protected override void OnBeforeSendingAuthenticationRequest(IAuthenticationRequest request)
{
var fetchRequest = new FetchRequest();
fetchRequest.Attributes.AddRequired(WellKnownAttributes.Contact.Email);
fetchRequest.Attributes.AddRequired(WellKnownAttributes.Name.FullName);
request.AddExtension(fetchRequest);
}
internal AuthenticationResult PrepareOpenIdRequest(string providerUrl, Uri returnUrl)
{
Identifier identifier;
if (Identifier.TryParse(providerUrl, out identifier))
{
try
{
IAuthenticationRequest request = relyingParty.CreateRequest(identifier, Realm.AutoDetect, returnUrl);
FetchRequest fetch = new FetchRequest(); // request the authentication provider for some additional information.
fetch.Attributes.AddRequired(WellKnownAttributes.Contact.Email);
fetch.Attributes.AddRequired(WellKnownAttributes.Name.FullName);
request.AddExtension(fetch);
return new AuthenticationResult
{
Status = ConnectionStatus.RedirectToProvider,
Action = request.RedirectingResponse.AsActionResult()
};
}
catch (ProtocolException exception)
{
return AuthenticationException(exception);
}
}
return AbortedAuthentication(Common.Resources.Authentication.InvalidOpenIdIdentifier);
}
private Interfaces.IAuthenticationResponse RequestAuthentication(Interfaces.IAuthenticationRequest request)
{
Identifier id;
if (!Identifier.TryParse(request.Url, out id))
{
_logger.Info(string.Format("OpenID Error...invalid url. url='{0}'", request.Url));
return Factory.AuthenticationResponse(Interfaces.AuthenticationState.Errored);
}
try
{
var authenticationRequest = _openIdRelyingParty.CreateRequest(request.Url);
var fetch = new FetchRequest();
fetch.Attributes.AddRequired(WellKnownAttributes.Contact.Email);
fetch.Attributes.AddRequired(WellKnownAttributes.Name.First);
fetch.Attributes.AddRequired(WellKnownAttributes.Name.Last);
authenticationRequest.AddExtension(fetch);
var actionResult = authenticationRequest.RedirectingResponse.AsActionResult();
return Factory.AuthenticationResponse(actionResult);
}
catch (ProtocolException ex)
{
_logger.Error("OpenID Exception...", ex);
return Factory.AuthenticationResponse(Interfaces.AuthenticationState.Errored);
}
}
public string Login(string callBackUrl)
{
var response = _openid.GetResponse();
if (response == null)
{
// Stage 2: user submitting Identifier
Identifier id;
if (Identifier.TryParse(OpenIdUrl, out id))
{
try
{
var callBackUri = new Uri(callBackUrl);
var request = _openid.CreateRequest(OpenIdUrl, new Realm(callBackUri), callBackUri);
var fetch = new FetchRequest();
fetch.Attributes.AddRequired(WellKnownAttributes.Contact.Email);
fetch.Attributes.AddRequired(WellKnownAttributes.Name.First);
fetch.Attributes.AddRequired(WellKnownAttributes.Name.Middle);
fetch.Attributes.AddRequired(WellKnownAttributes.Name.Last);
fetch.Attributes.AddRequired(WellKnownAttributes.Name.FullName);
fetch.Attributes.AddRequired(WellKnownAttributes.Name.Alias);
request.AddExtension(fetch);
request.RedirectToProvider();
return null;
}
catch (ProtocolException ex)
{
return null;
}
}
}
return null;
}
void LoginToGoogle()
{
try
{
using (OpenIdRelyingParty party = new OpenIdRelyingParty())
{
IAuthenticationRequest request = party.CreateRequest(ConfigurationManager.AppSettings["google-auth-path"]);
var fetch = new FetchRequest();
fetch.Attributes.AddRequired(WellKnownAttributes.Contact.Email);
fetch.Attributes.AddRequired(WellKnownAttributes.Name.First);
fetch.Attributes.AddRequired(WellKnownAttributes.Name.Last);
request.AddExtension(fetch);
//request.AddExtension(new ClaimsRequest
//{
// Country = DemandLevel.Request,
// Email = DemandLevel.Request,
// Gender = DemandLevel.Require,
// PostalCode = DemandLevel.Require,
// TimeZone = DemandLevel.Require,
//});
request.RedirectToProvider();
}
}
catch (ProtocolException ex)
{
LabelStatus.Text = ex.Message;
}
}
/// <summary>
/// Creates the fetch request.
