values[0] : ""; identity.User.MiddleName = fetch.Attributes.Contains(WellKnownAttributes.Name.Middle) ? fetch.Attributes[WellKnownAttributes.Name.Middle].Values[0] : ""; identity.User.LastName = fetch.Attributes.Contains(WellKnownAttributes.Name.Last) ? fetch.Attributes[WellKnownAttributes.Name.Last].Values[0] : ""; // TODO identity.User.Gender = fetch.Attributes.Contains(WellKnownAttributes.Person.Gender) ?fetch.Attributes[WellKnownAttributes.Person.Gender].Values[0]; identity.User.Email = fetch.Attributes.Contains(WellKnownAttributes.Contact.Email) ? fetch.Attributes[WellKnownAttributes.Contact.Email].Values[0] : ""; identity.User.DateOfBirth = fetch.Attributes.Contains(WellKnownAttributes.BirthDate.WholeBirthDate) ? DateTime.Parse(fetch.Attributes[WellKnownAttributes.BirthDate.WholeBirthDate].Values[0]) : new DateTime(1950, 1, 1); identity.User.Company = fetch.Attributes.Contains(WellKnownAttributes.Company.CompanyName) ? fetch.Attributes[WellKnownAttributes.Company.CompanyName].Values[0] : ""; identity.User.JobTitle = fetch.Attributes.Contains(WellKnownAttributes.Company.JobTitle) ? fetch.Attributes[WellKnownAttributes.Company.JobTitle].Values[0] : ""; identity.User.Address = fetch.Attributes.Contains(WellKnownAttributes.Contact.WorkAddress.StreetAddressLine1) ? fetch.Attributes[WellKnownAttributes.Contact.WorkAddress.StreetAddressLine1].Values[0] : ""; identity.User.Address2 = fetch.Attributes.Contains(WellKnownAttributes.Contact.WorkAddress.StreetAddressLine2) ? fetch.Attributes[WellKnownAttributes.Contact.WorkAddress.StreetAddressLine2].Values[0] : ""; identity.User.State = fetch.Attributes.Contains(WellKnownAttributes.Contact.WorkAddress.State) ? fetch.Attributes[WellKnownAttributes.Contact.WorkAddress.State].Values[0] : ""; identity.User.City = fetch.Attributes.Contains(WellKnownAttributes.Contact.WorkAddress.City) ? fetch.Attributes[WellKnownAttributes.Contact.WorkAddress.City].Values[0] : ""; identity.User.Country = fetch.Attributes.Contains(WellKnownAttributes.Contact.WorkAddress.Country) ? fetch.Attributes[WellKnownAttributes.Contact.WorkAddress.Country].Values[0] : ""; identity.User.ZipCode = fetch.Attributes.Contains(WellKnownAttributes.Contact.WorkAddress.PostalCode) ? fetch.Attributes[WellKnownAttributes.Contact.WorkAddress.PostalCode].Values[0] : ""; identity.User.WorkPhone = fetch.Attributes.Contains(WellKnownAttributes.Contact.Phone.Work) ? fetch.Attributes[WellKnownAttributes.Contact.Phone.Work].Values[0] : ""; identity.User.HomePhone = fetch.Attributes.Contains(WellKnownAttributes.Contact.Phone.Home) ? fetch.Attributes[WellKnownAttributes.Contact.Phone.Home].Values[0] : ""; identity.User.CellPhone = fetch.Attributes.Contains(WellKnownAttributes.Contact.Phone.Mobile) ? fetch.Attributes[WellKnownAttributes.Contact.Phone.Mobile].Values[0] : ""; return(new GraywulfPrincipal(identity)); }
/// <summary> /// Processes an incoming authorization-granted message from an SP and obtains an access token. /// </summary> /// <param name="openIdAuthenticationResponse">The OpenID authentication response that may be carrying an authorized request token.