public async Task <ActionResult> Authenticate(string returnUrl)
{
HttpRequestMessage req = this.Request.AsHttpRequestMessage();
Dictionary <string, string> fields = new Dictionary <string, string>();
fields.AddRange(await ParseUrlEncodedFormContentAsync(req));
if (fields.Count == 0 && req.Method.Method != "POST")
{ // OpenID 2.0 section 4.1.2
fields.AddRange(HttpUtility.ParseQueryString(req.RequestUri.Query).AsKeyValuePairs());
}
string mode;
if (fields.TryGetValue("openid.mode", out mode))
{
string symVal = "";
fields.TryGetValue("openid.symval", out symVal);
//first, we add RP's code onto our symval
string hash_rp = PositiveAssertionResponse.code_to_hash(PositiveAuthenticationResponse.SourceCode_RP);
//((AuthenticationRequest)request).ProviderEndpoint.Authority + "[[" + PositiveAssertionResponse.hashvalue_op + "()]";
symVal = this.Request.Url.Authority + "[[" + hash_rp + "(" + symVal + ")]]";
generate_cs_file_from_symval(symVal, fields);
TimeSpan t1 = (DateTime.UtcNow - new DateTime(1970, 1, 1));
TimeSpan t2 = (DateTime.UtcNow - new DateTime(1970, 1, 1));
int num = (int)(t2.TotalMilliseconds - t1.TotalMilliseconds);
HttpRequestMessage request = this.Request.AsHttpRequestMessage();
MessageReceivingEndpoint recipient;
recipient = request.GetRecipient();
IProtocolMessage message = openid.Channel.MessageFactory.GetNewRequestMessage(recipient, fields);
// If there was no data, or we couldn't recognize it as a message, abort.
if (message == null)
{
return(null);
}
// We have a message! Assemble it.
var messageAccessor = openid.Channel.MessageDescriptions.GetAccessor(message);
messageAccessor.Deserialize(fields);
//IDirectedProtocolMessage message = await openid.Channel.ReadFromRequestAsync_ccp(fields, request, this.Response.ClientDisconnectedToken);
//only the final response will be here
var response_ccp = await openid.GetResponseAsync_ccp(message, this.Response.ClientDisconnectedToken);
//var response_ccp = await openid.GetResponseAsync(req, this.Response.ClientDisconnectedToken);
// Stage 3: OpenID Provider sending assertion response
if (!checkLogicProperty())
{
return(new EmptyResult());
}
switch (response_ccp.Status)
{
case AuthenticationStatus.Authenticated:
Session["FriendlyIdentifier"] = response_ccp.FriendlyIdentifierForDisplay;
var cookie = FormsAuthentication.GetAuthCookie(response_ccp.ClaimedIdentifier, false);
Response.SetCookie(cookie);
if (!string.IsNullOrEmpty(returnUrl))
{
return(Redirect(returnUrl));
}
else
{
return(RedirectToAction("Index", "Home"));
}
case AuthenticationStatus.Canceled:
ViewData["Message"] = "Canceled at provider";
return(View("Login"));
case AuthenticationStatus.Failed:
ViewData["Message"] = response_ccp.Exception.Message;
return(View("Login"));
}
return(new EmptyResult());
}
else
{
var response = await openid.GetResponseAsync(this.Request, this.Response.ClientDisconnectedToken);
if (response == null)
{
// Stage 2: user submitting Identifier
Identifier id;
if (Identifier.TryParse(Request.Form["openid_identifier"], out id))
{
try
{
var request = await openid.CreateRequestAsync(Request.Form["openid_identifier"]);
//Eric - add extension
var sregRequest = new ClaimsRequest();
sregRequest.Email = DemandLevel.Require;
request.AddExtension(sregRequest);
var redirectingResponse = await request.GetRedirectingResponseAsync(this.Response.ClientDisconnectedToken);
// this code is handled by HttpResponseMessageActionResult :: ExecuteResult(ControllerContext context)
return(redirectingResponse.AsActionResult());
}
catch (ProtocolException ex)
{
ViewData["Message"] = ex.Message;
return(View("Login"));
}
}
else
{
ViewData["Message"] = "Invalid identifier";
return(View("Login"));
}
}
return(new EmptyResult());
}
//ERIC'S CODE - end
}