/// </summary>
/// <returns></returns>
private static FetchRequest CreateFetchRequest()
{
var fetchRequest = new FetchRequest();
fetchRequest.Attributes.AddRequired(WellKnownAttributes.Contact.Email);
fetchRequest.Attributes.AddRequired(WellKnownAttributes.Name.FullName);
return fetchRequest;
}
protected override void OnBeforeSendingAuthenticationRequest(IAuthenticationRequest request)
{
FetchRequest extension = new FetchRequest();
extension.Attributes.AddRequired("http://axschema.org/contact/email");
extension.Attributes.AddRequired("http://axschema.org/namePerson");
request.AddExtension(extension);
}
public ActionResult OpenId(string openIdUrl)
{
var response = _openid.GetResponse();
if (response == null)
{
// Stage 2: user submitting Identifier
Identifier id;
if (Identifier.TryParse(openIdUrl, out id))
{
try
{
var request = _openid.CreateRequest(openIdUrl);
var fetch = new FetchRequest();
fetch.Attributes.AddRequired(WellKnownAttributes.Contact.Email);
fetch.Attributes.AddRequired(WellKnownAttributes.Name.First);
fetch.Attributes.AddRequired(WellKnownAttributes.Name.Last);
request.AddExtension(fetch);
return request.RedirectingResponse.AsActionResult();
}
catch (ProtocolException)
{
//_logger.Error("OpenID Exception...", ex);
return this.RedirectToAction(x => x.SignIn());
}
}
//_logger.Info("OpenID Error...invalid url. url='" + openIdUrl + "'");
return this.RedirectToAction(x => x.SignIn());
}
// Stage 3: OpenID Provider sending assertion response
switch (response.Status)
{
case AuthenticationStatus.Authenticated:
var fetch = response.GetExtension<FetchResponse>();
var firstName = "";
var lastName = "";
var email = "";
if (fetch != null)
{
firstName = fetch.GetAttributeValue(WellKnownAttributes.Name.First);
lastName = fetch.GetAttributeValue(WellKnownAttributes.Name.Last);
email = fetch.GetAttributeValue(WellKnownAttributes.Contact.Email);
}
return CreateUser(new CreateUser
{
UserName = response.ClaimedIdentifier,
FirstName = firstName,
LastName = lastName,
Email = email
});
case AuthenticationStatus.Canceled:
//_logger.Info("OpenID: Cancelled at provider.");
return this.RedirectToAction(x => x.SignIn());
case AuthenticationStatus.Failed:
//_logger.Error("OpenID Exception...", response.Exception);
return this.RedirectToAction(x => x.SignIn());
}
return this.RedirectToAction(x => x.SignIn());
}
/// <summary>
/// Called just before the authentication request is sent to service provider.
/// </summary>
/// <param name="request">
/// The request.
/// </param>
protected override void OnBeforeSendingAuthenticationRequest(IAuthenticationRequest request) {
// Attribute Exchange extensions
var fetchRequest = new FetchRequest();
fetchRequest.Attributes.Add(new AttributeRequest(WellKnownAttributes.Contact.Email, isRequired: true));
fetchRequest.Attributes.Add(new AttributeRequest(WellKnownAttributes.Name.FullName, isRequired: false));
request.AddExtension(fetchRequest);
}
/// <summary>
/// Action Results for Index, uses DotNetOpenAuth for creating OpenId Request with Intuit
/// and handling response recieved.