</param> /// <returns> /// The access token, or null if OAuth authorization was denied by the user or service provider. /// </returns> /// <remarks> /// The access token, if granted, is automatically stored in the <see cref="ConsumerBase.TokenManager"/>. /// The token manager instance must implement <see cref="IOpenIdOAuthTokenManager"/>. /// </remarks> public AuthorizedTokenResponse ProcessUserAuthorization(IAuthenticationResponse openIdAuthenticationResponse) { Contract.Requires <ArgumentNullException>(openIdAuthenticationResponse != null); Contract.Requires <InvalidOperationException>(this.TokenManager is IOpenIdOAuthTokenManager); var openidTokenManager = this.TokenManager as IOpenIdOAuthTokenManager; ErrorUtilities.VerifyOperation(openidTokenManager != null, OAuthStrings.OpenIdOAuthExtensionRequiresSpecialTokenManagerInterface, typeof(IOpenIdOAuthTokenManager).FullName); // The OAuth extension is only expected in positive assertion responses. if (openIdAuthenticationResponse.Status != AuthenticationStatus.Authenticated) { return(null); } // Retrieve the OAuth extension var positiveAuthorization = openIdAuthenticationResponse.GetExtension <AuthorizationApprovedResponse>(); if (positiveAuthorization == null) { return(null); } // Prepare a message to exchange the request token for an access token. // We are careful to use a v1.0 message version so that the oauth_verifier is not required. var requestAccess = new AuthorizedTokenRequest(this.ServiceProvider.AccessTokenEndpoint, Protocol.V10.Version) { RequestToken = positiveAuthorization.RequestToken, ConsumerKey = this.ConsumerKey, }; // Retrieve the access token and store it in the token manager. openidTokenManager.StoreOpenIdAuthorizedRequestToken(this.ConsumerKey, positiveAuthorization); var grantAccess = this.Channel.Request <AuthorizedTokenResponse>(requestAccess); this.TokenManager.ExpireRequestTokenAndStoreNewAccessToken(this.ConsumerKey, positiveAuthorization.RequestToken, grantAccess.AccessToken, grantAccess.TokenSecret); // Provide the caller with the access token so it may be associated with the user // that is logging in. return(grantAccess); }
public ActionResult RsvpFinish() { IAuthenticationResponse response = relyingParty.GetResponse(); if (response == null) { return(RedirectToAction("Index")); } if (response.Status == AuthenticationStatus.Authenticated) { var dinnerRepository = new DinnerRepository(); int id = int.Parse(response.GetUntrustedCallbackArgument("DinnerId")); Dinner dinner = dinnerRepository.GetDinner(id); // The alias we're getting here is NOT a secure identifier, but a friendly one, // which is all we need for this scenario. string alias = response.FriendlyIdentifierForDisplay; var sreg = response.GetExtension <ClaimsResponse>(); if (sreg != null && sreg.MailAddress != null) { alias = sreg.MailAddress.User; } // NOTE: The alias we've generated for this user isn't guaranteed to be unique. // Need to trim to 30 characters because that's the max for Attendee names. if (!dinner.IsUserRegistered(alias)) { RSVP rsvp = new RSVP(); rsvp.AttendeeName = alias; rsvp.AttendeeNameId = response.ClaimedIdentifier; dinner.RSVPs.Add(rsvp); dinnerRepository.Save(); } } return(RedirectToAction("Details", "Dinners", new { id = response.GetUntrustedCallbackArgument("DinnerId") })); }
/// <summary> /// Processes an incoming authorization-granted message from an SP and obtains an access token. /// </summary> /// <param name="openIdAuthenticationResponse">The OpenID authentication response that may be carrying an authorized request token.</param> /// <param name="cancellationToken">The cancellation token.