async Task <HttpResponseMessage> HandleInteraction(
AuthorizationResponse response)
{
// Store some variables into TempData so that they can
// be referred to in AuthorizationDecisionController.
var data = new UserTData(TempData);
data.Set("ticket", response.Ticket);
data.SetObject("claimNames", response.Claims);
data.SetObject("claimLocales", response.ClaimsLocales);
// Clear user information in TempData if necessary.
ClearUserDataIfNecessary(response, data);
// Prepare a model object which is needed to render
// the authorization page.
var model = new AuthorizationPageModel(
response, data.GetUserEntity());
// Render the authorization page manually.
string html = await Render(VIEW_NAME, model);
// Return "200 OK" with "text/html".
return(ResponseUtility.OkHtml(html));
}
public override object GetUserClaimValue(
string subject, string claimName, string languageTag)
{
// Get the UserEntity from TempData.
UserEntity entity = _userTData.GetUserEntity();
// If TempData does not hold a UserEntity.
if (entity == null)
{
// Claim value is not available.
return(null);
}
// Get the value of the claim.
return(entity.GetClaimValue(claimName));
}
void ClearUserDataIfNecessary(
AuthorizationResponse response, UserTData data)
{
// Get the user information from TempData.
var entity = data.GetUserEntity();
// If user information does not exist in TempData.
if (entity == null)
{
// Nothing to clear.
return;
}
// If 'login' is required (= if the "prompt" parameter
// of the authorization request includes "login").
if (IsLoginRequired(response))
{
// Even if a user has already logged in, the user
// needs to be re-authenticated. This simple
// implementation forces the user to log out here.
data.RemoveUserTData();
return;
}
// If the max authentication age has been exceeded.
if (IsMaxAgeExceeded(response, data))
{
// Much time has elapsed since the last login, so
// re-authentication is needed. This simple
// implementation forces the user to log out here.
data.RemoveUserTData();
return;
}
// No need to clear user data.
}