diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2009-07-15 00:38:39 -0700 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2009-07-15 00:38:39 -0700 |
| commit | 85915f62c304f60d530439014e63abb0d6a728d8 (patch) | |
| tree | aeb09ea125441169d6ae9bf068faf412c64e080e | |
| parent | 653b4dd198e686cbbc470e3af6aa6bab78a29b0d (diff) | |
| download | DotNetOpenAuth-85915f62c304f60d530439014e63abb0d6a728d8.zip DotNetOpenAuth-85915f62c304f60d530439014e63abb0d6a728d8.tar.gz DotNetOpenAuth-85915f62c304f60d530439014e63abb0d6a728d8.tar.bz2 | |
Added OpenID+OAuth combined OP sample.
17 files changed, 540 insertions, 1 deletions
diff --git a/samples/OpenIdProviderWebForms/Code/InMemoryConsumerDescription.cs b/samples/OpenIdProviderWebForms/Code/InMemoryConsumerDescription.cs new file mode 100644 index 0000000..de4505d --- /dev/null +++ b/samples/OpenIdProviderWebForms/Code/InMemoryConsumerDescription.cs @@ -0,0 +1,31 @@ +//----------------------------------------------------------------------- +// <copyright file="InMemoryConsumerDescription.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace OpenIdProviderWebForms.Code { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Web; + using DotNetOpenAuth.OAuth.ChannelElements; + + public class InMemoryConsumerDescription : IConsumerDescription { + #region IConsumerDescription Members + + public string Key { get; set; } + + public string Secret { get; set; } + + public System.Security.Cryptography.X509Certificates.X509Certificate2 Certificate { get; set; } + + public Uri Callback { get; set; } + + public DotNetOpenAuth.OAuth.VerificationCodeFormat VerificationCodeFormat { get; set; } + + public int VerificationCodeLength { get; set; } + + #endregion + } +} diff --git a/samples/OpenIdProviderWebForms/Code/InMemoryServiceProviderAccessToken.cs b/samples/OpenIdProviderWebForms/Code/InMemoryServiceProviderAccessToken.cs new file mode 100644 index 0000000..7e26b45 --- /dev/null +++ b/samples/OpenIdProviderWebForms/Code/InMemoryServiceProviderAccessToken.cs @@ -0,0 +1,31 @@ +//----------------------------------------------------------------------- +// <copyright file="InMemoryServiceProviderAccessToken.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace OpenIdProviderWebForms.Code { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Web; + using DotNetOpenAuth.OAuth.ChannelElements; + + public class InMemoryServiceProviderAccessToken : IServiceProviderAccessToken { + #region IServiceProviderAccessToken Members + + public string Token { get; set; } + + public DateTime? ExpirationDate { get; set; } + + public string Username { get; set; } + + public string[] Roles { get; set; } + + #endregion + + public string Secret { get; set; } + + public string Scope { get; set; } + } +} diff --git a/samples/OpenIdProviderWebForms/Code/InMemoryServiceProviderRequestToken.cs b/samples/OpenIdProviderWebForms/Code/InMemoryServiceProviderRequestToken.cs new file mode 100644 index 0000000..9c02427 --- /dev/null +++ b/samples/OpenIdProviderWebForms/Code/InMemoryServiceProviderRequestToken.cs @@ -0,0 +1,42 @@ +//----------------------------------------------------------------------- +// <copyright file="InMemoryServiceProviderRequestToken.