</param> /// <returns> /// The access token, or null if OAuth authorization was denied by the user or service provider. /// </returns> public async Task <AccessTokenResponse> ProcessUserAuthorizationAsync(IAuthenticationResponse openIdAuthenticationResponse, CancellationToken cancellationToken = default(CancellationToken)) { Requires.NotNull(openIdAuthenticationResponse, "openIdAuthenticationResponse"); // The OAuth extension is only expected in positive assertion responses. if (openIdAuthenticationResponse.Status != AuthenticationStatus.Authenticated) { return(null); } // Retrieve the OAuth extension var positiveAuthorization = openIdAuthenticationResponse.GetExtension <AuthorizationApprovedResponse>(); if (positiveAuthorization == null) { return(null); } using (var client = this.CreateHttpClient(new AccessToken(positiveAuthorization.RequestToken, string.Empty))) { var request = new HttpRequestMessage(this.ServiceProvider.TokenRequestEndpointMethod, this.ServiceProvider.TokenRequestEndpoint); using (var response = await client.SendAsync(request, cancellationToken)) { response.EnsureSuccessStatusCode(); // Parse the response and ensure that it meets the requirements of the OAuth 1.0 spec. string content = await response.Content.ReadAsStringAsync(); var responseData = HttpUtility.ParseQueryString(content); string accessToken = responseData[Protocol.TokenParameter]; string tokenSecret = responseData[Protocol.TokenSecretParameter]; ErrorUtilities.VerifyProtocol(!string.IsNullOrEmpty(accessToken), MessagingStrings.RequiredParametersMissing, typeof(AuthorizedTokenResponse).Name, Protocol.TokenParameter); ErrorUtilities.VerifyProtocol(tokenSecret != null, MessagingStrings.RequiredParametersMissing, typeof(AuthorizedTokenResponse).Name, Protocol.TokenSecretParameter); responseData.Remove(Protocol.TokenParameter); responseData.Remove(Protocol.TokenSecretParameter); return(new AccessTokenResponse(accessToken, tokenSecret, responseData)); } } }
protected override Dictionary<string, string> CreateAuthInfo(IAuthenticationResponse response) { // This is where you would look for any OpenID extension responses included // in the authentication assertion. var claimsResponse = response.GetExtension<ClaimsResponse>(); claimsResponse.PatchCulture(); // Patch the Culture Object conversion issue var authInfo = claimsResponse.ToDictionary(); authInfo["user_id"] = response.ClaimedIdentifier; //a url // Store off the "friendly" username to display -- NOT for username lookup authInfo["openid_ref"] = response.FriendlyIdentifierForDisplay; var provided = GetAttributeEx(response); foreach (var entry in provided) { authInfo[entry.Key] = entry.Value; } return authInfo; }
public ActionResult LogOn() { IAuthenticationResponse response = openId.Response; if (response != null) { if ((response.Status == AuthenticationStatus.Failed) || (response.Status == AuthenticationStatus.Canceled)) { ModelState.AddModelError(ModelStateUserNameKey, TextMessages.UnableToLoginWithYourPreferredOpenIDProvider); } else if (response.Status == AuthenticationStatus.Authenticated) { string userName = response.ClaimedIdentifier; ClaimsResponse fetch = response.GetExtension <ClaimsResponse>(); // Some of the Provider does not return Email // Such as Yahoo, Blogger, Bloglines etc, in that case email will be null string email = (fetch != null) ? fetch.Email : null; UserResult result = userService.Save(userName, email); ModelState.Merge(result.RuleViolations); if (ModelState.IsValid) { bool persistCookie = cookie.GetValue <bool>(CookieRememberMe); formsAuthentication.SetAuthenticationCookie(userName, persistCookie); string returnUrl = cookie.GetValue <string>(CookieReturnUrl); return(Redirect(returnUrl ?? Url.Home())); } } } return(View()); }
