/// <summary>
/// Emits a series of script import tags and some inline script to support the AJAX OpenID Selector.
/// </summary>
/// <param name="html">The <see cref="HtmlHelper"/> on the view.</param>
/// <param name="page">The page being rendered.</param>
/// <param name="selectorOptions">An optional instance of an <see cref="OpenIdSelector"/> control, whose properties have been customized to express how this MVC control should be rendered.</param>
/// <param name="additionalOptions">An optional set of additional script customizations.</param>
/// <returns>
/// HTML that should be sent directly to the browser.
/// </returns>
public static string OpenIdSelectorScripts(this HtmlHelper html, Page page, OpenIdSelector selectorOptions, OpenIdAjaxOptions additionalOptions) {
Contract.Requires<ArgumentNullException>(html != null);
Contract.Requires<ArgumentNullException>(page != null);
Contract.Ensures(Contract.Result<string>() != null);
if (selectorOptions == null) {
selectorOptions = new OpenId.RelyingParty.OpenIdSelector();
}
if (additionalOptions == null) {
additionalOptions = new OpenIdAjaxOptions();
}
StringWriter result = new StringWriter();
if (additionalOptions.ShowDiagnosticIFrame || additionalOptions.ShowDiagnosticTrace) {
string scriptFormat = @"window.openid_visible_iframe = {0}; // causes the hidden iframe to show up
window.openid_trace = {1}; // causes lots of messages";
result.WriteScriptBlock(string.Format(
CultureInfo.InvariantCulture,
scriptFormat,
additionalOptions.ShowDiagnosticIFrame ? "true" : "false",
additionalOptions.ShowDiagnosticTrace ? "true" : "false"));
}
var scriptResources = new[] {
OpenIdRelyingPartyControlBase.EmbeddedJavascriptResource,
OpenIdRelyingPartyAjaxControlBase.EmbeddedAjaxJavascriptResource,
OpenId.RelyingParty.OpenIdAjaxTextBox.EmbeddedScriptResourceName,
};
result.WriteScriptTags(page, scriptResources);
if (selectorOptions.DownloadYahooUILibrary) {
result.WriteScriptTags(new[] { "https://ajax.googleapis.com/ajax/libs/yui/2.8.0r4/build/yuiloader/yuiloader-min.js" });
}
var blockBuilder = new StringWriter();
if (selectorOptions.DownloadYahooUILibrary) {
blockBuilder.WriteLine(@" try {
if (YAHOO) {
var loader = new YAHOO.util.YUILoader({
require: ['button', 'menu'],
loadOptional: false,
combine: true
});
loader.insert();
}
} catch (e) { }");
}
blockBuilder.WriteLine("window.aspnetapppath = '{0}';", VirtualPathUtility.AppendTrailingSlash(HttpContext.Current.Request.ApplicationPath));
// Positive assertions can last no longer than this library is willing to consider them valid,
// and when they come with OP private associations they last no longer than the OP is willing
// to consider them valid. We assume the OP will hold them valid for at least five minutes.
double assertionLifetimeInMilliseconds = Math.Min(TimeSpan.FromMinutes(5).TotalMilliseconds, Math.Min(DotNetOpenAuthSection.Configuration.OpenId.MaxAuthenticationTime.TotalMilliseconds, DotNetOpenAuthSection.Configuration.Messaging.MaximumMessageLifetime.TotalMilliseconds));
blockBuilder.WriteLine(
"{0} = {1};",
OpenIdRelyingPartyAjaxControlBase.MaxPositiveAssertionLifetimeJsName,
assertionLifetimeInMilliseconds.ToString(CultureInfo.InvariantCulture));
if (additionalOptions.PreloadedDiscoveryResults != null) {
blockBuilder.WriteLine(additionalOptions.PreloadedDiscoveryResults);
}
string discoverUrl = VirtualPathUtility.AppendTrailingSlash(HttpContext.Current.Request.ApplicationPath) + html.RouteCollection["OpenIdDiscover"].GetVirtualPath(html.ViewContext.RequestContext, new RouteValueDictionary(new { identifier = "xxx" })).VirtualPath;
string blockFormat = @" {0} = function (argument, resultFunction, errorCallback) {{
jQuery.ajax({{
async: true,
dataType: 'text',
error: function (request, status, error) {{ errorCallback(status, argument); }},
success: function (result) {{ resultFunction(result, argument); }},
url: '{1}'.replace('xxx', encodeURIComponent(argument))
}});
}};";
blockBuilder.WriteLine(blockFormat, OpenIdRelyingPartyAjaxControlBase.CallbackJSFunctionAsync, discoverUrl);
blockFormat = @" window.postLoginAssertion = function (positiveAssertion) {{
$('#{0}')[0].setAttribute('value', positiveAssertion);
if ($('#{1}')[0] && !$('#{1}')[0].value) {{ // popups have no ReturnUrl predefined, but full page LogOn does.
