/// <summary>
/// Authenicates a user based on the information in the HTTP request.
/// </summary>
/// <returns></returns>
public override void Authenticate(AuthenticationRequest request, AuthenticationResponse response)
{
// Only execute the authentication if the user is not known yet
if (response.Principal == null)
{
// Get OpenID provider's response from the http context
using (var openid = new OpenIdRelyingParty())
{
var openIDResponse = openid.GetResponse();
// TODO: figure out which OpenID provider sent the response
// and associate with the right authenticator
if (response != null)
{
switch (openIDResponse.Status)
{
case AuthenticationStatus.Authenticated:
response.SetPrincipal(CreatePrincipal(openIDResponse));
break;
case AuthenticationStatus.Canceled:
case AuthenticationStatus.Failed:
throw new System.Security.Authentication.AuthenticationException("OpenID authentication failed.", openIDResponse.Exception); // TODO
case AuthenticationStatus.ExtensionsOnly:
case AuthenticationStatus.SetupRequired:
throw new InvalidOperationException();
default:
throw new NotImplementedException();
}
}
}
}
}
public void UpdateAuthenticationResponse(AuthenticationResponse response, Token token, bool isMasterAuthority)
{
if (response.Principal == null)
{
var principal = CreateAuthenticatedPrincipal(token.User, isMasterAuthority);
response.SetPrincipal(principal);
}
// TODO: add keystone cookie, custom parameter, etc...
response.QueryParameters.Add(authTokenParameter, token.ID);
response.Headers.Add(authTokenHeader, token.ID);
// TODO: not sure if it is needed or created automatically
//response.Cookies.Add(CreateFormsAuthenticationTicketCookie(principal.Identity.User, createPersistentCookie));
}
