public async Task UnsolicitedAssertion() { var opStore = new StandardProviderApplicationStore(); Handle(RPUri).By( async req => { var rp = new OpenIdRelyingParty(new StandardRelyingPartyApplicationStore(), this.HostFactories); IAuthenticationResponse response = await rp.GetResponseAsync(req); Assert.That(response, Is.Not.Null); Assert.AreEqual(AuthenticationStatus.Authenticated, response.Status); return new HttpResponseMessage(); }); Handle(OPUri).By( async (req, ct) => { var op = new OpenIdProvider(opStore, this.HostFactories); return await this.AutoProviderActionAsync(op, req, ct); }); this.RegisterMockRPDiscovery(ssl: false); { var op = new OpenIdProvider(opStore, this.HostFactories); Identifier id = GetMockIdentifier(ProtocolVersion.V20); var assertion = await op.PrepareUnsolicitedAssertionAsync(OPUri, RPRealmUri, id, OPLocalIdentifiers[0]); using (var httpClient = this.HostFactories.CreateHttpClient()) { using (var response = await httpClient.GetAsync(assertion.Headers.Location)) { response.EnsureSuccessStatusCode(); } } } }
public async Task<ActionResult> Authenticate(string returnUrl) { var rp = new OpenIdRelyingParty(); var response = await rp.GetResponseAsync(Request); if (response != null) { switch (response.Status) { case AuthenticationStatus.Authenticated: // Make sure we have a user account for this guy. string identifier = response.ClaimedIdentifier; // convert to string so LinqToSQL expression parsing works. if (MvcApplication.DataContext.Users.FirstOrDefault(u => u.OpenIDClaimedIdentifier == identifier) == null) { MvcApplication.DataContext.Users.InsertOnSubmit(new User { OpenIDFriendlyIdentifier = response.FriendlyIdentifierForDisplay, OpenIDClaimedIdentifier = response.ClaimedIdentifier, }); } FormsAuthentication.SetAuthCookie(response.ClaimedIdentifier, false); return this.Redirect(returnUrl ?? Url.Action("Index", "Home")); default: ModelState.AddModelError(string.Empty, "An error occurred during login."); break; } } return this.View("LogOn"); }
public async Task<ActionResult> Authenticate() { var rp = new OpenIdRelyingParty(null); var response = await rp.GetResponseAsync(this.Request); if (response != null) { if (response.Status == AuthenticationStatus.Authenticated) { FormsAuthentication.SetAuthCookie(response.ClaimedIdentifier, false); return this.Redirect(FormsAuthentication.GetRedirectUrl(response.ClaimedIdentifier, false)); } } return this.RedirectToAction("Index", "Home"); }
protected void Page_Load(object sender, EventArgs e) { this.RegisterAsyncTask( new PageAsyncTask( async ct => { using (var openid = new OpenIdRelyingParty()) { // In order to receive the UIRequest as a response, we must register a custom extension factory. openid.ExtensionFactories.Add(new UIRequestAtRelyingPartyFactory()); var response = await openid.GetResponseAsync(new HttpRequestWrapper(Request), Response.ClientDisconnectedToken); if (response == null) { // Submit an OpenID request which Google must reply to immediately. // If the user hasn't established a trust relationship with this site yet, // Google will not give us the user identity, but they will tell us whether the user // at least has an active login session with them so we know whether to promote the // "Log in with Google" button. IAuthenticationRequest request = await openid.CreateRequestAsync( "https://www.google.com/accounts/o8/id", new HttpRequestWrapper(Request), Response.ClientDisconnectedToken); request.AddExtension(new UIRequest { Mode = UIModeDetectSession }); request.Mode = AuthenticationRequestMode.Immediate; await request.RedirectToProviderAsync(new HttpContextWrapper(this.Context), Response.ClientDisconnectedToken); } else { if (response.Status == AuthenticationStatus.Authenticated) { this.YouTrustUsLabel.Visible = true; } else if (response.Status == AuthenticationStatus.SetupRequired) { // Google refused to authenticate the user without user interaction. // This is either because Google doesn't know who the user is yet, // or because the user hasn't indicated to Google to trust this site. // Google uniquely offers the RP a tip as to which of the above situations is true. // Figure out which it is. In a real app, you might use this value to promote a // Google login button on your site if you detect that a Google session exists. var ext = response.GetUntrustedExtension<UIRequest>(); this.YouAreLoggedInLabel.Visible = ext != null && ext.Mode == UIModeDetectSession; this.YouAreNotLoggedInLabel.Visible = !this.YouAreLoggedInLabel.Visible; } } } })); }
protected async void Page_Load(object sender, EventArgs e) { this.openIdBox.Focus(); using (OpenIdRelyingParty rp = new OpenIdRelyingParty()) { IAuthenticationResponse response = await rp.GetResponseAsync(new HttpRequestWrapper(this.Request), this.Response.ClientDisconnectedToken); if (response != null) { switch (response.Status) { case AuthenticationStatus.ExtensionsOnly: this.ExtensionResponsesPanel.Visible = true; // This is the "success" status we get when no authentication was requested. var sreg = response.GetExtension<ClaimsResponse>(); if (sreg != null) { this.emailLabel.Text = sreg.Email; this.timeZoneLabel.Text = sreg.TimeZone; this.postalCodeLabel.Text = sreg.PostalCode; this.countryLabel.Text = sreg.Country; if (sreg.Gender.HasValue) { this.genderLabel.Text = sreg.Gender.Value.ToString(); } } break; case AuthenticationStatus.Canceled: this.resultMessage.Text = "Canceled at OP. This may be a sign that the OP doesn't support this message."; break; case AuthenticationStatus.Failed: this.resultMessage.Text = "OP returned a failure: " + response.Exception; break; case AuthenticationStatus.SetupRequired: case AuthenticationStatus.Authenticated: default: this.resultMessage.Text = "OP returned an unexpected response."; break; } } } }
public async Task<ActionResult> OpenIdCallback(string returnUrl) { var model = new LoginModel { ReturnUrl = returnUrl }; var openId = new OpenIdRelyingParty(); var openIdResponseTask = openId.GetResponseAsync(); await openIdResponseTask; var openIdResponse = openIdResponseTask.Result; if (openIdResponse.Status == AuthenticationStatus.Authenticated) { var friendlyName = GetFriendlyName(openIdResponse); var isPersistentCookie = true; SetAuthCookie(openIdResponse.ClaimedIdentifier, isPersistentCookie, friendlyName); return Redirect(returnUrl.AsNullIfEmpty() ?? Url.Action("Index", "Home")); } model.Message = "Sorry, login failed."; return View("Login", model); }
public async Task AssertionWithEndpointFilter() { var opStore = new StandardProviderApplicationStore(); Handle(RPUri).By( async req => { var rp = new OpenIdRelyingParty(new StandardRelyingPartyApplicationStore(), this.HostFactories); // Rig it to always deny the incoming OP rp.EndpointFilter = op => false; // Receive the unsolicited assertion var response = await rp.GetResponseAsync(req); Assert.That(response, Is.Not.Null); Assert.AreEqual(AuthenticationStatus.Failed, response.Status); return new HttpResponseMessage(); }); this.RegisterAutoProvider(); { var op = new OpenIdProvider(opStore, this.HostFactories); Identifier id = GetMockIdentifier(ProtocolVersion.V20); var assertion = await op.PrepareUnsolicitedAssertionAsync(OPUri, GetMockRealm(false), id, id); using (var httpClient = this.HostFactories.CreateHttpClient()) { using (var response = await httpClient.GetAsync(assertion.Headers.Location)) { response.EnsureSuccessStatusCode(); } } } }