$('#{1}')[0].setAttribute('value', window.parent.location.href);
}}
document.forms[{2}].submit();
}};";
blockBuilder.WriteLine(
blockFormat,
additionalOptions.AssertionHiddenFieldId,
additionalOptions.ReturnUrlHiddenFieldId,
additionalOptions.FormKey);
blockFormat = @" $(function () {{
var box = document.getElementsByName('openid_identifier')[0];
initAjaxOpenId(box, {0}, {1}, {2}, {3}, {4}, {5},
null, // js function to invoke on receiving a positive assertion
{6}, {7}, {8}, {9}, {10}, {11}, {12}, {13}, {14}, {15}, {16}, {17},
false, // auto postback
null); // PostBackEventReference (unused in MVC)
}});";
blockBuilder.WriteLine(
blockFormat,
MessagingUtilities.GetSafeJavascriptValue(page.ClientScript.GetWebResourceUrl(typeof(OpenIdRelyingPartyControlBase), OpenIdTextBox.EmbeddedLogoResourceName)),
MessagingUtilities.GetSafeJavascriptValue(page.ClientScript.GetWebResourceUrl(typeof(OpenIdRelyingPartyControlBase), OpenId.RelyingParty.OpenIdAjaxTextBox.EmbeddedSpinnerResourceName)),
MessagingUtilities.GetSafeJavascriptValue(page.ClientScript.GetWebResourceUrl(typeof(OpenIdRelyingPartyControlBase), OpenId.RelyingParty.OpenIdAjaxTextBox.EmbeddedLoginSuccessResourceName)),
MessagingUtilities.GetSafeJavascriptValue(page.ClientScript.GetWebResourceUrl(typeof(OpenIdRelyingPartyControlBase), OpenId.RelyingParty.OpenIdAjaxTextBox.EmbeddedLoginFailureResourceName)),
selectorOptions.Throttle,
selectorOptions.Timeout.TotalMilliseconds,
MessagingUtilities.GetSafeJavascriptValue(selectorOptions.TextBox.LogOnText),
MessagingUtilities.GetSafeJavascriptValue(selectorOptions.TextBox.LogOnToolTip),
selectorOptions.TextBox.ShowLogOnPostBackButton ? "true" : "false",
MessagingUtilities.GetSafeJavascriptValue(selectorOptions.TextBox.LogOnPostBackToolTip),
MessagingUtilities.GetSafeJavascriptValue(selectorOptions.TextBox.RetryText),
MessagingUtilities.GetSafeJavascriptValue(selectorOptions.TextBox.RetryToolTip),
MessagingUtilities.GetSafeJavascriptValue(selectorOptions.TextBox.BusyToolTip),
MessagingUtilities.GetSafeJavascriptValue(selectorOptions.TextBox.IdentifierRequiredMessage),
MessagingUtilities.GetSafeJavascriptValue(selectorOptions.TextBox.LogOnInProgressMessage),
MessagingUtilities.GetSafeJavascriptValue(selectorOptions.TextBox.AuthenticationSucceededToolTip),
MessagingUtilities.GetSafeJavascriptValue(selectorOptions.TextBox.AuthenticatedAsToolTip),
MessagingUtilities.GetSafeJavascriptValue(selectorOptions.TextBox.AuthenticationFailedToolTip));
result.WriteScriptBlock(blockBuilder.ToString());
result.WriteScriptTags(page, OpenId.RelyingParty.OpenIdSelector.EmbeddedScriptResourceName);
Reporting.RecordFeatureUse("MVC " + typeof(OpenIdSelector).Name);
return result.ToString();
}
public static string OpenIdSelectorScripts(this HtmlHelper html, OpenIdSelector selectorOptions, OpenIdAjaxOptions additionalOptions)
{
Requires.NotNull(html, "html");
bool selectorOptionsOwned = false;
if (selectorOptions == null)
{
selectorOptionsOwned = true;
selectorOptions = new OpenId.RelyingParty.OpenIdSelector();
}
try {
if (additionalOptions == null)
{
additionalOptions = new OpenIdAjaxOptions();
}
using (StringWriter result = new StringWriter(CultureInfo.CurrentCulture)) {
