public ActionResult AuthenticateOpenId(RegisterOpenIdModel model)
{
//Get response from the open id provider. When HttpPost call is made through form this value does not have any open id
//provider. Therefore the return value is null. When this function is called as HttpGet by DotNetOpenAuth library then
// it returns response from the open id provider.
var response = openid.GetResponse();
var statusMessage = "";
//first time this call is for post and response is null.
if (response == null)
{
//save data in session.
saveUserInSession(model);
Identifier id;
//make sure that the url of open id provider is valid.
if (Identifier.TryParse(model.openid_identifier, out id))
{
try
{
//Request open id provider to authenticate user. DotNetOpenAuth acts as a relying party
//so it waits for the response from the open id provider. When response is recieved from the open id provider
//DotNetOpenAuth calls this function again using HttpGet.
return openid.CreateRequest(model.openid_identifier).RedirectingResponse.AsActionResult();
}
catch (ProtocolException ex)
{
statusMessage = ex.Message;
ModelState.AddModelError("openid_identifier", statusMessage);
return View("RegisterOpenId", model);
}
}
else
{
statusMessage = "Open id identifier url is invalid. Please check if you have typed correct url.";
ModelState.AddModelError("openid_identifier", statusMessage);
return View("RegisterOpenId", model);
}
}
//This is executed when this function is called as HttpGet from DotNetOpenAuth library. DotNetOpenAuth calls this
//when it receives a response from the open id provider.
else
{
//retrieve user from session.
user userObj = retrieveUserFromSession();
model.UserName = userObj.name;
model.Email = userObj.email;
model.openid_identifier = userObj.open_id;
//check the response status
switch (response.Status)
{
//success status.
case AuthenticationStatus.Authenticated:
//Check if this id is already registered in the database.
if (VerifyOpenId(response.ClaimedIdentifier).status == 1)
{
//if user is not register then register this user into the database.
userObj.open_id = response.ClaimedIdentifier;
saveUserIndb(userObj);
Session["FriendlyIdentifier"] = response.FriendlyIdentifierForDisplay;
FormsAuthentication.SetAuthCookie(response.ClaimedIdentifier, true);
string message = "Thank you " + Session["UserName"] + ". You are now registered with the Geostore.";
TempData["message"] = message;
return RedirectToAction("Index", "Home");
}
else
{
ModelState.AddModelError("openid_identifier", "You are already registered with this identifier.");
return View("RegisterOpenId", model);
}
case AuthenticationStatus.Canceled:
ModelState.AddModelError("openid_identifier", "Open identifier authentication has been cancelled at open id provider.");
return View("RegisterOpenId", model);
case AuthenticationStatus.Failed:
ModelState.AddModelError("openid_identifier", "Open identifier authentication has failed at open id provider.");
ModelState.AddModelError("openid_identifier", response.Exception.Message);
return View("RegisterOpenId", model);
}
}
return new EmptyResult();
}
//store user registration data in session.
private void saveUserInSession(RegisterOpenIdModel model)
{
Session["UserName"] = model.UserName;
Session["Email"] = model.Email;
Session["open_identifier"] = model.openid_identifier;
}
