示例#1
0
        //---------------------------------------------------------------------------------------------------------------------

        /// <summary>Processes a request regarding OpenIDs.</summary>

        /*!
         */
        public bool ProcessRequest()
        {
            string operationName = context.GetParamValue(IfyWebContext.OperationParameterName);

            openIdAuth = webContext.AllowOpenId;
            if (openIdAuth == 0)
            {
                context.ReturnError("OpenID authentication not permitted");
            }

            switch (operationName)
            {
            /*case "list" :
             *  if (context.AuthenticatedUser) {
             *      WriteProviderList(false);
             *      return true;
             *  } else {
             *      return false;
             *  }*/

            case "signin":
                // Sign-in modes:
                // (1) (Positive) OpenID authentication assertion
                // (2) Request for OpenID authentication
                // (3) Username/password login
                // (4) Display sign-in form

                try {
                    ServicePointManager.ServerCertificateValidationCallback = delegate(object sender, X509Certificate certificate, X509Chain chain, System.Net.Security.SslPolicyErrors sslPolicyErrors) {
                        return(true);
                    };

                    //ServicePointManager.CertificatePolicy = new CertificateAcceptor();

                    int providerId;
                    Int32.TryParse(context.GetParamValue("provider"), out providerId);
                    ProviderId = providerId;

                    if (context.GetParamValue("openid.mode") != null)       // (1)
                    {
                        OpenIdRelyingParty openId = null;
                        openId = OpenIdRelyingParty.RecoverFromAssociation();
                        openId.ResponseNonceStorage = webContext;
                        if (!openId.VerifyAuthenticationAssertion())
                        {
                            context.AddWarning("OpenID authentication was canceled", "openIdCanceled");
                            return(false);
                        }
                        webContext.AuthenticateWithOpenId(openId);
                        webContext.CheckAvailability(false);
                        context.WriteInfo("You are now logged in", "openIdAuthenticated");
                    }
                    else if ((UserInput = context.GetParamValue("openid")) != null || ProviderId != 0)         // (2)
                    {
                        if (ProviderId != 0)
                        {
                            provider = OpenIdProvider.FromId(context, ProviderId);
                        }

                        if (UserInput == null && !provider.UseOpenIdProviderIdentifier)
                        {
                            MissingIdentifier = true;
                            break;
                        }

                        // Get a OpenIdRelyingParty instance, either the generic one or the one corresponding to the requested OpenID provider
                        OpenIdRelyingParty openId = (provider == null ? OpenIdProvider.GetGenericRelyingParty(UserInput) : provider.GetRelyingParty(UserInput));

                        // Get an OpenID association
                        openId.ReturnToUrl = String.Format("{0}?{1}=signin{2}",
                                                           webContext.ScriptUrl,
                                                           IfyWebContext.OperationParameterName,
                                                           webContext.Format == null ? String.Empty : "&" + IfyWebContext.FormatParameterName + "=" + webContext.Format
                                                           );
                        openId.RealmPattern = webContext.HostUrl;
                        openId.GetAssociation();

                        if (context.GetParamValue("_debug") == "3")
                        {
                            context.WriteInfo("openid.op_endpoint:" + openId.EndpointUrl);
                            context.WriteInfo("openid.assoc_type:" + openId.AssociationType);
                            context.WriteInfo("openid.assoc_handle:" + openId.AssociationHandle);
                            context.WriteInfo("openid.mac_key:" + openId.Mac);
                            context.WriteInfo("openid.expires_in:" + openId.ExpiresIn.ToString());
                            context.WriteInfo(openId.AuthenticationUrl);
                        }
                        else
                        {
                            openId.RequestAuthentication();
                        }
                    }
                    else
                    {
                        if (openIdAuth != 2)
                        {
                            context.AddError("Invalid request");
                            return(false);
                        }
                    }
                } catch (Exception e) {
                    if (!context.ErrorHandled)
                    {
                        context.AddError(e.Message, null);
                    }
                }

                break;

            case "assign":
                try {
                    ServicePointManager.ServerCertificateValidationCallback = delegate(object sender, X509Certificate certificate, X509Chain chain, System.Net.Security.SslPolicyErrors sslPolicyErrors) {
                        return(true);
                    };