/// </summary>
/// <param name="sender">Sender of the event.</param>
/// <param name="e">Event Args.</param>
protected void Page_Load(object sender, EventArgs e)
{
//OpenId Relying Party
OpenIdRelyingParty openid = new OpenIdRelyingParty();
var openIdIdentifier = ConfigurationManager.AppSettings["openid_identifier"];
var response = openid.GetResponse();
if (response == null)
{
// Stage 2: user submitting Identifier
Identifier id;
if (Identifier.TryParse(openIdIdentifier, out id))
{
try
{
IAuthenticationRequest request = openid.CreateRequest(openIdIdentifier);
FetchRequest fetch = new FetchRequest();
fetch.Attributes.Add(new AttributeRequest(WellKnownAttributes.Contact.Email));
fetch.Attributes.Add(new AttributeRequest(WellKnownAttributes.Name.FullName));
request.AddExtension(fetch);
request.RedirectToProvider();
}
catch (ProtocolException ex)
{
throw ex;
}
}
}
else
{
if (response.FriendlyIdentifierForDisplay == null)
{
Response.Redirect("/OpenIdHandler.aspx");
}
// Stage 3: OpenID Provider sending assertion response
Session["FriendlyIdentifier"] = response.FriendlyIdentifierForDisplay;
FetchResponse fetch = response.GetExtension<FetchResponse>();
if (fetch != null)
{
Session["OpenIdResponse"] = "True";
Session["FriendlyEmail"] = fetch.GetAttributeValue(WellKnownAttributes.Contact.Email);
Session["FriendlyName"] = fetch.GetAttributeValue(WellKnownAttributes.Name.FullName);
}
//Check if user disconnected from the App Center
if (Request.QueryString["disconnect"] != null && Request.QueryString["disconnect"].ToString(CultureInfo.InvariantCulture) == "true")
{
Session["Flag"] = true;
Response.Redirect("CleanupOnDisconnect.aspx");
}
else
{
Response.Redirect("Default.aspx");
}
}
}
/// <summary>
/// Action Results for Index, uses DotNetOpenAuth for creating OpenId Request with Intuit
/// and handling response recieved.
/// </summary>
/// <returns></returns>
public RedirectResult Index()
{
var openid_identifier = ConfigurationManager.AppSettings["openid_identifier"].ToString(); ;
var response = openid.GetResponse();
if (response == null)
{
// Stage 2: user submitting Identifier
Identifier id;
if (Identifier.TryParse(openid_identifier, out id))
{
try
{
IAuthenticationRequest request = openid.CreateRequest(openid_identifier);
FetchRequest fetch = new FetchRequest();
fetch.Attributes.Add(new AttributeRequest(WellKnownAttributes.Contact.Email));
fetch.Attributes.Add(new AttributeRequest(WellKnownAttributes.Name.FullName));
request.AddExtension(fetch);
request.RedirectToProvider();
}
catch (ProtocolException ex)
{
throw ex;
}
}
}
else
{
if (response.FriendlyIdentifierForDisplay == null)
{
Response.Redirect("/OpenId");
}
// Stage 3: OpenID Provider sending assertion response, storing the response in Session object is only for demonstration purpose
Session["FriendlyIdentifier"] = response.FriendlyIdentifierForDisplay;
FetchResponse fetch = response.GetExtension<FetchResponse>();
if (fetch != null)
{
Session["OpenIdResponse"] = "True";
Session["FriendlyEmail"] = fetch.GetAttributeValue(WellKnownAttributes.Contact.Email);// emailAddresses.Count > 0 ? emailAddresses[0] : null;
Session["FriendlyName"] = fetch.GetAttributeValue(WellKnownAttributes.Name.FullName);//fullNames.Count > 0 ? fullNames[0] : null;
//get the Oauth Access token for the user from OauthAccessTokenStorage.xml
OauthAccessTokenStorageHelper.GetOauthAccessTokenForUser(Session["FriendlyEmail"].ToString(), this);
}
}
string query = Request.Url.Query;
if (!string.IsNullOrWhiteSpace(query) && query.ToLower().Contains("disconnect=true"))
{
Session["accessToken"] = "dummyAccessToken";
Session["accessTokenSecret"] = "dummyAccessTokenSecret";
Session["Flag"] = true;
return Redirect("/CleanupOnDisconnect/Index");
}
return Redirect("/Home/index");
}
public ActionResult RedirectToProvider(string providerUrl, string returnUrl, FetchRequest fetch)
{