public ActionResult OpenIdLogin(IAuthenticationResponse response) { switch (response.Status) { case AuthenticationStatus.Authenticated: var claimsResponse = response.GetExtension<ClaimsResponse>(); if (claimsResponse.Email == _adminEmail) { FormsAuthentication.SetAuthCookie(response.ClaimedIdentifier, false); return RedirectToAction("Index", "Dashboard", new {area = "Admin"}); } break; case AuthenticationStatus.Canceled: ModelState.AddModelError("loginIdentifier", "Login was cancelled at the provider"); break; case AuthenticationStatus.Failed: ModelState.AddModelError("loginIdentifier", "Login failed using the provided OpenID identifier"); break; } return new EmptyResult(); }
/// <summary> /// Logs the user in or creates the user account if the user does not exist. /// Sets the logged user in the session. /// </summary> public static int OpenIdFinishLogin(IAuthenticationResponse response, SessionWrapper session, IUsersService service, bool enableClaimsRequest) { string externalId = response.ClaimedIdentifier.ToString(); User user = service.GetByProviderId(AuthenticationProvider.OpenId, externalId); var claimsResponse = response.GetExtension<ClaimsResponse>(); string name = enableClaimsRequest ? claimsResponse.Nickname : response.FriendlyIdentifierForDisplay; if (user == null) { user = new User(0, name); if (enableClaimsRequest) { user.Email = claimsResponse.Email; user.BirthDate = claimsResponse.BirthDate; } user = service.Add(user, AuthenticationProvider.OpenId, externalId); } else { if (enableClaimsRequest && !claimsResponse.Email.Equals(user.Email, StringComparison.CurrentCultureIgnoreCase)) { user.Email = claimsResponse.Email; service.Edit(user); } } session.SetUser(user, AuthenticationProvider.OpenId); return user.Id; }
private static User CreateUserModelFromOpenAuthReponse(IAuthenticationResponse response, string identifier) { var simpleReg = response.GetExtension<ClaimsResponse>(); var model = new ExTracker.Core.DataModel.User(); model.OpenId = identifier; if (!string.IsNullOrEmpty(simpleReg.Email)) model.EmailAddress = simpleReg.Email; if (!string.IsNullOrEmpty(simpleReg.FullName)) model.Name = simpleReg.FullName; if (!string.IsNullOrEmpty(simpleReg.Nickname)) model.UserName = simpleReg.Nickname; return model; }
/// <summary> /// Extracts an Attribute Exchange response, if one exists /// </summary> private Dictionary <string, string> GetAttributeEx(IAuthenticationResponse response) { var ret = new Dictionary <string, string>(); var fetchResponse = response.GetExtension <FetchResponse>(); if (fetchResponse == null) { return(ret); } var names = new List <string>(); var emails = new List <string>(); if (fetchResponse.Attributes.Contains("http://schema.openid.net/namePerson")) { names.AddRange(fetchResponse.Attributes["http://schema.openid.net/namePerson"].Values); } if (fetchResponse.Attributes.Contains(WellKnownAttributes.Name.FullName)) { names.AddRange(fetchResponse.Attributes[WellKnownAttributes.Name.FullName].Values); } if (fetchResponse.Attributes.Contains(WellKnownAttributes.Name.Alias)) { names.AddRange(fetchResponse.Attributes[WellKnownAttributes.Name.Alias].Values); } if (fetchResponse.Attributes.Contains(WellKnownAttributes.Name.First)) { names.AddRange(fetchResponse.Attributes[WellKnownAttributes.Name.First].Values); } if (fetchResponse.Attributes.Contains(WellKnownAttributes.Name.Last)) { names.AddRange(fetchResponse.Attributes[WellKnownAttributes.Name.Last].Values); } if (fetchResponse.Attributes.Contains("http://schema.openid.net/contact/email")) { emails.AddRange(fetchResponse.Attributes["http://schema.openid.net/contact/email"].Values); } if (fetchResponse.Attributes.Contains(WellKnownAttributes.Contact.Email)) { emails.AddRange(fetchResponse.Attributes[WellKnownAttributes.Contact.Email].Values); } if (names.Count > 0) { ret["FullName"] = names[0]; } if (emails.Count > 0) { ret["Email"] = emails[0]; } return(ret); }
