internal string GetExtensionClientScript(IClientScriptExtensionResponse extension) { var fields = IncomingExtensions.GetExtensionArguments(extension.TypeUri); if (fields != null) { // The extension was found using the preferred TypeUri. return(extension.InitializeJavaScriptData(fields, this, extension.TypeUri)); } else { // The extension may still be found using secondary TypeUris. if (extension.AdditionalSupportedTypeUris != null) { foreach (string typeUri in extension.AdditionalSupportedTypeUris) { fields = IncomingExtensions.GetExtensionArguments(typeUri); if (fields != null) { // We found one of the older ones. return(extension.InitializeJavaScriptData(fields, this, typeUri)); } } } } return(null); }
internal async Task <HttpResponseMessage> ProcessResponseFromPopupAsync(HttpRequestMessage request, Action <AuthenticationStatus> callback, CancellationToken cancellationToken) { Requires.NotNull(request, "request"); string extensionsJson = null; var authResponse = await this.NonVerifyingRelyingParty.GetResponseAsync(request, cancellationToken); ErrorUtilities.VerifyProtocol(authResponse != null, OpenIdStrings.PopupRedirectMissingResponse); // Give the caller a chance to notify the hosting page and fill up the clientScriptExtensions collection. if (callback != null) { callback(authResponse.Status); } Logger.OpenId.DebugFormat("Popup or iframe callback from OP: {0}", request.RequestUri); Logger.Controls.DebugFormat( "An authentication response was found in a popup window or iframe using a non-verifying RP with status: {0}", authResponse.Status); if (authResponse.Status == AuthenticationStatus.Authenticated) { var extensionsDictionary = new Dictionary <string, string>(); foreach (var pair in this.clientScriptExtensions) { IClientScriptExtensionResponse extension = (IClientScriptExtensionResponse)authResponse.GetExtension(pair.Key); if (extension == null) { continue; } var positiveResponse = (PositiveAuthenticationResponse)authResponse; string js = extension.InitializeJavaScriptData(positiveResponse.Response); if (!string.IsNullOrEmpty(js)) { extensionsDictionary[pair.Value] = js; } } extensionsJson = MessagingUtilities.CreateJsonObject(extensionsDictionary, true); } string payload = "document.URL"; if (request.Method == HttpMethod.Post) { // Promote all form variables to the query string, but since it won't be passed // to any server (this is a javascript window-to-window transfer) the length of // it can be arbitrarily long, whereas it was POSTed here probably because it // was too long for HTTP transit. UriBuilder payloadUri = new UriBuilder(request.RequestUri); payloadUri.AppendQueryArgs(await Channel.ParseUrlEncodedFormContentAsync(request, cancellationToken)); payload = MessagingUtilities.GetSafeJavascriptValue(payloadUri.Uri.AbsoluteUri); } if (!string.IsNullOrEmpty(extensionsJson)) { payload += ", " + extensionsJson; } return(InvokeParentPageScript("dnoa_internal.processAuthorizationResult(" + payload + ")")); }
/// <summary> /// Notifies the user agent via an AJAX response of a completed authentication attempt. /// </summary> protected override void ScriptClosingPopupOrIFrame() { Logger.OpenId.DebugFormat("AJAX (iframe) callback from OP: {0}", this.Page.Request.Url); string extensionsJson = null; var authResponse = RelyingPartyNonVerifying.GetResponse(); Logger.Controls.DebugFormat( "The {0} control checked for an authentication response from a popup window or iframe using a non-verifying RP and found: {1}", this.ID, authResponse.Status); if (authResponse.Status == AuthenticationStatus.Authenticated) { this.OnUnconfirmedPositiveAssertion(); // event handler will fill the clientScriptExtensions collection. var extensionsDictionary = new Dictionary <string, string>(); foreach (var pair in this.clientScriptExtensions) { IClientScriptExtensionResponse extension = (IClientScriptExtensionResponse)authResponse.GetExtension(pair.Key); if (extension == null) { continue; } var positiveResponse = (PositiveAuthenticationResponse)authResponse; string js = extension.InitializeJavaScriptData(positiveResponse.Response); if (!string.IsNullOrEmpty(js)) { extensionsDictionary[pair.Value] = js; } } extensionsJson = MessagingUtilities.CreateJsonObject(extensionsDictionary, true); } string payload = "document.URL"; if (Page.Request.HttpMethod == "POST") { // Promote all form variables to the query string, but since it won't be passed // to any server (this is a javascript window-to-window transfer) the length of // it can be arbitrarily long, whereas it was POSTed here probably because it // was too long for HTTP transit. UriBuilder payloadUri = new UriBuilder(Page.Request.Url); payloadUri.AppendQueryArgs(Page.Request.Form.ToDictionary()); payload = MessagingUtilities.GetSafeJavascriptValue(payloadUri.Uri.AbsoluteUri); } if (!string.IsNullOrEmpty(extensionsJson)) { payload += ", " + extensionsJson; } this.CallbackUserAgentMethod("dnoa_internal.processAuthorizationResult(" + payload + ")"); }
/// <summary> /// Processes the response received in a popup window or iframe to an AJAX-directed OpenID authentication. /// </summary> /// <param name="request">The incoming HTTP request that is expected to carry an OpenID authentication response.</param> /// <param name="callback">The callback fired after the response status has been determined but before the Javascript response is formulated.</param> /// <returns> /// The HTTP response to send to this HTTP request. /// </returns> internal OutgoingWebResponse ProcessResponseFromPopup(HttpRequestInfo request, Action <AuthenticationStatus> callback) { Contract.Requires <ArgumentNullException>(request != null); Contract.Ensures(Contract.Result <OutgoingWebResponse>() != null); string extensionsJson = null; var authResponse = this.NonVerifyingRelyingParty.GetResponse(); ErrorUtilities.VerifyProtocol(authResponse != null, "OpenID popup window or iframe did not recognize an OpenID response in the request."); // Give the caller a chance to notify the hosting page and fill up the clientScriptExtensions collection. if (callback != null) { callback(authResponse.Status); } Logger.OpenId.DebugFormat("Popup or iframe callback from OP: {0}", request.Url); Logger.Controls.DebugFormat( "An authentication response was found in a popup window or iframe using a non-verifying RP with status: {0}", authResponse.Status); if (authResponse.Status == AuthenticationStatus.Authenticated) { var extensionsDictionary = new Dictionary <string, string>(); foreach (var pair in this.clientScriptExtensions) { IClientScriptExtensionResponse extension = (IClientScriptExtensionResponse)authResponse.GetExtension(pair.Key); if (extension == null) { continue; } var positiveResponse = (PositiveAuthenticationResponse)authResponse; string js = extension.InitializeJavaScriptData(positiveResponse.Response); if (!string.IsNullOrEmpty(js)) { extensionsDictionary[pair.Value] = js; } } extensionsJson = MessagingUtilities.CreateJsonObject(extensionsDictionary, true); } string payload = "document.URL"; if (request.HttpMethod == "POST") { // Promote all form variables to the query string, but since it won't be passed // to any server (this is a javascript window-to-window transfer) the length of // it can be arbitrarily long, whereas it was POSTed here probably because it // was too long for HTTP transit. UriBuilder payloadUri = new UriBuilder(request.Url); payloadUri.AppendQueryArgs(request.Form.ToDictionary()); payload = MessagingUtilities.GetSafeJavascriptValue(payloadUri.Uri.AbsoluteUri); } if (!string.IsNullOrEmpty(extensionsJson)) { payload += ", " + extensionsJson; } return(InvokeParentPageScript("dnoa_internal.processAuthorizationResult(" + payload + ")")); }