Пример #1
0
    public virtual ActionResult CheckForAuthorization(Guid sessionId)
    {
      AuthenticationModel model = new AuthenticationModel();

      var authorized = model.HasBeenAuthorized(sessionId);

      if (authorized)
      {
        return Json(new { authorized = true, url = Url.Action("Authorized") });
      }

      return Json(new { authorized = false });
    }
Пример #2
0
    public virtual ActionResult Provider()
    {
      IRequest request = openIdProvider.GetRequest();

      if (request != null)
      {
        // Some requests are automatically handled by DotNetOpenAuth.  If this is one, go ahead and let it go.
        if (request.IsResponseReady)
        {
          return openIdProvider.PrepareResponse(request).AsActionResult();
        }

        // This is apparently one that the host (the web site itself) has to respond to.
        ProviderEndpoint.PendingRequest = (IHostProcessedRequest)request;

        // If PAPE requires that the user has logged in recently, we may be required to challenge the user to log in.
        var papeRequest = ProviderEndpoint.PendingRequest.GetExtension<PolicyRequest>();
        if (papeRequest != null && papeRequest.MaximumAuthenticationAge.HasValue)
        {
          //TimeSpan timeSinceLogin = DateTime.UtcNow -  this.FormsAuth.SignedInTimestampUtc.Value;
          //if (timeSinceLogin > papeRequest.MaximumAuthenticationAge.Value)
          {
            // The RP wants the user to have logged in more recently than he has.  
            // We'll have to redirect the user to a login screen.
            return this.RedirectToAction("LogOn", "Account", new { returnUrl = this.Url.Action("ProcessAuthRequest") });
          }

          return RedirectToAction("LogOn", "Account");
        }

        AuthenticationModel authModel = new AuthenticationModel();
        string key = authModel.RegisterAuthenticationRequest(ProviderEndpoint.PendingRequest.Realm, this.Request.UserHostAddress).ToString();

        FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, key, DateTime.Now, DateTime.Now.AddSeconds(30), true, key, FormsAuthentication.FormsCookiePath);
        string encTicket = FormsAuthentication.Encrypt(ticket);
        Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket));

        //var newTicket = new FormsAuthenticationTicket(1, key.ToString(), DateTime.UtcNow, DateTime.UtcNow.AddSeconds(30), true, key.ToString(), "/");

        //HttpCookie authCookie = new HttpCookie("test")
        //{
        //  Value = FormsAuthentication.Encrypt(newTicket)
        //};

        //this.Response.SetCookie(authCookie);

        return this.ProcessAuthRequest();
      }
      else
      {
        // No OpenID request was recognized.  This may be a user that stumbled on the OP Endpoint.  
        return this.View();
      }
    }
Пример #3
0
    public virtual JsonResult PushAuthorizationCode(Guid sessionId)
    {
      AuthenticationModel authModel = new AuthenticationModel();
      authModel.Authorized(sessionId);

      return Json(true);
    }