/// <summary> /// Called when an incoming positive assertion is received. /// </summary> /// <param name="assertion">The positive assertion.</param> void IRelyingPartyBehavior.OnIncomingPositiveAssertion(IAuthenticationResponse assertion) { PolicyResponse pape = assertion.GetExtension<PolicyResponse>(); ErrorUtilities.VerifyProtocol( pape != null && pape.ActualPolicies.Contains(AuthenticationPolicies.USGovernmentTrustLevel1) && pape.ActualPolicies.Contains(AuthenticationPolicies.PrivatePersonalIdentifier), BehaviorStrings.PapeResponseOrRequiredPoliciesMissing); ErrorUtilities.VerifyProtocol(AllowPersonallyIdentifiableInformation || pape.ActualPolicies.Contains(AuthenticationPolicies.NoPersonallyIdentifiableInformation), BehaviorStrings.PapeResponseOrRequiredPoliciesMissing); if (pape.ActualPolicies.Contains(AuthenticationPolicies.NoPersonallyIdentifiableInformation)) { ErrorUtilities.VerifyProtocol( assertion.GetExtension<ClaimsResponse>() == null && assertion.GetExtension<FetchResponse>() == null, BehaviorStrings.PiiIncludedWithNoPiiPolicy); } }
private string GetFriendlyName(IAuthenticationResponse authResponse) { string friendlyName = ""; var sregResponse = authResponse.GetExtension<ClaimsResponse>(); var axResponse = authResponse.GetExtension<FetchResponse>(); if (sregResponse != null) { friendlyName = sregResponse.FullName.AsNullIfEmpty() ?? sregResponse.Nickname.AsNullIfEmpty() ?? sregResponse.Email; } else if (axResponse != null) { var fullName = axResponse.GetAttributeValue(WellKnownAttributes.Name.FullName); var firstName = axResponse.GetAttributeValue(WellKnownAttributes.Name.First); var lastName = axResponse.GetAttributeValue(WellKnownAttributes.Name.Last); var email = axResponse.GetAttributeValue(WellKnownAttributes.Contact.Email); friendlyName = fullName.AsNullIfEmpty() ?? ((!string.IsNullOrEmpty(firstName) && !string.IsNullOrEmpty(lastName)) ? firstName + " " + lastName : null) ?? email; } if (string.IsNullOrEmpty(friendlyName)) friendlyName = authResponse.FriendlyIdentifierForDisplay; return friendlyName; }
public virtual UserClaim GetUserClaim(IAuthenticationResponse response) { if (response == null) return null; switch (response.Status) { case AuthenticationStatus.Authenticated: var claimsResponse = response.GetExtension<ClaimsResponse>(); if (claimsResponse != null) { return new UserClaim { Username = claimsResponse.Nickname, Email = claimsResponse.Email, Name = claimsResponse.FullName, Identifier = response.FriendlyIdentifierForDisplay }; } return null; case AuthenticationStatus.Canceled: case AuthenticationStatus.Failed: return null; } return null; }
private AWT2Demo.Domain.Entities.User CreateUserFromOpenIDResponse(IAuthenticationResponse response) { var fetch = response.GetExtension<FetchResponse>(); string email = String.Empty; string firstName = String.Empty; string lastName = String.Empty; if (fetch != null) { email = fetch.GetAttributeValue(WellKnownAttributes.Contact.Email); firstName = fetch.GetAttributeValue(WellKnownAttributes.Name.First); lastName = fetch.GetAttributeValue(WellKnownAttributes.Name.Last); } return _userRepo.AddUserForClaimedIdentifier(response.ClaimedIdentifier, email, firstName, lastName); }