var baseUrl = HttpContext.Current.Request.ToPublicUrl(new Uri("/", UriKind.Relative));
var realm = new Realm(baseUrl);
var authenticationRequest = _relyingParty.CreateRequest(providerUrl, realm, new Uri(returnUrl,UriKind.Absolute));
authenticationRequest.AddExtension(fetch);
return new OutgoingRequestActionResult(authenticationRequest.RedirectingResponse);
}
public ActionResult RedirectToProvider(string providerUrl, string returnUrl, FetchRequest fetch)
{
IAuthenticationRequest authenticationRequest = this.relyingParty.CreateRequest(providerUrl,
Realm.AutoDetect,
new Uri(returnUrl));
authenticationRequest.AddExtension(fetch);
return new OutgoingRequestActionResult(authenticationRequest.RedirectingResponse);
}
public ActionResult OpenId(LoginModel model)
{
Identifier id;
if (Identifier.TryParse(model.OpenID_Identifier, out id))
{
try
{
model.Config = _services.Config.Current;
var openId = new OpenIdRelyingParty();
returnToUrl = new Uri(Url.Action("OpenIdCallback", "Authentication", new { ReturnUrl = model.ReturnUrl }, Request.Url.Scheme), UriKind.Absolute);
// hack for google oauth2
if (model.OpenID_Identifier.Contains("google"))
{
client = new GoogleOAuth2Client(model.Config.ClientId, model.Config.ClientSecret);
client.RequestAuthentication(this.HttpContext, returnToUrl);
GoogleOAuth2Client.RewriteRequest();
return Redirect(returnToUrl.ToString());
}
else
{
var request = openId.CreateRequest(id, Realm.AutoDetect, returnToUrl);
// add request for name and email using sreg (OpenID Simple Registration
// Extension)
request.AddExtension(new ClaimsRequest
{
Email = DemandLevel.Require,
FullName = DemandLevel.Require,
Nickname = DemandLevel.Require
});
// also add AX request
var axRequest = new FetchRequest();
axRequest.Attributes.AddRequired(WellKnownAttributes.Name.FullName);
axRequest.Attributes.AddRequired(WellKnownAttributes.Name.First);
axRequest.Attributes.AddRequired(WellKnownAttributes.Name.Last);
axRequest.Attributes.AddRequired(WellKnownAttributes.Contact.Email);
request.AddExtension(axRequest);
var redirectingResponse = request.RedirectingResponse;
return redirectingResponse.AsActionResult();
}
}
catch (ProtocolException ex)
{
model.Message = ex.Message;
return View("Login", model);
}
}
else
{
model.Message = "Invalid identifier";
return View("Login", model);
}
}
/// <summary>
/// Called just before the authentication request is sent to service provider.
/// </summary>
/// <param name="request">
/// The request.
/// </param>
protected override void OnBeforeSendingAuthenticationRequest(IAuthenticationRequest request) {
// Attribute Exchange extensions
var fetchRequest = new FetchRequest();
fetchRequest.Attributes.AddRequired(WellKnownAttributes.Contact.Email);
fetchRequest.Attributes.AddOptional(WellKnownAttributes.Contact.HomeAddress.Country);
fetchRequest.Attributes.AddOptional(WellKnownAttributes.Name.First);
fetchRequest.Attributes.AddOptional(WellKnownAttributes.Name.Last);
request.AddExtension(fetchRequest);
}
public ActionResult Authenticate(string returnUrl)
{
var openid = new OpenIdRelyingParty();
var response = openid.GetResponse();
if (response == null) {
// Stage 2: user submitting Identifier
Identifier id;
if (Identifier.TryParse(Request.Form["openid_identifier"], out id)) {
try {
var req = openid.CreateRequest(id);
var fetch = new FetchRequest();
//ask for more info - the email address
//no guarantee you'll get it back :)
var email = new AttributeRequest(WellKnownAttributes.Contact.Email);
email.IsRequired = true;
fetch.Attributes.Add(email);
req.AddExtension(fetch);
return req.RedirectingResponse.AsActionResult();
} catch (ProtocolException ex) {
ViewData["Message"] = ex.Message;
return View("Login");
}
} else {
ViewData["Message"] = "Invalid identifier";
return View("Login");
}
} else {
// Stage 3: OpenID Provider sending assertion response
switch (response.Status) {
case AuthenticationStatus.Authenticated:
//They're in there...
