protected void IdentityEndpoint20_NormalizeUri(object sender, IdentityEndpointNormalizationEventArgs e) { // This sample Provider has a custom policy for normalizing URIs, which is that the whole // path of the URI be lowercase except for the first letter of the username. UriBuilder normalized = new UriBuilder(e.UserSuppliedIdentifier); string username = Request.QueryString["username"].TrimEnd('/').ToLowerInvariant(); username = username.Substring(0, 1).ToUpperInvariant() + username.Substring(1); normalized.Path = "/user/" + username; normalized.Scheme = "http"; // for a real Provider, this should be HTTPS if supported. e.NormalizedIdentifier = normalized.Uri; }
/// <summary> /// Checks the incoming request and invokes a browser redirect if the URL has not been normalized. /// </summary> /// <seealso cref="IdentityEndpointNormalizationEventArgs.NormalizedIdentifier"/> protected virtual void OnNormalize() { UriIdentifier userSuppliedIdentifier = Util.GetRequestUrlFromContext(); var normalizationArgs = new IdentityEndpointNormalizationEventArgs(userSuppliedIdentifier); var normalizeUri = NormalizeUri; if (normalizeUri != null) { normalizeUri(this, normalizationArgs); } else { // Do some best-guess normalization. normalizationArgs.NormalizedIdentifier = bestGuessNormalization(normalizationArgs.UserSuppliedIdentifier); } // If we have a normalized form, we should use it. // We only compare path and query because the host name SHOULD NOT be case sensitive, // and the fragment will be asserted or cleared by the OP during authentication. if (normalizationArgs.NormalizedIdentifier != null && !String.Equals(normalizationArgs.NormalizedIdentifier.PathAndQuery, userSuppliedIdentifier.Uri.PathAndQuery, StringComparison.Ordinal)) { Page.Response.Redirect(normalizationArgs.NormalizedIdentifier.AbsoluteUri); } }