/// <summary> /// Called when an incoming positive assertion is received. /// </summary> /// <param name="assertion">The positive assertion.</param> void IRelyingPartyBehavior.OnIncomingPositiveAssertion(IAuthenticationResponse assertion) { if (assertion.GetExtension<ClaimsResponse>() == null) { ClaimsResponse sreg = assertion.UnifyExtensionsAsSreg(true); ((PositiveAnonymousResponse)assertion).Response.Extensions.Add(sreg); } }
/// <summary> /// Creates a Graywulf principal from the authentication response. /// </summary> /// <param name="response"></param> /// <returns></returns> /// <remarks> /// The function also creates and initializes a registry user object by /// filling in the available information. The user is not saved to the /// registry. /// </remarks> private GraywulfPrincipal CreatePrincipal(IAuthenticationResponse response) { var principal = base.CreatePrincipal(); var identity = principal.Identity; // Read response from OpenID provider var fetch = response.GetExtension<FetchResponse>(); // Fill in identity details based on the response identity.AuthorityUri = response.Provider.Uri.ToString(); identity.Identifier = response.ClaimedIdentifier; identity.User = new User(); // Fill in user details // TODO: how to generate user name from OpenID? identity.User.Name = fetch.Attributes.Contains(WellKnownAttributes.Contact.Email) ? Jhu.Graywulf.Util.EmailFormatter.ToUsername(fetch.Attributes[WellKnownAttributes.Contact.Email].Values[0]) : ""; identity.User.Title = fetch.Attributes.Contains(WellKnownAttributes.Name.Prefix) ? fetch.Attributes[WellKnownAttributes.Name.Prefix].Values[0] : ""; identity.User.FirstName = fetch.Attributes.Contains(WellKnownAttributes.Name.First) ? fetch.Attributes[WellKnownAttributes.Name.First].Values[0] : ""; identity.User.MiddleName = fetch.Attributes.Contains(WellKnownAttributes.Name.Middle) ? fetch.Attributes[WellKnownAttributes.Name.Middle].Values[0] : ""; identity.User.LastName = fetch.Attributes.Contains(WellKnownAttributes.Name.Last) ? fetch.Attributes[WellKnownAttributes.Name.Last].Values[0] : ""; // TODO identity.User.Gender = fetch.Attributes.Contains(WellKnownAttributes.Person.Gender) ?fetch.Attributes[WellKnownAttributes.Person.Gender].Values[0]; identity.User.Email = fetch.Attributes.Contains(WellKnownAttributes.Contact.Email) ? fetch.Attributes[WellKnownAttributes.Contact.Email].Values[0] : ""; identity.User.DateOfBirth = fetch.Attributes.Contains(WellKnownAttributes.BirthDate.WholeBirthDate) ? DateTime.Parse(fetch.Attributes[WellKnownAttributes.BirthDate.WholeBirthDate].Values[0]) : new DateTime(1950, 1, 1); identity.User.Company = fetch.Attributes.Contains(WellKnownAttributes.Company.CompanyName) ? fetch.Attributes[WellKnownAttributes.Company.CompanyName].Values[0] : ""; identity.User.JobTitle = fetch.Attributes.Contains(WellKnownAttributes.Company.JobTitle) ? fetch.Attributes[WellKnownAttributes.Company.JobTitle].Values[0] : ""; identity.User.Address = fetch.Attributes.Contains(WellKnownAttributes.Contact.WorkAddress.StreetAddressLine1) ? fetch.Attributes[WellKnownAttributes.Contact.WorkAddress.StreetAddressLine1].Values[0] : ""; identity.User.Address2 = fetch.Attributes.Contains(WellKnownAttributes.Contact.WorkAddress.StreetAddressLine2) ? fetch.Attributes[WellKnownAttributes.Contact.WorkAddress.StreetAddressLine2].Values[0] : ""; identity.User.State = fetch.Attributes.Contains(WellKnownAttributes.Contact.WorkAddress.State) ? fetch.Attributes[WellKnownAttributes.Contact.WorkAddress.State].Values[0] : ""; identity.User.City = fetch.Attributes.Contains(WellKnownAttributes.Contact.WorkAddress.City) ? fetch.Attributes[WellKnownAttributes.Contact.WorkAddress.City].Values[0] : ""; identity.User.Country = fetch.Attributes.Contains(WellKnownAttributes.Contact.WorkAddress.Country) ? fetch.Attributes[WellKnownAttributes.Contact.WorkAddress.Country].Values[0] : ""; identity.User.ZipCode = fetch.Attributes.Contains(WellKnownAttributes.Contact.WorkAddress.PostalCode) ? fetch.Attributes[WellKnownAttributes.Contact.WorkAddress.PostalCode].Values[0] : ""; identity.User.WorkPhone = fetch.Attributes.Contains(WellKnownAttributes.Contact.Phone.Work) ? fetch.Attributes[WellKnownAttributes.Contact.Phone.Work].Values[0] : ""; identity.User.HomePhone = fetch.Attributes.Contains(WellKnownAttributes.Contact.Phone.Home) ? fetch.Attributes[WellKnownAttributes.Contact.Phone.Home].Values[0] : ""; identity.User.CellPhone = fetch.Attributes.Contains(WellKnownAttributes.Contact.Phone.Mobile) ? fetch.Attributes[WellKnownAttributes.Contact.Phone.Mobile].Values[0] : ""; return principal; }
public UserModel GetOrCreateUser(IAuthenticationResponse openIdResponse) { var ipUriString = openIdResponse.Provider.Uri.ToString(); var upn = openIdResponse.ClaimedIdentifier.ToString(); var dbUser = (from i in BlogDb.IdentityProviders from u in i.Users where i.Uri == ipUriString && u.Upn == upn select u).FirstOrDefault(); if (dbUser == null) { var identityProvider = getIdentityProvider(ipUriString); if (identityProvider == null) { identityProvider = createIdentityProvider(ipUriString); } var details = openIdResponse.GetExtension<ClaimsResponse>(); string nickname = null, email = null; if (details != null) { nickname = details.Nickname; email = details.Email; if (string.IsNullOrEmpty(nickname)) { nickname = openIdResponse.FriendlyIdentifierForDisplay; } } dbUser = createUser(identityProvider.IdentityProviderId, upn, email, nickname); } return GetUser(dbUser.UserId); }
public void Login() { response = new OpenIdRelyingParty().GetResponse(); if (response == null) { var request = new OpenIdRelyingParty().CreateRequest(Url); request.AddExtension ( new ClaimsRequest() { Email = DemandLevel.Require, Language = DemandLevel.Require, TimeZone = DemandLevel.Require, Country = DemandLevel.Require, BirthDate = DemandLevel.Require, PostalCode = DemandLevel.Require, Gender = DemandLevel.Require, Nickname = DemandLevel.Require, FullName = DemandLevel.Require } ); request.RedirectToProvider(); } else if (response != null && response.Status == AuthenticationStatus.Authenticated) { IsAuthenticated = true; //基本 var claimResponse = response.GetExtension<ClaimsResponse>(); User = new NTPCLibrary.User(); User.Identity = response.ClaimedIdentifier.ToString().Split('/').Last(); User.Departments = new List<Department>(); if (claimResponse != null) { User.ID = claimResponse.PostalCode; User.FullName = claimResponse.FullName; User.NickName = claimResponse.Nickname; User.Email = claimResponse.Email; User.Gender = claimResponse != null ? (claimResponse.Gender.Equals(Gender.Male) ? "男" : "女") : string.Empty; User.BirthDate = claimResponse.BirthDate; User.SchoolName = claimResponse.Country; User.ClassRoom = claimResponse.Language; User.Departments = JsonConvert.DeserializeObject<List<Department>>(claimResponse.TimeZone); } //延伸 FetchResponse fetchResponse = response.GetExtension<FetchResponse>(); User.AXExtension = fetchResponse != null ? GetAx(fetchResponse) : "無"; //寫入Cookie Util.SetCookie<User>(OPENID_COOKIE, User, CookieDomain, true); } }