Exemplo n.º 1
0
        public async Task <ActionResult> Authenticate(string returnUrl)
        {
            HttpRequestMessage          req    = this.Request.AsHttpRequestMessage();
            Dictionary <string, string> fields = new Dictionary <string, string>();

            fields.AddRange(await ParseUrlEncodedFormContentAsync(req));

            if (fields.Count == 0 && req.Method.Method != "POST")
            { // OpenID 2.0 section 4.1.2
                fields.AddRange(HttpUtility.ParseQueryString(req.RequestUri.Query).AsKeyValuePairs());
            }


            string mode;

            if (fields.TryGetValue("openid.mode", out mode))
            {
                string symVal = "";
                fields.TryGetValue("openid.symval", out symVal);

                //first, we add RP's code onto our symval
                string hash_rp = PositiveAssertionResponse.code_to_hash(PositiveAuthenticationResponse.SourceCode_RP);
                //((AuthenticationRequest)request).ProviderEndpoint.Authority + "[[" + PositiveAssertionResponse.hashvalue_op + "()]";
                symVal = this.Request.Url.Authority + "[[" + hash_rp + "(" + symVal + ")]]";



                generate_cs_file_from_symval(symVal, fields);

                TimeSpan t1 = (DateTime.UtcNow - new DateTime(1970, 1, 1));
                TimeSpan t2 = (DateTime.UtcNow - new DateTime(1970, 1, 1));


                int num = (int)(t2.TotalMilliseconds - t1.TotalMilliseconds);

                HttpRequestMessage request = this.Request.AsHttpRequestMessage();

                MessageReceivingEndpoint recipient;
                recipient = request.GetRecipient();

                IProtocolMessage message = openid.Channel.MessageFactory.GetNewRequestMessage(recipient, fields);

                // If there was no data, or we couldn't recognize it as a message, abort.
                if (message == null)
                {
                    return(null);
                }

                // We have a message!  Assemble it.
                var messageAccessor = openid.Channel.MessageDescriptions.GetAccessor(message);
                messageAccessor.Deserialize(fields);

                //IDirectedProtocolMessage message = await openid.Channel.ReadFromRequestAsync_ccp(fields, request, this.Response.ClientDisconnectedToken);

                //only the final response will be here
                var response_ccp = await openid.GetResponseAsync_ccp(message, this.Response.ClientDisconnectedToken);

                //var response_ccp = await openid.GetResponseAsync(req, this.Response.ClientDisconnectedToken);

                // Stage 3: OpenID Provider sending assertion response
                if (!checkLogicProperty())
                {
                    return(new EmptyResult());
                }
                switch (response_ccp.Status)
                {
                case AuthenticationStatus.Authenticated:
                    Session["FriendlyIdentifier"] = response_ccp.FriendlyIdentifierForDisplay;
                    var cookie = FormsAuthentication.GetAuthCookie(response_ccp.ClaimedIdentifier, false);
                    Response.SetCookie(cookie);
                    if (!string.IsNullOrEmpty(returnUrl))
                    {
                        return(Redirect(returnUrl));
                    }
                    else
                    {
                        return(RedirectToAction("Index", "Home"));
                    }

                case AuthenticationStatus.Canceled:
                    ViewData["Message"] = "Canceled at provider";
                    return(View("Login"));

                case AuthenticationStatus.Failed:
                    ViewData["Message"] = response_ccp.Exception.Message;
                    return(View("Login"));
                }

                return(new EmptyResult());
            }
            else
            {
                var response = await openid.GetResponseAsync(this.Request, this.Response.ClientDisconnectedToken);

                if (response == null)
                {
                    // Stage 2: user submitting Identifier
                    Identifier id;
                    if (Identifier.TryParse(Request.Form["openid_identifier"], out id))
                    {
                        try
                        {
                            var request = await openid.CreateRequestAsync(Request.Form["openid_identifier"]);

                            //Eric - add extension
                            var sregRequest = new ClaimsRequest();
                            sregRequest.Email = DemandLevel.Require;
                            request.AddExtension(sregRequest);

                            var redirectingResponse = await request.GetRedirectingResponseAsync(this.Response.ClientDisconnectedToken);

                            // this code is handled by HttpResponseMessageActionResult :: ExecuteResult(ControllerContext context)
                            return(redirectingResponse.AsActionResult());
                        }
                        catch (ProtocolException ex)
                        {
                            ViewData["Message"] = ex.Message;
                            return(View("Login"));
                        }
                    }
                    else
                    {
                        ViewData["Message"] = "Invalid identifier";
                        return(View("Login"));
                    }
                }
                return(new EmptyResult());
            }
            //ERIC'S CODE - end
        }