var fetch = response.GetExtension<FetchResponse>();
string email = null;
if (fetch != null) {
IList<string> emailAddresses = fetch.Attributes[WellKnownAttributes.Contact.Email].Values;
email = emailAddresses.Count > 0 ? emailAddresses[0] : null;
}
var friendly = email ?? response.FriendlyIdentifierForDisplay;
return AuthAndRedirect(friendly, response.ClaimedIdentifier);
case AuthenticationStatus.Canceled:
ViewData["Message"] = "Canceled at provider";
return View("Login");
case AuthenticationStatus.Failed:
ViewData["Message"] = response.Exception.Message;
return View("Login");
}
}
return new EmptyResult();
}
public void Fetch() {
var request = new FetchRequest();
request.Attributes.Add(new AttributeRequest(NicknameTypeUri));
request.Attributes.Add(new AttributeRequest(EmailTypeUri, false, int.MaxValue));
var response = new FetchResponse();
response.Attributes.Add(new AttributeValues(NicknameTypeUri, "Andrew"));
response.Attributes.Add(new AttributeValues(EmailTypeUri, "*****@*****.**", "*****@*****.**"));
ExtensionTestUtilities.Roundtrip(Protocol.Default, new[] { request }, new[] { response });
}
public async Task Fetch() {
var request = new FetchRequest();
request.Attributes.Add(new AttributeRequest(NicknameTypeUri));
request.Attributes.Add(new AttributeRequest(EmailTypeUri, false, int.MaxValue));
var response = new FetchResponse();
response.Attributes.Add(new AttributeValues(NicknameTypeUri, "Andrew"));
response.Attributes.Add(new AttributeValues(EmailTypeUri, "*****@*****.**", "*****@*****.**"));
await this.RoundtripAsync(Protocol.Default, new[] { request }, new[] { response });
}
public IAuthenticationRequest CreateRequest(string openidIdentifier)
{
var request = _openId.CreateRequest(openidIdentifier);
var fetchRequest = new FetchRequest();
fetchRequest.Attributes.AddRequired(WellKnownAttributes.Contact.Email);
fetchRequest.Attributes.AddOptional(WellKnownAttributes.Name.First);
fetchRequest.Attributes.AddOptional(WellKnownAttributes.Name.Last);
request.AddExtension(fetchRequest);
return request;
}
protected void btnGoogleLogin_Click(object sender, CommandEventArgs e)
{
string discoveryUri = e.CommandArgument.ToString();
OpenIdRelyingParty openid = new OpenIdRelyingParty();
var URIbuilder = new UriBuilder(Request.Url) { Query = "" };
var req = openid.CreateRequest(discoveryUri, URIbuilder.Uri, URIbuilder.Uri);
var fetch = new FetchRequest();
fetch.Attributes.AddRequired(WellKnownAttributes.Contact.Email);
req.AddExtension(fetch);
req.RedirectToProvider();
}
public static ActionResult SendRequest(OpenIdRelyingParty openid, Identifier openIdIdentifier)
{
Logger.Info("Sending request to the open id provider");
var req = openid.CreateRequest(openIdIdentifier);
var fetch = new FetchRequest();
fetch.Attributes.Add(new AttributeRequest(WellKnownAttributes.Contact.Email, true));
fetch.Attributes.Add(new AttributeRequest(WellKnownAttributes.Name.Alias, true));
req.AddExtension(fetch);
return req.RedirectingResponse.AsActionResult();
}
protected override void AddNeededExtensions(ref DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationRequest request)
{
var sreg = new ClaimsRequest();
sreg.Nickname = DemandLevel.Require;
sreg.Email = DemandLevel.Require;
request.AddExtension(sreg);
var ax = new FetchRequest();
ax.Attributes.Add(new AttributeRequest(WellKnownAttributes.Contact.Email, true));
ax.Attributes.Add(new AttributeRequest(WellKnownAttributes.Name.Alias, true));
request.AddExtension(ax);
}
public override void ProcessSignInRequest(Scope scope, HttpContextBase httpContext)
{
var request = this.openIdRelyingParty.CreateRequest(this.Issuer.Url, this.MultiProtocolIssuer.Identifier, this.MultiProtocolIssuer.ReplyUrl);
var ax = new FetchRequest();
foreach (var requirement in scope.ClaimTypeRequirements)
{
ax.Attributes.Add(new AttributeRequest(requirement.ClaimType, requirement.DemandLevel != ClaimDemandLevel.NoRequest));
}
request.AddExtension(ax);
request.RedirectToProvider();
}
public IAuthenticationRequest ValidateAtOpenIdProvider(string openIdIdentifier)
{
IAuthenticationRequest openIdRequest = openId.CreateRequest(Identifier.Parse(openIdIdentifier));
