Exemplo n.º 1
0
            public void GivenSomeExtraData_CreateToken_ReturnsTheGuidOnlyInToSend()
            {
                // Arrage.
                const string extraData   = "http://2p1s.com";
                var          antiForgery = new AntiForgery();

                // Act.
                var result = antiForgery.CreateToken(extraData);

                // Assert.
                Assert.NotNull(result);
                Guid guid;

                Assert.True(Guid.TryParse(result.ToSend, out guid));
            }
Exemplo n.º 2
0
            public void GivenSomeExtraData_CreateToken_ReturnsAFunkyStringInToKeep()
            {
                // Arrage.
                const string extraData   = "http://2p1s.com";
                var          antiForgery = new AntiForgery();

                // Act.
                var result = antiForgery.CreateToken("dont't care!", extraData);

                // Assert.
                Assert.NotNull(result);
                Assert.True(result.ToKeep.Contains("|"));
                Assert.Equal("aHR0cDovLzJwMXMuY29t",
                             result.ToKeep.Substring(result.ToKeep.IndexOf("|", StringComparison.Ordinal) + 1));
            }
Exemplo n.º 3
0
            public void GivenNoExtraData_CreateToken_ReturnsAGuidForBoth()
            {
                // Arrange.
                var antiForgery = new AntiForgery();

                // Act.
                var result = antiForgery.CreateToken(existingToKeepToken: "don't care!");

                // Assert.
                Assert.NotNull(result);
                Guid toKeep;
                Guid toSend;

                Assert.True(Guid.TryParse(result.ToKeep, out toKeep));
                Assert.True(Guid.TryParse(result.ToSend, out toSend));
                Assert.Equal(toKeep, toSend);
            }
        public RedirectResult RedirectToProvider(RedirectToProviderInputModel inputModel)
        {
            if (!ModelState.IsValid)
            {
                throw new ArgumentException(
                          "Some binding errors occured. This means at least one Request value (eg. form post or querystring parameter) provided is invalid. Generally, we need a ProviderName as a string.");
            }

            if (string.IsNullOrEmpty(inputModel.ProviderKey))
            {
                throw new ArgumentException(
                          "ProviderKey value missing. You need to supply a valid provider key so we know where to redirect the user Eg. google.");
            }

            // Grab the required Provider settings.
            var settings = AuthenticationService.GetAuthenticateServiceSettings(inputModel.ProviderKey,
                                                                                Request.Url,
                                                                                Url.CallbackFromOAuthProvider());

            // An OpenId specific settings provided?
            if (!string.IsNullOrEmpty(inputModel.Identifier) &&
                settings is IOpenIdAuthenticationServiceSettings)
            {
                Uri identifier;
                if (!Uri.TryCreate(inputModel.Identifier, UriKind.RelativeOrAbsolute, out identifier))
                {
                    throw new ArgumentException(
                              "Indentifier value was not in the correct Uri format. Eg. http://myopenid.com or https://yourname.myopenid.com");
                }
                ((IOpenIdAuthenticationServiceSettings)settings).Identifier = identifier;
            }

            // Our convention is to remember some redirect url once we are finished in the callback.
            // NOTE: If no redirectUrl data has been provided, then default to the Referrer, if one exists.
            string extraData = null;

            if (RedirectUrl != null &&
                !string.IsNullOrEmpty(RedirectUrl.AbsoluteUri))
            {
                // We have extra state information we will need to retrieve.
                extraData = RedirectUrl.AbsoluteUri;
            }
            else if (Request != null &&
                     Request.UrlReferrer != null &&
                     !string.IsNullOrEmpty(Request.UrlReferrer.AbsoluteUri))
            {
                extraData = Request.UrlReferrer.AbsoluteUri;
            }

            // Generate a token pair.
            var token = AntiForgery.CreateToken(extraData);

            // Put the "ToSend" value in the state parameter to send along to the OAuth Provider.
            settings.State = token.ToSend;

            // Serialize the ToKeep value in the cookie.
            SerializeToken(Response, token.ToKeep);

            // Determine the provider's end point Url we need to redirect to.
            var uri = AuthenticationService.RedirectToAuthenticationProvider(settings);

            // Kthxgo!
            return(Redirect(uri.AbsoluteUri));
        }