public void BadFetch()
{
Uri userUrl = new Uri("http://who.cares/");
IAssociationStore store = new MemoryStore();
Consumer consumer;
ArrayList cases = new ArrayList();
cases.Add(null);
cases.Add(HttpStatusCode.NotFound);
cases.Add(HttpStatusCode.BadRequest);
cases.Add(HttpStatusCode.InternalServerError);
byte[] data = Encoding.UTF8.GetBytes("Who cares?");
FetchResponse resp;
foreach (object code in cases)
{
if (code == null)
resp = null;
else
resp = new FetchResponse((HttpStatusCode) code, userUrl, "UTF-8", data, data.Length);
consumer = new Consumer(store, new BadFetcher(resp));
try
{
consumer.BeginAuth(userUrl);
TestTools.Assert(false, String.Format("Consumer failed to raise FetchException: {0}", code.ToString()));
}
catch (FetchException e) {}
}
}
public void BadParse()
{
IAssociationStore store = new MemoryStore();
Uri userUrl = new Uri("http://user.example.com/");
string[] cases =
{ "",
"http://not.in.a.link.tag/",
"<link rel=\"openid.server\" href=\"not.in.html.or.head\" />"
};
Fetcher fetcher;
Consumer consumer;
foreach (string userPage in cases)
{
fetcher = new TestFetcher(userUrl, userPage, null);
consumer = new Consumer(store, fetcher);
try {
consumer.BeginAuth(userUrl);
TestTools.Assert(false, String.Format("Shouldn't have succeeded with user_page=[{0}]", userPage));
}
catch (ParseException e) {}
}
}
private void Success(Uri userUri, Uri delegateUri, string links, Consumer.Mode immediate)
{
MemoryStore store = new MemoryStore();
string mode;
if (immediate == Consumer.Mode.IMMEDIATE)
mode = "checkid_immediate";
else
mode = "checkid_setup";
string userPage = String.Format(USER_PAGE_PAT, links);
string test_handle = "Snarky";
AssociationInfo info = new AssociationInfo(
Encoding.ASCII.GetBytes("another 20-byte key."), test_handle);
Fetcher fetcher = new TestFetcher(userUri, userPage, info);
Consumer consumer = new Consumer(store, fetcher);
AuthRequest request = consumer.BeginAuth(userUri);
Uri returnTo = new Uri(consumerUri.AbsoluteUri, true);
string trustRoot = consumerUri.AbsoluteUri;
Uri redirectUri = consumer.CreateRedirect(immediate, request, returnTo, trustRoot);
NameValueCollection q = FormParser.Parse(Encoding.UTF8.GetBytes(redirectUri.Query.Substring(1)));
string errmsg = redirectUri.AbsoluteUri;
TestTools.Assert(q.Count == 5, errmsg);
TestTools.Assert(q["openid.mode"] == mode, errmsg);
TestTools.Assert(q["openid.identity"] == delegateUri.AbsoluteUri, errmsg);
TestTools.Assert(q["openid.trust_root"] == trustRoot, errmsg);
TestTools.Assert(q["openid.assoc_handle"] == test_handle, errmsg);
TestTools.Assert(q["openid.return_to"] == returnTo.AbsoluteUri, errmsg);
TestTools.Assert(redirectUri.AbsoluteUri.StartsWith(serverUri.AbsoluteUri), errmsg);
NameValueCollection query = new NameValueCollection();
query.Add("openid.mode", "id_res");
query.Add("openid.return_to", returnTo.AbsoluteUri);
query.Add("openid.identity", delegateUri.AbsoluteUri);
query.Add("openid.assoc_handle", test_handle);
Association assoc = store.GetAssociation(serverUri, test_handle);
string sig = assoc.SignDict(new string[] { "mode", "return_to", "identity" }, query, "openid.");
query.Add("openid.sig", sig);
query.Add("openid.signed", "mode,return_to,identity");
object result;
Consumer.Status status = consumer.CompleteAuth(request.token, query, out result);
TestTools.Assert(status == Consumer.Status.SUCCESS);
TestTools.Assert(((Uri)result).AbsoluteUri == userUri.AbsoluteUri, String.Format("info:{0}\nuserUri:{1}", info, userUri));
}
private void AuthenticateRequest(Object sender, EventArgs e)
{
Consumer consumer = new Consumer(new MemoryStore(), new SimpleFetcher());
HttpContext Context = HttpContext.Current;
HttpSessionState Session = Context.Session;
HttpRequest Request = Context.Request;
HttpResponse Response = Context.Response;
if (Request.Url.AbsolutePath != "/login.aspx")
return;
if (Request.HttpMethod.ToLower() == "post")
{
string urlStr = Request.Form["openid_url"];
if (urlStr != null)
{
Uri userUri = UriUtil.NormalizeUri(urlStr);
try
{
AuthRequest oidreq = consumer.BeginAuth(userUri);
// XXX: construct this from login path and ReturnTo param
UriBuilder builder = new UriBuilder(Request.Url.AbsoluteUri);
if (Session == null)
UriUtil.AppendQueryArgument(builder, TOKEN_KEY, oidreq.token);
else
Session[TOKEN_KEY] = oidreq.token;
Uri returnTo = new Uri(builder.ToString(), true);
builder = new UriBuilder(Request.Url.AbsoluteUri);
builder.Query = null;
builder.Password = null;
builder.UserName = null;
builder.Fragment = null;
builder.Path = Request.ApplicationPath;
string trustRoot = builder.ToString();
Uri redirectUri = consumer.CreateRedirect(Consumer.Mode.SETUP, oidreq, returnTo, trustRoot);
Response.Redirect(redirectUri.AbsoluteUri);
}
catch (FetchException fe)
{
Context.Items.Add("errmsg", "Failed to fetch identity page.");
}
}
}
else if (Request.QueryString["openid.mode"] != null)
{
// XXX: this needs to handle checkid_immediate
string token;
if (Session == null)
token = Request.QueryString[TOKEN_KEY];
else
{
token = (String) Session[TOKEN_KEY];
Session.Remove(TOKEN_KEY);
}
if (token == null)
{
Context.Items.Add("errmsg", "Token was null.");
}
else
{
object result;
Consumer.Status status = consumer.CompleteAuth(token, Request.QueryString, out result);
switch (status)
{
case Consumer.Status.FAILURE:
Context.Items.Add("errmsg", String.Format("Verification of {0} failed.", result.ToString()));
break;
case Consumer.Status.SUCCESS:
if (result != null)
{
FormsAuthentication.RedirectFromLoginPage(
((Uri) result).AbsoluteUri, false);
return;
}
else
{
Context.Items.Add("errmsg", "Verification Cancelled.");
}
break;
}
}
}
}