private async Task SendAssertionAsync(string relyingPartyRealm) {
Uri providerEndpoint = new Uri(Request.Url, Page.ResolveUrl("~/server.aspx"));
OpenIdProvider op = new OpenIdProvider();
try {
// Send user input through identifier parser so we accept more free-form input.
string rpSite = Identifier.Parse(relyingPartyRealm);
var response = await op.PrepareUnsolicitedAssertionAsync(providerEndpoint, rpSite, Util.BuildIdentityUrl(), Util.BuildIdentityUrl());
await response.SendAsync();
this.Context.Response.End();
} catch (ProtocolException ex) {
Label errorLabel = (Label)this.loginView.FindControl("errorLabel");
errorLabel.Visible = true;
errorLabel.Text = ex.Message;
}
}
public async Task UnsolicitedAssertionRejected() {
var opStore = new StandardProviderApplicationStore();
Handle(RPUri).By(
async req => {
var rp = new OpenIdRelyingParty(new StandardRelyingPartyApplicationStore(), this.HostFactories);
rp.SecuritySettings.RejectUnsolicitedAssertions = true;
IAuthenticationResponse response = await rp.GetResponseAsync(req);
Assert.That(response, Is.Not.Null);
Assert.AreEqual(AuthenticationStatus.Failed, response.Status);
return new HttpResponseMessage();
});
Handle(OPUri).By(
async req => {
var op = new OpenIdProvider(opStore, this.HostFactories);
return await this.AutoProviderActionAsync(op, req, CancellationToken.None);
});
this.RegisterMockRPDiscovery(ssl: false);
{
var op = new OpenIdProvider(opStore, this.HostFactories);
Identifier id = GetMockIdentifier(ProtocolVersion.V20);
var assertion = await op.PrepareUnsolicitedAssertionAsync(OPUri, RPRealmUri, id, OPLocalIdentifiers[0]);
using (var httpClient = this.HostFactories.CreateHttpClient()) {
using (var response = await httpClient.GetAsync(assertion.Headers.Location)) {
response.EnsureSuccessStatusCode();
}
}
}
}
public async Task AssertionWithEndpointFilter() {
var opStore = new StandardProviderApplicationStore();
Handle(RPUri).By(
async req => {
var rp = new OpenIdRelyingParty(new StandardRelyingPartyApplicationStore(), this.HostFactories);
// Rig it to always deny the incoming OP
rp.EndpointFilter = op => false;
// Receive the unsolicited assertion
var response = await rp.GetResponseAsync(req);
Assert.That(response, Is.Not.Null);
Assert.AreEqual(AuthenticationStatus.Failed, response.Status);
return new HttpResponseMessage();
});
this.RegisterAutoProvider();
{
var op = new OpenIdProvider(opStore, this.HostFactories);
Identifier id = GetMockIdentifier(ProtocolVersion.V20);
var assertion = await op.PrepareUnsolicitedAssertionAsync(OPUri, GetMockRealm(false), id, id);
using (var httpClient = this.HostFactories.CreateHttpClient()) {
using (var response = await httpClient.GetAsync(assertion.Headers.Location)) {
response.EnsureSuccessStatusCode();
}
}
}
}