if (additionalOptions.ShowDiagnosticIFrame || additionalOptions.ShowDiagnosticTrace)
{
string scriptFormat = @"window.openid_visible_iframe = {0}; // causes the hidden iframe to show up
window.openid_trace = {1}; // causes lots of messages";
result.WriteScriptBlock(string.Format(
CultureInfo.InvariantCulture,
scriptFormat,
additionalOptions.ShowDiagnosticIFrame ? "true" : "false",
additionalOptions.ShowDiagnosticTrace ? "true" : "false"));
}
var scriptResources = new[] {
OpenIdRelyingPartyControlBase.EmbeddedJavascriptResource,
OpenIdRelyingPartyAjaxControlBase.EmbeddedAjaxJavascriptResource,
OpenId.RelyingParty.OpenIdAjaxTextBox.EmbeddedScriptResourceName,
};
result.WriteScriptTags(scriptResources);
if (selectorOptions.DownloadYahooUILibrary)
{
result.WriteScriptTagsUrls(new[] { "https://ajax.googleapis.com/ajax/libs/yui/2.8.0r4/build/yuiloader/yuiloader-min.js" });
}
using (var blockBuilder = new StringWriter(CultureInfo.CurrentCulture)) {
if (selectorOptions.DownloadYahooUILibrary)
{
blockBuilder.WriteLine(@" try {
if (YAHOO) {
var loader = new YAHOO.util.YUILoader({
require: ['button', 'menu'],
loadOptional: false,
combine: true
});
loader.insert();
}
} catch (e) { }" );
}
blockBuilder.WriteLine("window.aspnetapppath = '{0}';", VirtualPathUtility.AppendTrailingSlash(HttpContext.Current.Request.ApplicationPath));
// Positive assertions can last no longer than this library is willing to consider them valid,
// and when they come with OP private associations they last no longer than the OP is willing
// to consider them valid. We assume the OP will hold them valid for at least five minutes.
double assertionLifetimeInMilliseconds = Math.Min(TimeSpan.FromMinutes(5).TotalMilliseconds, Math.Min(OpenIdElement.Configuration.MaxAuthenticationTime.TotalMilliseconds, DotNetOpenAuthSection.Messaging.MaximumMessageLifetime.TotalMilliseconds));
blockBuilder.WriteLine(
"{0} = {1};",
OpenIdRelyingPartyAjaxControlBase.MaxPositiveAssertionLifetimeJsName,
assertionLifetimeInMilliseconds.ToString(CultureInfo.InvariantCulture));
if (additionalOptions.PreloadedDiscoveryResults != null)
{
blockBuilder.WriteLine(additionalOptions.PreloadedDiscoveryResults);
}
string discoverUrl = VirtualPathUtility.AppendTrailingSlash(HttpContext.Current.Request.ApplicationPath) + html.RouteCollection["OpenIdDiscover"].GetVirtualPath(html.ViewContext.RequestContext, new RouteValueDictionary(new { identifier = "xxx" })).VirtualPath;
string blockFormat = @" {0} = function (argument, resultFunction, errorCallback) {{
jQuery.ajax({{
async: true,
dataType: 'text',
error: function (request, status, error) {{ errorCallback(status, argument); }},
success: function (result) {{ resultFunction(result, argument); }},
url: '{1}'.replace('xxx', encodeURIComponent(argument))
}});
}};" ;
blockBuilder.WriteLine(blockFormat, OpenIdRelyingPartyAjaxControlBase.CallbackJSFunctionAsync, discoverUrl);
blockFormat = @" window.postLoginAssertion = function (positiveAssertion) {{
$('#{0}')[0].setAttribute('value', positiveAssertion);
if ($('#{1}')[0] && !$('#{1}')[0].value) {{ // popups have no ReturnUrl predefined, but full page LogOn does.