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace OpenIdProviderWebForms.Code { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Web; + using DotNetOpenAuth.OAuth.ChannelElements; + + public class InMemoryServiceProviderRequestToken : IServiceProviderRequestToken { + /// <summary> + /// Initializes a new instance of the <see cref="InMemoryServiceProviderRequestToken"/> class. + /// </summary> + public InMemoryServiceProviderRequestToken() { + this.CreatedOn = DateTime.Now; + } + + #region IServiceProviderRequestToken Members + + public string Token { get; set; } + + public string ConsumerKey { get; set; } + + public DateTime CreatedOn { get; set; } + + public Uri Callback { get; set; } + + public string VerificationCode { get; set; } + + public Version ConsumerVersion { get; set; } + + #endregion + + public string Secret { get; set; } + + public string Scope { get; set; } + } +} diff --git a/samples/OpenIdProviderWebForms/Code/InMemoryTokenManager.cs b/samples/OpenIdProviderWebForms/Code/InMemoryTokenManager.cs new file mode 100644 index 0000000..2433f57 --- /dev/null +++ b/samples/OpenIdProviderWebForms/Code/InMemoryTokenManager.cs @@ -0,0 +1,113 @@ +//----------------------------------------------------------------------- +// <copyright file="InMemoryTokenManager.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace OpenIdProviderWebForms.Code { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Web; + using DotNetOpenAuth.OAuth.ChannelElements; + using DotNetOpenAuth.OAuth.Messages; + using DotNetOpenAuth.OpenId.Extensions.OAuth; + + /// <summary> + /// A simple in-memory token manager. JUST FOR PURPOSES OF KEEPING THE SAMPLE SIMPLE. + /// </summary> + /// <remarks> + /// This is merely a sample app. A real web app SHOULD NEVER store a memory-only + /// token manager in application. It should be an IServiceProviderTokenManager + /// implementation that is bound to a database. + /// </remarks> + public class InMemoryTokenManager : IServiceProviderTokenManager, IOpenIdOAuthTokenManager, ICombinedOpenIdProviderTokenManager { + private Dictionary<string, InMemoryServiceProviderRequestToken> requestTokens = new Dictionary<string, InMemoryServiceProviderRequestToken>(); + private Dictionary<string, InMemoryServiceProviderAccessToken> accessTokens = new Dictionary<string, InMemoryServiceProviderAccessToken>(); + + /// <summary> + /// Initializes a new instance of the <see cref="InMemoryTokenManager"/> class. + /// </summary> + internal InMemoryTokenManager() { + } + + #region IServiceProviderTokenManager Members + + public IConsumerDescription GetConsumer(string consumerKey) { + return new InMemoryConsumerDescription { + Key = consumerKey, + Secret = "some crazy secret", + }; + } + + public IServiceProviderRequestToken GetRequestToken(string token) { + return this.requestTokens[token]; + } + + public IServiceProviderAccessToken GetAccessToken(string token) { + throw new NotImplementedException(); + } + + #endregion + + #region ITokenManager Members + + public string GetTokenSecret(string token) { + if (this.requestTokens.ContainsKey(token)) { + return this.requestTokens[token].Secret; + } else { + return this.accessTokens[token].Secret; + } + } + + public void StoreNewRequestToken(DotNetOpenAuth.OAuth.Messages.UnauthorizedTokenRequest request, DotNetOpenAuth.OAuth.Messages.ITokenSecretContainingMessage response) { + throw new NotImplementedException(); + } + + public bool IsRequestTokenAuthorized(string requestToken) { + // In OpenID+OAuth scenarios, request tokens are always authorized. + return true; + } + + public void ExpireRequestTokenAndStoreNewAccessToken(string consumerKey, string requestToken, string accessToken, string accessTokenSecret) { + this.requestTokens.Remove(requestToken); + this.accessTokens[accessToken] = new InMemoryServiceProviderAccessToken { + Token = accessToken, + Secret = accessTokenSecret, + }; + } + + public TokenType GetTokenType(string token) { + if (this.requestTokens.ContainsKey(token)) { + return TokenType.RequestToken; + } else