/// <summary>
/// Prepares the return value for the GetRequest method in the event of an exception.
/// </summary>
/// <param name="ex">The exception that forms the basis of the error response. Must not be null.</param>
/// <param name="request">The incoming HTTP request. Must not be null.</param>
/// <param name="incomingMessage">The incoming message. May be null in the case that it was malformed.</param>
/// <returns>
/// Either the <see cref="IRequest"/> to return to the host site or null to indicate no response could be reasonably created and that the caller should rethrow the exception.
/// </returns>
private IRequest GetErrorResponse(ProtocolException ex, HttpRequestMessage request, IDirectedProtocolMessage incomingMessage)
{
Requires.NotNull(ex, "ex");
Requires.NotNull(request, "request");
Logger.OpenId.ErrorException("An exception was generated while processing an incoming OpenID request.", ex);
IErrorMessage errorMessage;
// We must create the appropriate error message type (direct vs. indirect)
// based on what we see in the request.
string returnTo = HttpUtility.ParseQueryString(request.RequestUri.Query)[Protocol.Default.openid.return_to];
if (returnTo != null)
{
// An indirect request message from the RP
// We need to return an indirect response error message so the RP can consume it.
// Consistent with OpenID 2.0 section 5.2.3.
var indirectRequest = incomingMessage as SignedResponseRequest;
if (indirectRequest != null)
{
errorMessage = new IndirectErrorResponse(indirectRequest);
}
else
{
errorMessage = new IndirectErrorResponse(Protocol.Default.Version, new Uri(returnTo));
}
}
else if (request.Method == HttpMethod.Post)
{
// A direct request message from the RP
// We need to return a direct response error message so the RP can consume it.
// Consistent with OpenID 2.0 section 5.1.2.2.
errorMessage = new DirectErrorResponse(Protocol.Default.Version, incomingMessage);
}
else
{
// This may be an indirect request from an RP that was so badly
// formed that we cannot even return an error to the RP.
// The best we can do is display an error to the user.
// Returning null cues the caller to "throw;"
return(null);
}
errorMessage.ErrorMessage = ex.ToStringDescriptive();
// Allow host to log this error and issue a ticket #.
// We tear off the field to a local var for thread safety.
IErrorReporting hostErrorHandler = this.ErrorReporting;
if (hostErrorHandler != null)
{
errorMessage.Contact = hostErrorHandler.Contact;
errorMessage.Reference = hostErrorHandler.LogError(ex);
}
if (incomingMessage != null)
{
return(new AutoResponsiveRequest(incomingMessage, errorMessage, this.SecuritySettings));
}
else
{
return(new AutoResponsiveRequest(errorMessage, this.SecuritySettings));
}
}
/// <summary>
/// Prepares the return value for the GetRequest method in the event of an exception.
/// </summary>
/// <param name="ex">The exception that forms the basis of the error response. Must not be null.</param>
/// <param name="httpRequestInfo">The incoming HTTP request. Must not be null.</param>
/// <param name="incomingMessage">The incoming message. May be null in the case that it was malformed.</param>
/// <returns>
/// Either the <see cref="IRequest"/> to return to the host site or null to indicate no response could be reasonably created and that the caller should rethrow the exception.
/// </returns>
private IRequest GetErrorResponse(ProtocolException ex, HttpRequestInfo httpRequestInfo, IDirectedProtocolMessage incomingMessage)
{
ErrorUtilities.VerifyArgumentNotNull(ex, "ex");
ErrorUtilities.VerifyArgumentNotNull(httpRequestInfo, "httpRequestInfo");
Logger.Error("An exception was generated while processing an incoming OpenID request.", ex);
IErrorMessage errorMessage;
// We must create the appropriate error message type (direct vs. indirect)
// based on what we see in the request.
if (httpRequestInfo.QueryString[Protocol.Default.openid.return_to] != null)
{
// An indirect request message from the RP
// We need to return an indirect response error message so the RP can consume it.
// Consistent with OpenID 2.0 section 5.2.3.
var indirectRequest = incomingMessage as SignedResponseRequest;
if (indirectRequest != null)
{
errorMessage = new IndirectErrorResponse(indirectRequest);
}
else
{
errorMessage = new IndirectErrorResponse(Protocol.Default.Version, new Uri(httpRequestInfo.QueryString[Protocol.Default.openid.return_to]));
}
}
else if (httpRequestInfo.HttpMethod == "POST")
{
// A direct request message from the RP
// We need to return a direct response error message so the RP can consume it.
// Consistent with OpenID 2.0 section 5.1.2.2.
errorMessage = new DirectErrorResponse(Protocol.Default.Version, incomingMessage);
}
else
{
// This may be an indirect request from an RP that was so badly
// formed that we cannot even return an error to the RP.
// The best we can do is display an error to the user.
// Returning null cues the caller to "throw;"
return(null);
}
errorMessage.ErrorMessage = ex.GetAllMessages();
// Allow host to log this error and issue a ticket #.
// We tear off the field to a local var for thread safety.
IErrorReporting hostErrorHandler = this.ErrorReporting;
if (hostErrorHandler != null)
{
errorMessage.Contact = hostErrorHandler.Contact;
errorMessage.Reference = hostErrorHandler.LogError(ex);
}
if (incomingMessage != null)
{
return(new AutoResponsiveRequest(this, incomingMessage, errorMessage));
}
else
{
return(new AutoResponsiveRequest(this, errorMessage));
}
}