                    //ServicePointManager.CertificatePolicy = new CertificateAcceptor();

                    if (!context.IsUserAuthenticated)
                    {
                        webContext.RejectUnauthenticatedRequest();
                    }
                    bool success = false;

                    if (context.GetParamValue("openid.mode") == null)
                    {
                        UserInput = context.GetParamValue("openid");
                        int providerId;
                        Int32.TryParse(context.GetParamValue("provider"), out providerId);
                        ProviderId = providerId;

                        if (UserInput != null || ProviderId != 0)
                        {
                            // Store current OpenID's database ID in session (to remember it after the returning redirect from the OpenID provider)

                            if (ProviderId != 0)
                            {
                                provider = OpenIdProvider.FromId(context, ProviderId);
                            }

                            if (UserInput == null && !provider.UseOpenIdProviderIdentifier)
                            {
                                WriteSignInForm(true);
                                return(true);
                                //context.ReturnError("Missing identifier");
                            }

                            context.Execute(String.Format("INSERT INTO usropenid (id_usr, id_provider, user_input) VALUES ({0}, {1}, {2});",
                                                          context.UserId,
                                                          ProviderId == 0 ? "NULL" : ProviderId.ToString(),
                                                          StringUtils.EscapeSql(UserInput)
                                                          ));
                            sessionOpenIdId = context.GetInsertId();
                            HttpContext.Current.Session["openid.id"] = sessionOpenIdId;

                            try {
                                // Get a OpenIdRelyingParty instance, either the generic one or the one corresponding to the requested OpenID provider
                                OpenIdRelyingParty openId = (provider == null ? OpenIdProvider.GetGenericRelyingParty(UserInput) : provider.GetRelyingParty(UserInput));
                                openId.ReturnToUrl = String.Format("{0}?id={1}&{2}=assign{3}",
                                                                   webContext.ScriptUrl,
                                                                   sessionOpenIdId,
                                                                   IfyWebContext.OperationParameterName,
                                                                   webContext.Format == null ? String.Empty : "&" + IfyWebContext.FormatParameterName + "=" + webContext.Format
                                                                   );
                                openId.RealmPattern = webContext.HostUrl;
                                openId.GetAssociation();

                                if (context.GetParamValue("_debug") == "3")
                                {
                                    context.WriteInfo("openid.op_endpoint:" + openId.EndpointUrl);
                                    context.WriteInfo("openid.assoc_type:" + openId.AssociationType);
                                    context.WriteInfo("openid.assoc_handle:" + openId.AssociationHandle);
                                    context.WriteInfo("openid.mac_key:" + openId.Mac);
                                    context.WriteInfo("openid.expires_in:" + openId.ExpiresIn.ToString());
                                    context.WriteInfo(openId.AuthenticationUrl);
                                }
                                else
                                {
                                    openId.RequestAuthentication();
                                }
                            } catch (Exception e) {
                                if (!context.ErrorHandled)
                                {
                                    context.AddError(e.Message, null);
                                }
                            }
                            if (!success && sessionOpenIdId != 0)
                            {
                                context.Execute(String.Format("DELETE FROM usropenid WHERE id={0};", sessionOpenIdId));
                            }
                        }
                        else
                        {
                            MissingIdentifier = true;
                            if (openIdAuth == 2)
                            {
                                WriteSignInForm(true);
                            }
                        }
                    }
                    else
                    {
                        try {
                            success = Verify();
                        } catch (Exception e) {
                            if (!context.ErrorHandled)
                            {
                                context.AddError(e.Message, null);
                            }
                        }

                        // In case of failure, delete concerned user OpenID record, but only if not yet verified
                        if (!success && sessionOpenIdId != 0 && context.GetQueryBooleanValue(String.Format("SELECT claimed_id IS NULL FROM usropenid WHERE id={0};", sessionOpenIdId)))
                        {
                            context.Execute(String.Format("DELETE FROM usropenid WHERE id={0};", sessionOpenIdId));
                        }
                    }
                } catch (Exception e) {
                    if (!context.ErrorHandled)
                    {
                        context.AddError(e.Message, null);
                    }
                }

                break;

            case "delete":
                GetIdsFromRequest("id");
                if (Ids.Length != 0)
                {
                    DeleteItems(Ids);
                }
                break;
            }

            //if (MissingIdentifier) context.AddError("You must specify an OpenID", "missingInput");

            return(false);

            //if (context.AuthenticatedUser) userOpenId.WriteItemList();
            //return context.AuthenticatedUser;
        }