blob: 584cff7d7ef0c462a84210728620d5b3e7c3e1d5 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
|
namespace OpenIdWebRingSsoProvider {
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using DotNetOpenAuth.OpenId.Provider;
using OpenIdWebRingSsoProvider.Code;
/// <summary>
/// Challenges the user to authenticate to the OpenID SSO Provider.
/// </summary>
/// <remarks>
/// This login page is used only when the Provider is configured for
/// FormsAuthentication. The default configuration is to use
/// Windows authentication.
/// </remarks>
public partial class Login : System.Web.UI.Page {
protected void Page_Load(object sender, EventArgs e) {
// This site doesn't need XSRF protection because only trusted RPs are ever allowed to receive authentication results
// and because the login page itself is the only page the user could ever see as an in-between step to logging in,
// and a login form isn't vulnerable to XSRF.
if (!IsPostBack) {
if (ProviderEndpoint.PendingAuthenticationRequest != null) {
if (!ProviderEndpoint.PendingAuthenticationRequest.IsDirectedIdentity) {
this.login1.UserName = Code.Util.ExtractUserName(
ProviderEndpoint.PendingAuthenticationRequest.LocalIdentifier);
((TextBox)this.login1.FindControl("UserName")).ReadOnly = true;
this.login1.FindControl("Password").Focus();
}
}
this.cancelButton.Visible = ProviderEndpoint.PendingAuthenticationRequest != null;
}
}
protected void cancelButton_Click(object sender, EventArgs e) {
var req = ProviderEndpoint.PendingAuthenticationRequest;
if (req != null) {
req.IsAuthenticated = false;
ProviderEndpoint.SendResponse();
}
}
}
}
|
