Exemplo n.º 1
0
        private void Success(Uri userUri, Uri delegateUri, string links, Consumer.Mode immediate)
        {
            MemoryStore store = new MemoryStore();

            string mode;
            if (immediate == Consumer.Mode.IMMEDIATE)
            mode = "checkid_immediate";
            else
            mode = "checkid_setup";

            string userPage = String.Format(USER_PAGE_PAT, links);
            string test_handle = "Snarky";
            AssociationInfo info = new AssociationInfo(
                Encoding.ASCII.GetBytes("another 20-byte key."), test_handle);
            Fetcher fetcher = new TestFetcher(userUri, userPage, info);

            Consumer consumer = new Consumer(store, fetcher);

            AuthRequest request = consumer.BeginAuth(userUri);
            Uri returnTo = new Uri(consumerUri.AbsoluteUri, true);
            string trustRoot = consumerUri.AbsoluteUri;
            Uri redirectUri = consumer.CreateRedirect(immediate, request, returnTo, trustRoot);

            NameValueCollection q = FormParser.Parse(Encoding.UTF8.GetBytes(redirectUri.Query.Substring(1)));

            string errmsg = redirectUri.AbsoluteUri;
            TestTools.Assert(q.Count == 5, errmsg);
            TestTools.Assert(q["openid.mode"] == mode, errmsg);
            TestTools.Assert(q["openid.identity"] == delegateUri.AbsoluteUri, errmsg);
            TestTools.Assert(q["openid.trust_root"] == trustRoot, errmsg);
            TestTools.Assert(q["openid.assoc_handle"] == test_handle, errmsg);
            TestTools.Assert(q["openid.return_to"] == returnTo.AbsoluteUri, errmsg);

            TestTools.Assert(redirectUri.AbsoluteUri.StartsWith(serverUri.AbsoluteUri), errmsg);

            NameValueCollection query = new NameValueCollection();
            query.Add("openid.mode", "id_res");
            query.Add("openid.return_to", returnTo.AbsoluteUri);
            query.Add("openid.identity", delegateUri.AbsoluteUri);
            query.Add("openid.assoc_handle", test_handle);

            Association assoc = store.GetAssociation(serverUri, test_handle);
            string sig = assoc.SignDict(new string[] { "mode", "return_to", "identity" }, query, "openid.");

            query.Add("openid.sig", sig);
            query.Add("openid.signed", "mode,return_to,identity");

            object result;
            Consumer.Status status = consumer.CompleteAuth(request.token, query, out result);
            TestTools.Assert(status == Consumer.Status.SUCCESS);
            TestTools.Assert(((Uri)result).AbsoluteUri == userUri.AbsoluteUri, String.Format("info:{0}\nuserUri:{1}", info, userUri));
        }
Exemplo n.º 2
0
        private void AuthenticateRequest(Object sender, EventArgs e)
        {
            Consumer consumer =  new Consumer(new MemoryStore(), new SimpleFetcher());

            HttpContext Context = HttpContext.Current;
            HttpSessionState Session = Context.Session;
            HttpRequest Request = Context.Request;
            HttpResponse Response = Context.Response;

            if (Request.Url.AbsolutePath != "/login.aspx")
            return;

            if (Request.HttpMethod.ToLower() == "post")
            {
            string urlStr = Request.Form["openid_url"];
            if (urlStr != null)
            {
            Uri userUri = UriUtil.NormalizeUri(urlStr);
            try
            {
            AuthRequest oidreq = consumer.BeginAuth(userUri);

            // XXX: construct this from login path and ReturnTo param
            UriBuilder builder = new UriBuilder(Request.Url.AbsoluteUri);
            if (Session == null)
                UriUtil.AppendQueryArgument(builder, TOKEN_KEY, oidreq.token);
            else
                Session[TOKEN_KEY] = oidreq.token;

            Uri returnTo = new Uri(builder.ToString(), true);

            builder = new UriBuilder(Request.Url.AbsoluteUri);
            builder.Query = null;
            builder.Password = null;
            builder.UserName = null;
            builder.Fragment = null;
            builder.Path = Request.ApplicationPath;
            string trustRoot = builder.ToString();
            Uri redirectUri = consumer.CreateRedirect(Consumer.Mode.SETUP, oidreq, returnTo, trustRoot);
            Response.Redirect(redirectUri.AbsoluteUri);
            }
            catch (FetchException fe)
            {
            Context.Items.Add("errmsg", "Failed to fetch identity page.");
            }
            }
            }
            else if (Request.QueryString["openid.mode"] != null)
            {
            // XXX: this needs to handle checkid_immediate
            string token;
            if (Session == null)
            token = Request.QueryString[TOKEN_KEY];
            else
            {
            token = (String) Session[TOKEN_KEY];
            Session.Remove(TOKEN_KEY);
            }

            if (token == null)
            {
            Context.Items.Add("errmsg", "Token was null.");
            }
            else
            {
            object result;
            Consumer.Status status = consumer.CompleteAuth(token, Request.QueryString, out result);

            switch (status)
            {
            case Consumer.Status.FAILURE:
            Context.Items.Add("errmsg", String.Format("Verification of {0} failed.", result.ToString()));
            break;
            case Consumer.Status.SUCCESS:
            if (result != null)
            {
                FormsAuthentication.RedirectFromLoginPage(
                ((Uri) result).AbsoluteUri, false);
                return;
            }
            else
            {
                Context.Items.Add("errmsg", "Verification Cancelled.");
            }
            break;
            }
            }
            }
        }