var fetch = new FetchRequest();
fetch.Attributes.Add(new AttributeRequest(WellKnownAttributes.Contact.Email,true,1));
fetch.Attributes.Add(new AttributeRequest(WellKnownAttributes.Name.FullName, true, 1));
fetch.Attributes.Add(new AttributeRequest(WellKnownAttributes.Name.First, true,1));
fetch.Attributes.Add(new AttributeRequest(WellKnownAttributes.Name.Last, true,1));
fetch.Attributes.Add(new AttributeRequest(WellKnownAttributes.Name.Alias, true, 1));
openIdRequest.AddExtension(fetch);
return openIdRequest;
}
public async Task<ActionResult> OpenId(LoginModel model)
{
Identifier id;
if (Identifier.TryParse(model.OpenID_Identifier, out id))
{
try
{
var openId = new OpenIdRelyingParty();
var returnToUrl = new Uri(Url.Action("OpenIdCallback", "Authentication", new { ReturnUrl = model.ReturnUrl }, Request.Url.Scheme), UriKind.Absolute);
var requestTask = openId.CreateRequestAsync(id, Realm.AutoDetect, returnToUrl);
await requestTask;
var request = requestTask.Result;
// add request for name and email using sreg (OpenID Simple Registration
// Extension)
request.AddExtension(new ClaimsRequest
{
Email = DemandLevel.Require,
FullName = DemandLevel.Require,
Nickname = DemandLevel.Require
});
// also add AX request
var axRequest = new FetchRequest();
axRequest.Attributes.AddRequired(WellKnownAttributes.Name.FullName);
axRequest.Attributes.AddRequired(WellKnownAttributes.Name.First);
axRequest.Attributes.AddRequired(WellKnownAttributes.Name.Last);
axRequest.Attributes.AddRequired(WellKnownAttributes.Contact.Email);
request.AddExtension(axRequest);
var redirectingResponseTask = request.GetRedirectingResponseAsync();
await redirectingResponseTask;
return redirectingResponseTask.Result.AsActionResult();
}
catch (ProtocolException ex)
{
model.Message = ex.Message;
return View("Login", model);
}
}
else
{
model.Message = "Invalid identifier";
return View("Login", model);
}
}
public IAuthenticationRequest ValidateAtOpenIdProvider(string openIdIdentifier)
{
IAuthenticationRequest openIdRequest = openId.CreateRequest(Identifier.Parse(openIdIdentifier));
//var fields = new ClaimsRequest()
//{
// Email = DemandLevel.Require,
// Nickname = DemandLevel.Require
//};
var fields = new FetchRequest();
fields.Attributes.Add(new AttributeRequest(WellKnownAttributes.Contact.Email, true));
fields.Attributes.Add(new AttributeRequest(WellKnownAttributes.Name.FullName, true));
openIdRequest.AddExtension(fields);
return openIdRequest;
}
public static FetchRequest CreateFetchRequest(IOpenAuthenticationProviderPermissionService openAuthenticationProviderPermissionService)
{
var fetchRequest = new FetchRequest();
//if (openAuthenticationProviderPermissionService.IsPermissionEnabled("Email", Provider.OpenId))
fetchRequest.Attributes.AddRequired(WellKnownAttributes.Contact.Email);
//if (openAuthenticationProviderPermissionService.IsPermissionEnabled("FullName", Provider.OpenId)) {
fetchRequest.Attributes.AddRequired(WellKnownAttributes.Name.First);
fetchRequest.Attributes.AddRequired(WellKnownAttributes.Name.Last);
fetchRequest.Attributes.AddRequired(WellKnownAttributes.Name.FullName);
fetchRequest.Attributes.AddRequired(WellKnownAttributes.Name.Alias);
//}
return fetchRequest;
}
public static void SpreadSregToAX(this RelyingParty.IAuthenticationRequest request, AXAttributeFormats attributeFormats)
{
Contract.Requires(request != null);
ErrorUtilities.VerifyArgumentNotNull(request, "request");
var req = (RelyingParty.AuthenticationRequest)request;
var sreg = req.AppliedExtensions.OfType<ClaimsRequest>().SingleOrDefault();
if (sreg == null) {
Logger.OpenId.Warn("No Simple Registration (ClaimsRequest) extension present in the request to spread to AX.");
return;
}
if (req.Provider.IsExtensionSupported<ClaimsRequest>()) {
Logger.OpenId.Info("Skipping generation of AX request because the Identifier advertises the Provider supports the Sreg extension.");
return;
}
var ax = req.AppliedExtensions.OfType<FetchRequest>().SingleOrDefault();
if (ax == null) {
ax = new FetchRequest();
req.AddExtension(ax);
}
// Try to use just one AX Type URI format if we can figure out which type the OP accepts.