if (this.accessTokens.ContainsKey(token)) { + return TokenType.AccessToken; + } else { + return TokenType.InvalidToken; + } + } + + #endregion + + #region IOpenIdOAuthTokenManager Members + + public void StoreOpenIdAuthorizedRequestToken(string consumerKey, AuthorizationApprovedResponse authorization) { + this.requestTokens[authorization.RequestToken] = new InMemoryServiceProviderRequestToken { + Token = authorization.RequestToken, + Scope = authorization.Scope, + ConsumerVersion = authorization.Version, + }; + } + + #endregion + + #region ICombinedOpenIdProviderTokenManager Members + + public string GetConsumerKey(DotNetOpenAuth.OpenId.Realm realm) { + // We just use the realm as the consumer key, like Google does. + return realm; + } + + #endregion + } +} diff --git a/samples/OpenIdProviderWebForms/Code/OAuthHybrid.cs b/samples/OpenIdProviderWebForms/Code/OAuthHybrid.cs new file mode 100644 index 0000000..cc4beff --- /dev/null +++ b/samples/OpenIdProviderWebForms/Code/OAuthHybrid.cs @@ -0,0 +1,46 @@ +//----------------------------------------------------------------------- +// <copyright file="OAuthHybrid.cs" company="Andrew Arnott"> +// Copyright (c) Andrew Arnott. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace OpenIdProviderWebForms.Code { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Web; + using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.OAuth; + using DotNetOpenAuth.OAuth.ChannelElements; + + internal class OAuthHybrid { + /// <summary> + /// Initializes static members of the <see cref="OAuthHybrid"/> class. + /// </summary> + static OAuthHybrid() { + ServiceProvider = new ServiceProvider(GetServiceDescription(), TokenManager); + } + + internal static IServiceProviderTokenManager TokenManager { + get { + // This is merely a sample app. A real web app SHOULD NEVER store a memory-only + // token manager in application. It should be an IServiceProviderTokenManager + // implementation that is bound to a database. + var tokenManager = (IServiceProviderTokenManager)HttpContext.Current.Application["TokenManager"]; + if (tokenManager == null) { + HttpContext.Current.Application["TokenManager"] = tokenManager = new InMemoryTokenManager(); + } + + return tokenManager; + } + } + + internal static ServiceProvider ServiceProvider { get; private set; } + + internal static ServiceProviderDescription GetServiceDescription() { + return new ServiceProviderDescription { + TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() }, + }; + } + } +} diff --git a/samples/OpenIdProviderWebForms/OpenIdProviderWebForms.csproj b/samples/OpenIdProviderWebForms/OpenIdProviderWebForms.csproj index ceea842..ffb0f2f 100644 --- a/samples/OpenIdProviderWebForms/OpenIdProviderWebForms.csproj +++ b/samples/OpenIdProviderWebForms/OpenIdProviderWebForms.csproj @@ -83,12 +83,20 @@ <Content Include="user_xrds.aspx" /> </ItemGroup> <ItemGroup> + <Compile Include="access_token.ashx.cs"> + <DependentUpon>access_token.ashx</DependentUpon> + </Compile> + <Compile Include="Code\InMemoryConsumerDescription.cs" /> + <Compile Include="Code\InMemoryServiceProviderAccessToken.cs" /> <Compile Include="Code\CustomStore.cs" /> <Compile Include="Code\CustomStoreDataSet.Designer.cs"> <DependentUpon>CustomStoreDataSet.xsd</DependentUpon> <AutoGen>True</AutoGen> <DesignTime>True</DesignTime> </Compile> + <Compile Include="Code\InMemoryServiceProviderRequestToken.cs" /> + <Compile Include="Code\InMemoryTokenManager.cs" /> + <Compile Include="Code\OAuthHybrid.cs" /> <Compile Include="Code\ReadOnlyXmlMembershipProvider.cs" /> <Compile Include="Code\TracePageAppender.cs" /> <Compile