private static AuthRequest ParseIdentityInfo(FetchResponse response) { string server = null; string deleg = null; string rel, href; foreach (NameValueCollection attrs in LinkParser.ParseLinkAttrs(response.data, response.length, response.charset)) { rel = attrs["rel"]; if (rel != null) { href = attrs["href"]; if (rel == "openid.server" && server == null) if (href != null) server = href; if (rel == "openid.delegate" && deleg == null) if (href != null) deleg = href; } } if (server == null) throw new ParseException(); AuthRequest request = new AuthRequest(); request.serverUri = UriUtil.NormalizeUri(server); if (deleg == null) request.serverId = response.finalUri; else request.serverId = UriUtil.NormalizeUri(deleg); return request; }
private void GenToken(Uri consumerId, ref AuthRequest request) { string timestamp = DateTime.UtcNow.ToFileTimeUtc().ToString(); MemoryStream ms = new MemoryStream(); byte[] temp = ASCIIEncoding.ASCII.GetBytes(timestamp); ms.Write(temp, 0, temp.Length); ms.WriteByte(0); temp = ASCIIEncoding.ASCII.GetBytes(request.nonce); ms.Write(temp, 0, temp.Length); ms.WriteByte(0); temp = ASCIIEncoding.ASCII.GetBytes(consumerId.AbsoluteUri); ms.Write(temp, 0, temp.Length); ms.WriteByte(0); temp = ASCIIEncoding.ASCII.GetBytes(request.serverId.AbsoluteUri); ms.Write(temp, 0, temp.Length); ms.WriteByte(0); temp = ASCIIEncoding.ASCII.GetBytes(request.serverUri.AbsoluteUri); ms.Write(temp, 0, temp.Length); HMACSHA1 hmac = new HMACSHA1(this.store.AuthKey); byte[] hash = hmac.ComputeHash(ms); MemoryStream ms2 = new MemoryStream(); ms2.Write(hash, 0, hash.Length); ms.WriteTo(ms2); request.token = CryptUtil.ToBase64String(ms2.ToArray()); }
/// <summary> /// This method is called to construct the redirect URL sent /// to the browser to ask the server to verify its identity. /// The generated redirect should be sent to the browser /// which initiated the authorization request. /// </summary> /// /// <param name="request"> /// An instance of <see cref="AuthRequest"/> as returned /// from BeginAuth. /// </param> /// <param name="returnTo"> /// The URL the identity server should redirect back to. /// </param> /// <param name="trustRoot"> /// This represents the consumer to the identity server. For example, /// an ASP application would probably send an absolute URL using /// the Application path. The OpenId spec, /// http://www.openid.net/specs.bml#mode-checkid_immediate, /// has more information on what the trust_root value is for /// and what its form can be. /// </param> /// /// <returns> /// This method returns a <see cref="System.Uri"/> /// representing the URL to redirect to when such a URL is /// successfully constructed. /// </returns> public Uri CreateRedirect(Mode mode, AuthRequest request, Uri returnTo, string trustRoot) { Association assoc = GetAssociation(request.serverUri, true); UriBuilder redir = new UriBuilder(request.serverUri); UriUtil.AppendQueryArgument(redir, "openid.identity", request.serverId.AbsoluteUri); UriUtil.AppendQueryArgument(redir, "openid.return_to", returnTo.AbsoluteUri); UriUtil.AppendQueryArgument(redir, "openid.trust_root", trustRoot); switch (mode) { case Mode.IMMEDIATE: UriUtil.AppendQueryArgument(redir, "openid.mode", "checkid_immediate"); break; case Mode.SETUP: UriUtil.AppendQueryArgument(redir, "openid.mode", "checkid_setup"); break; } if (assoc != null) UriUtil.AppendQueryArgument(redir, "openid.assoc_handle", assoc.Handle); this.store.StoreNonce(request.nonce); return new Uri(redir.ToString(), true); }