AXAttributeFormats detectedFormat;
if (TryDetectOPAttributeFormat(request, out detectedFormat)) {
Logger.OpenId.Info("Detected OP support for AX but not for Sreg. Removing Sreg extension request and using AX instead.");
attributeFormats = detectedFormat;
req.Extensions.Remove(sreg);
} else {
Logger.OpenId.Info("Could not determine whether OP supported Sreg or AX. Using both extensions.");
}
foreach (AXAttributeFormats format in ForEachFormat(attributeFormats)) {
FetchAttribute(ax, format, WellKnownAttributes.BirthDate.WholeBirthDate, sreg.BirthDate);
FetchAttribute(ax, format, WellKnownAttributes.Contact.HomeAddress.Country, sreg.Country);
FetchAttribute(ax, format, WellKnownAttributes.Contact.Email, sreg.Email);
FetchAttribute(ax, format, WellKnownAttributes.Name.FullName, sreg.FullName);
FetchAttribute(ax, format, WellKnownAttributes.Person.Gender, sreg.Gender);
FetchAttribute(ax, format, WellKnownAttributes.Preferences.Language, sreg.Language);
FetchAttribute(ax, format, WellKnownAttributes.Name.Alias, sreg.Nickname);
FetchAttribute(ax, format, WellKnownAttributes.Contact.HomeAddress.PostalCode, sreg.PostalCode);
FetchAttribute(ax, format, WellKnownAttributes.Preferences.TimeZone, sreg.TimeZone);
}
}
//
// GET: /DirectConnectToIntuit/
public ActionResult Index()
{
var openid_identifier = ConfigurationManager.AppSettings["openid_identifier"].ToString(); ;
var response = openid.GetResponse();
if (response == null)
{
// Stage 2: user submitting Identifier
Identifier id;
if (Identifier.TryParse(openid_identifier, out id))
{
try
{
IAuthenticationRequest request = openid.CreateRequest(openid_identifier);
FetchRequest fetch = new FetchRequest();
fetch.Attributes.Add(new AttributeRequest(WellKnownAttributes.Contact.Email));
fetch.Attributes.Add(new AttributeRequest(WellKnownAttributes.Name.FullName));
request.AddExtension(fetch);
request.RedirectToProvider();
}
catch (ProtocolException ex)
{
throw ex;
}
}
}
else
{
if (response.FriendlyIdentifierForDisplay == null)
{
Response.Redirect("/DirectConnectToIntuit");
}
// Stage 3: OpenID Provider sending assertion response, storing the response in Session object is only for demonstration purpose
Session["FriendlyIdentifier"] = response.FriendlyIdentifierForDisplay;
FetchResponse fetch = response.GetExtension<FetchResponse>();
if (fetch != null)
{
Session["OpenIdResponse"] = "True";
Session["FriendlyEmail"] = fetch.GetAttributeValue(WellKnownAttributes.Contact.Email);// emailAddresses.Count > 0 ? emailAddresses[0] : null;
Session["FriendlyName"] = fetch.GetAttributeValue(WellKnownAttributes.Name.FullName);//fullNames.Count > 0 ? fullNames[0] : null;
}
}
return View();
}
public OpenIdAuthenticationResponse Authenticate(string provider)
{
var openid = new OpenIdRelyingParty();
var response = openid.GetResponse();
if (response == null)
{
try
{
Identifier providerId;
try
{
providerId = Identifier.Parse(provider);
}
catch (ArgumentException ex)
{
return new InvalidIdentifier(provider, ex);
}
var authenticationRequest = openid.CreateRequest(providerId);
authenticationRequest.AddExtension(new ClaimsRequest {Email = DemandLevel.Require});
var fetch = new FetchRequest();
fetch.Attributes.Add(new AttributeRequest(WellKnownAttributes.Contact.Email, true));
authenticationRequest.AddExtension(fetch);
return new RedirectResponse(authenticationRequest.RedirectingResponse);
}
catch (ProtocolException ex)
{
return new AuthenticationException(ex);
}
}
if (response.Status == AuthenticationStatus.Authenticated)
{
return new SuccessfulResponse(response);
}
return new FailedResponse(response);
}