Include="Code\Util.cs" /> @@ -157,6 +165,7 @@ <Content Include="TracePage.aspx" /> </ItemGroup> <ItemGroup> + <Content Include="access_token.ashx" /> <None Include="Code\CustomStoreDataSet.xsc"> <DependentUpon>CustomStoreDataSet.xsd</DependentUpon> </None> @@ -190,7 +199,7 @@ <FlavorProperties GUID="{349c5851-65df-11da-9384-00065b846f21}"> <WebProjectProperties> <UseIIS>False</UseIIS> - <AutoAssignPort>True</AutoAssignPort> + <AutoAssignPort>False</AutoAssignPort> <DevelopmentServerPort>4860</DevelopmentServerPort> <DevelopmentServerVPath>/</DevelopmentServerVPath> <IISUrl> diff --git a/samples/OpenIdProviderWebForms/access_token.ashx b/samples/OpenIdProviderWebForms/access_token.ashx new file mode 100644 index 0000000..dcb088e --- /dev/null +++ b/samples/OpenIdProviderWebForms/access_token.ashx @@ -0,0 +1 @@ +<%@ WebHandler Language="C#" CodeBehind="access_token.ashx.cs" Class="OpenIdProviderWebForms.access_token" %> diff --git a/samples/OpenIdProviderWebForms/access_token.ashx.cs b/samples/OpenIdProviderWebForms/access_token.ashx.cs new file mode 100644 index 0000000..b895da9 --- /dev/null +++ b/samples/OpenIdProviderWebForms/access_token.ashx.cs @@ -0,0 +1,23 @@ +namespace OpenIdProviderWebForms { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Web; + using System.Web.Services; + using DotNetOpenAuth.OAuth; + using OpenIdProviderWebForms.Code; + + [WebService(Namespace = "http://tempuri.org/")] + [WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)] + public class access_token : IHttpHandler { + public bool IsReusable { + get { return true; } + } + + public void ProcessRequest(HttpContext context) { + var request = OAuthHybrid.ServiceProvider.ReadAccessTokenRequest(); + var response = OAuthHybrid.ServiceProvider.PrepareAccessTokenMessage(request); + OAuthHybrid.ServiceProvider.Channel.Send(response); + } + } +} diff --git a/samples/OpenIdProviderWebForms/decide.aspx b/samples/OpenIdProviderWebForms/decide.aspx index 4a6e2d8..3788315 100644 --- a/samples/OpenIdProviderWebForms/decide.aspx +++ b/samples/OpenIdProviderWebForms/decide.aspx @@ -17,6 +17,10 @@ <td><asp:Label runat="server" ID='realmLabel' /> </td> </tr> </table> + <asp:Panel runat="server" ID="OAuthPanel"> + <p>In addition the relying party has asked for permission to access your private data. </p> + <asp:CheckBox runat="server" Text="Allow the relying party to access my private data" ID="oauthPermission" /> + </asp:Panel> <p>Allow this to proceed? </p> <uc1:ProfileFields ID="profileFields" runat="server" Visible="false" /> <asp:Button ID="yes_button" OnClick="Yes_Click" Text=" yes " runat="Server" /> diff --git a/samples/OpenIdProviderWebForms/decide.aspx.cs b/samples/OpenIdProviderWebForms/decide.aspx.cs index 3a14cf7..6146bd2 100644 --- a/samples/OpenIdProviderWebForms/decide.aspx.cs +++ b/samples/OpenIdProviderWebForms/decide.aspx.cs @@ -6,6 +6,7 @@ namespace OpenIdProviderWebForms { using DotNetOpenAuth.OpenId.Extensions.ProviderAuthenticationPolicy; using DotNetOpenAuth.OpenId.Extensions.SimpleRegistration; using DotNetOpenAuth.OpenId.Provider; + using OpenIdProviderWebForms.Code; /// <summary> /// Page for giving the user the option to continue or cancel out of authentication with a consumer. @@ -21,6 +22,11 @@ namespace OpenIdProviderWebForms { this.realmLabel.Text = ProviderEndpoint.PendingRequest.Realm.ToString(); + var oauthRequest = OAuthHybrid.ServiceProvider.ReadAuthorizationRequest(ProviderEndpoint.PendingRequest); + if (oauthRequest != null) { + this.OAuthPanel.Visible = true; + } + if (ProviderEndpoint.PendingAuthenticationRequest != null) { if (ProviderEndpoint.PendingAuthenticationRequest.IsDirectedIdentity) { ProviderEndpoint.PendingAuthenticationRequest.LocalIdentifier = Code.Util.BuildIdentityUrl(); @@ -51,6 +57,24 @@ namespace OpenIdProviderWebForms { } protected void Yes_Click(object sender, EventArgs e) { + if (!Page.IsValid) { + return; + } + + if (this.OAuthPanel.Visible) { + string consumerKey = null; + string grantedScope = null; + if (this.oauthPermission.Checked) { + // This SIMPLE sample merely uses the realm as the consumerKey, + // but in a real app this will probably involve a database lookup to translate + // the realm to a known consumerKey. + consumerKey = ProviderEndpoint.PendingRequest.Realm; + grantedScope = string.Empty; // we don't scope individual access rights on this sample + } + + OAuthHybrid.ServiceProvider.AttachAuthorizationResponse(ProviderEndpoint.PendingRequest, consumerKey, grantedScope); + } + var sregRequest = ProviderEndpoint.PendingRequest.GetExtension<ClaimsRequest>(); ClaimsResponse sregResponse = null; if (sregRequest != null) { diff --git a/samples/OpenIdProviderWebForms/decide.aspx.designer.cs b/samples/OpenIdProviderWebForms/decide.aspx.designer.cs index 05386cd..3aa6271 100644 --- a/samples/OpenIdProviderWebForms/decide.aspx.designer.cs +++ b/samples/OpenIdProviderWebForms/decide.aspx.designer.cs @@ -50,6 +50,24 @@ namespace OpenIdProviderWebForms { protected global::System.Web.UI.WebControls.Label realmLabel; /// <summary> + /// OAuthPanel control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.WebControls.Panel OAuthPanel; + + /// <summary> + /// oauthPermission control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.WebControls.CheckBox oauthPermission; + + /// <summary> /// profileFields control. /// </summary> /// <remarks> diff --git a/samples/OpenIdRelyingPartyWebForms/Global.asax.cs b/samples/OpenIdRelyingPartyWebForms/Global.asax.cs index ac74853..6583289 100644 --- a/samples/OpenIdRelyingPartyWebForms/Global.asax.cs +++ b/samples/OpenIdRelyingPartyWebForms/Global.asax.cs @@ -42,6 +42,20 @@ } } + internal static InMemoryTokenManager OwnSampleOPHybridTokenManager { + get { + var tokenManager = (InMemoryTokenManager)HttpContext.Current.Application["OwnSampleOPHybridTokenManager"]; + if (tokenManager == null) { + string consumerKey = new Uri(HttpContext.Current.Request.Url, HttpContext.Current.Request.ApplicationPath).AbsoluteUri; + string consumerSecret = "some crazy secret"; + tokenManager = new InMemoryTokenManager(consumerKey, consumerSecret); + HttpContext.Current.Application["OwnSampleOPHybridTokenManager"] = tokenManager; + } + + return tokenManager; + } + } + public static string ToString(NameValueCollection collection) { using (StringWriter sw = new StringWriter()) { foreach (string key in collection.Keys) { diff --git a/samples/OpenIdRelyingPartyWebForms/OpenIdRelyingPartyWebForms.csproj b/samples/OpenIdRelyingPartyWebForms/OpenIdRelyingPartyWebForms.csproj index d3bf92c..6f5df5c 100644 --- a/samples/OpenIdRelyingPartyWebForms/OpenIdRelyingPartyWebForms.csproj +++ b/samples/OpenIdRelyingPartyWebForms/OpenIdRelyingPartyWebForms.csproj @@ -101,6 +101,13 @@ <Compile Include="Code\InMemoryTokenManager.cs" /> <Compile Include="Code\State.cs" /> <Compile Include="Code\TracePageAppender.cs" /> + <Compile Include="loginPlusOAuthSampleOP.aspx.cs"> + <DependentUpon>loginPlusOAuthSampleOP.aspx</DependentUpon> + <SubType>ASPXCodeBehind</SubType> + </Compile> + <Compile Include="loginPlusOAuthSampleOP.aspx.designer.cs"> + <DependentUpon>loginPlusOAuthSampleOP.aspx</DependentUpon> + </Compile> <Compile Include="Global.asax.cs"> <DependentUpon>Global.asax</DependentUpon> </Compile> @@ -169,6 +176,7 @@ <Content Include="xrds.aspx" /> </ItemGroup> <ItemGroup> + <Content Include="loginPlusOAuthSampleOP.aspx" /> <Content Include="images\attention.png" /> <Content Include="images\dotnetopenid_tiny.gif" /> <Content Include="images\openid_login.gif" /> diff --git a/samples/OpenIdRelyingPartyWebForms/loginPlusOAuthSampleOP.aspx b/samples/OpenIdRelyingPartyWebForms/loginPlusOAuthSampleOP.aspx new file mode 100644 index 0000000..adbb71a --- /dev/null +++ b/samples/OpenIdRelyingPartyWebForms/loginPlusOAuthSampleOP.aspx @@ -0,0 +1,33 @@ +<%@ Page Language="C#" AutoEventWireup="True" CodeBehind="loginPlusOAuthSampleOP.aspx.cs" + Inherits="OpenIdRelyingPartyWebForms.loginPlusOAuthSampleOP" ValidateRequest="false" + MasterPageFile="~/Site.Master" %> + +<%@ Register Assembly="DotNetOpenAuth" Namespace="DotNetOpenAuth.OpenId.RelyingParty" + TagPrefix="rp" %> +<asp:Content ID="Content1" runat="server" ContentPlaceHolderID="Main"> + <h2>Login Page </h2> + <asp:MultiView ID="MultiView1" runat="server" ActiveViewIndex='0'> + <asp:View ID="View1" runat="server"> + <asp:Label runat="server" Text="OpenIdProviderWebForms sample's OP Identifier or Claimed Identifier: " /> + <rp:OpenIdTextBox runat="server" ID="identifierBox" Text="http://localhost:4860/" + OnCanceled="identifierBox_Failed" OnFailed="identifierBox_Failed" OnLoggedIn="identifierBox_LoggedIn" /> + <asp:RequiredFieldValidator ID="RequiredFieldValidator1" runat="server" ErrorMessage="required" + ControlToValidate="identifierBox" /> + <br /> + <asp:Button ID="beginButton" runat="server" Text="Login + OAuth request" OnClick="beginButton_Click" /> + </asp:View> + <asp:View ID="AuthorizationGiven" runat="server"> + Authentication succeeded, and OAuth access was granted. + <p>The actual login step is aborted since this sample focuses on the process only + up to this point.</p> + </asp:View> + <asp:View ID="AuthorizationDenied" runat="server"> + Authentication succeeded, but OAuth access was denied. + <p>The actual login step is aborted since this sample focuses on the process only + up to this point.</p> + </asp:View> + <asp:View ID="AuthenticationFailed" runat="server"> + Authentication failed or was canceled. + </asp:View> + </asp:MultiView> +</asp:Content> diff --git a/samples/OpenIdRelyingPartyWebForms/loginPlusOAuthSampleOP.aspx.cs b/samples/OpenIdRelyingPartyWebForms/loginPlusOAuthSampleOP.aspx.cs new file mode 100644 index 0000000..b1bb3a8 --- /dev/null +++ b/samples/OpenIdRelyingPartyWebForms/loginPlusOAuthSampleOP.aspx.cs @@ -0,0 +1,53 @@ +namespace OpenIdRelyingPartyWebForms { + using System; + using System.Web.Security; + using DotNetOpenAuth.ApplicationBlock; + using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.OAuth; + using DotNetOpenAuth.OAuth.ChannelElements; + using DotNetOpenAuth.OAuth.Messages; + using DotNetOpenAuth.OpenId; + using DotNetOpenAuth.OpenId.Extensions.AttributeExchange; + using DotNetOpenAuth.OpenId.RelyingParty; + + public partial class loginPlusOAuthSampleOP : System.Web.UI.Page { + protected void Page_Load(object sender, EventArgs e) { + } + + protected void beginButton_Click(object sender, EventArgs e) { + if (!Page.IsValid) { + return; + } + + this.identifierBox.LogOn(); + } + + protected void identifierBox_LoggedIn(object sender, OpenIdEventArgs e) { + State.FetchResponse = e.Response.GetExtension<FetchResponse>(); + + ServiceProviderDescription serviceDescription = new ServiceProviderDescription { + AccessTokenEndpoint = new MessageReceivingEndpoint(new Uri(e.Response.Provider.Uri, "/access_token.ashx"), HttpDeliveryMethods.AuthorizationHeaderRequest | HttpDeliveryMethods.PostRequest), + TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() }, + }; + WebConsumer consumer = new WebConsumer(serviceDescription, Global.OwnSampleOPHybridTokenManager); + + AuthorizedTokenResponse accessToken = consumer.ProcessUserAuthorization(e.Response); + if (accessToken != null) { + MultiView1.SetActiveView(AuthorizationGiven); + + // At this point, the access token would be somehow associated with the user + // account at the RP. + ////Database.Associate(e.Response.ClaimedIdentifier, accessToken.AccessToken); + } else { + MultiView1.SetActiveView(AuthorizationDenied); + } + + // Avoid the redirect + e.Cancel = true; + } + + protected void identifierBox_Failed(object sender, OpenIdEventArgs e) { + this.MultiView1.SetActiveView(this.AuthenticationFailed); + } + } +} diff --git a/samples/OpenIdRelyingPartyWebForms/loginPlusOAuthSampleOP.aspx.designer.cs b/samples/OpenIdRelyingPartyWebForms/loginPlusOAuthSampleOP.aspx.designer.cs new file mode 100644 index 0000000..9bf29b9 --- /dev/null +++ b/samples/OpenIdRelyingPartyWebForms/loginPlusOAuthSampleOP.aspx.designer.cs @@ -0,0 +1,88 @@ +//------------------------------------------------------------------------------ +// <auto-generated> +// This code was generated by a tool. +// Runtime Version:2.0.50727.4918 +// +// Changes to this file may cause incorrect behavior and will be lost if +// the code is regenerated. +// </auto-generated> +//------------------------------------------------------------------------------ + +namespace OpenIdRelyingPartyWebForms { + + + public partial class loginPlusOAuthSampleOP { + + /// <summary> + /// MultiView1 control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.WebControls.MultiView MultiView1; + + /// <summary> + /// View1 control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.WebControls.View View1; + + /// <summary> + /// identifierBox control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::DotNetOpenAuth.OpenId.RelyingParty.OpenIdTextBox identifierBox; + + /// <summary> + /// RequiredFieldValidator1 control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.WebControls.RequiredFieldValidator RequiredFieldValidator1; + + /// <summary> + /// beginButton control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.WebControls.Button beginButton; + + /// <summary> + /// AuthorizationGiven control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.WebControls.View AuthorizationGiven; + + /// <summary> + /// AuthorizationDenied control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.WebControls.View AuthorizationDenied; + + /// <summary> + /// AuthenticationFailed control. + /// </summary> + /// <remarks> + /// Auto-generated field. + /// To modify move field declaration from designer file to code-behind file. + /// </remarks> + protected global::System.Web.UI.WebControls.View AuthenticationFailed; + } +} diff --git a/samples/OpenIdRelyingPartyWebForms/xrds.aspx b/samples/OpenIdRelyingPartyWebForms/xrds.aspx index 384eda9..99a535c 100644 --- a/samples/OpenIdRelyingPartyWebForms/xrds.aspx +++ b/samples/OpenIdRelyingPartyWebForms/xrds.aspx @@ -19,6 +19,7 @@ is default.aspx. <URI priority="3"><%=new Uri(Request.Url, Response.ApplyAppPathModifier("~/ajaxlogin.aspx"))%></URI> <URI priority="4"><%=new Uri(Request.Url, Response.ApplyAppPathModifier("~/NoIdentityOpenId.aspx"))%></URI> <URI priority="5"><%=new Uri(Request.Url, Response.ApplyAppPathModifier("~/loginPlusOAuth.aspx"))%></URI> + <URI priority="6"><%=new Uri(Request.Url, Response.ApplyAppPathModifier("~/loginPlusOAuthSampleOP.aspx"))%></URI> </Service> </XRD> </xrds:XRDS> |