$('#{1}')[0].setAttribute('value', window.parent.location.href);
}}
document.forms[{2}].submit();
}};" ;
blockBuilder.WriteLine(
blockFormat,
additionalOptions.AssertionHiddenFieldId,
additionalOptions.ReturnUrlHiddenFieldId,
additionalOptions.FormKey);
blockFormat = @" $(function () {{
var box = document.getElementsByName('openid_identifier')[0];
initAjaxOpenId(box, {0}, {1}, {2}, {3}, {4}, {5},
null, // js function to invoke on receiving a positive assertion
{6}, {7}, {8}, {9}, {10}, {11}, {12}, {13}, {14}, {15}, {16}, {17},
false, // auto postback
null); // PostBackEventReference (unused in MVC)
}});" ;
blockBuilder.WriteLine(
blockFormat,
MessagingUtilities.GetSafeJavascriptValue(Util.GetWebResourceUrl(typeof(OpenIdRelyingPartyControlBase), OpenIdTextBox.EmbeddedLogoResourceName)),
MessagingUtilities.GetSafeJavascriptValue(Util.GetWebResourceUrl(typeof(OpenIdRelyingPartyControlBase), OpenId.RelyingParty.OpenIdAjaxTextBox.EmbeddedSpinnerResourceName)),
MessagingUtilities.GetSafeJavascriptValue(Util.GetWebResourceUrl(typeof(OpenIdRelyingPartyControlBase), OpenId.RelyingParty.OpenIdAjaxTextBox.EmbeddedLoginSuccessResourceName)),
MessagingUtilities.GetSafeJavascriptValue(Util.GetWebResourceUrl(typeof(OpenIdRelyingPartyControlBase), OpenId.RelyingParty.OpenIdAjaxTextBox.EmbeddedLoginFailureResourceName)),
selectorOptions.Throttle,
selectorOptions.Timeout.TotalMilliseconds,
MessagingUtilities.GetSafeJavascriptValue(selectorOptions.TextBox.LogOnText),
MessagingUtilities.GetSafeJavascriptValue(selectorOptions.TextBox.LogOnToolTip),
selectorOptions.TextBox.ShowLogOnPostBackButton ? "true" : "false",
MessagingUtilities.GetSafeJavascriptValue(selectorOptions.TextBox.LogOnPostBackToolTip),
MessagingUtilities.GetSafeJavascriptValue(selectorOptions.TextBox.RetryText),
MessagingUtilities.GetSafeJavascriptValue(selectorOptions.TextBox.RetryToolTip),
MessagingUtilities.GetSafeJavascriptValue(selectorOptions.TextBox.BusyToolTip),
MessagingUtilities.GetSafeJavascriptValue(selectorOptions.TextBox.IdentifierRequiredMessage),
MessagingUtilities.GetSafeJavascriptValue(selectorOptions.TextBox.LogOnInProgressMessage),
MessagingUtilities.GetSafeJavascriptValue(selectorOptions.TextBox.AuthenticationSucceededToolTip),
MessagingUtilities.GetSafeJavascriptValue(selectorOptions.TextBox.AuthenticatedAsToolTip),
MessagingUtilities.GetSafeJavascriptValue(selectorOptions.TextBox.AuthenticationFailedToolTip));
result.WriteScriptBlock(blockBuilder.ToString());
result.WriteScriptTags(OpenId.RelyingParty.OpenIdSelector.EmbeddedScriptResourceName);
Reporting.RecordFeatureUse("MVC " + typeof(OpenIdSelector).Name);
return(result.ToString());
}
}
} catch {
if (selectorOptionsOwned)
{
selectorOptions.Dispose();
}
throw;
}
}