diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2010-03-11 18:57:50 -0800 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2010-03-11 18:57:50 -0800 |
| commit | 3e59a1a11629e5c994b90d404bbe7150be8d10b7 (patch) | |
| tree | 8a2fcd2ece00e7b27ad9acfdec66f94056caf1c6 /projecttemplates/MvcRelyingParty/Controllers/AuthController.cs | |
| parent | aac91f26a99f6d3ecf6beca4cb3b4e8a93471da5 (diff) | |
| download | DotNetOpenAuth-3e59a1a11629e5c994b90d404bbe7150be8d10b7.zip DotNetOpenAuth-3e59a1a11629e5c994b90d404bbe7150be8d10b7.tar.gz DotNetOpenAuth-3e59a1a11629e5c994b90d404bbe7150be8d10b7.tar.bz2 | |
The edit account page now uses the selector to allow the user to add additional auth tokens.
Diffstat (limited to 'projecttemplates/MvcRelyingParty/Controllers/AuthController.cs')
| -rw-r--r-- | projecttemplates/MvcRelyingParty/Controllers/AuthController.cs | 49 |
1 files changed, 27 insertions, 22 deletions
diff --git a/projecttemplates/MvcRelyingParty/Controllers/AuthController.cs b/projecttemplates/MvcRelyingParty/Controllers/AuthController.cs index 84eedc3..da0f18f 100644 --- a/projecttemplates/MvcRelyingParty/Controllers/AuthController.cs +++ b/projecttemplates/MvcRelyingParty/Controllers/AuthController.cs @@ -157,34 +157,39 @@ namespace MvcRelyingParty.Controllers { return View("LogOn"); } - [Authorize, AcceptVerbs(HttpVerbs.Post), ValidateAntiForgeryToken] - public ActionResult AddAuthenticationToken(string openid_identifier) { - Identifier userSuppliedIdentifier; - if (Identifier.TryParse(openid_identifier, out userSuppliedIdentifier)) { - try { - var request = this.RelyingParty.CreateRequest(userSuppliedIdentifier, Realm.AutoDetect, Url.ActionFull("AddAuthenticationTokenReturnTo"), this.PrivacyPolicyUrl); - return request.RedirectingResponse.AsActionResult(); - } catch (ProtocolException ex) { - ModelState.AddModelError("openid_identifier", ex); + [Authorize, AcceptVerbs(HttpVerbs.Post), ValidateAntiForgeryToken, ValidateInput(false)] + public ActionResult AddAuthenticationToken(string openid_openidAuthData) { + IAuthenticationResponse response; + if (!string.IsNullOrEmpty(openid_openidAuthData)) { + var auth = new Uri(openid_openidAuthData); + var headers = new WebHeaderCollection(); + foreach (string header in Request.Headers) { + headers[header] = Request.Headers[header]; } + + // Always say it's a GET since the payload is all in the URL, even the large ones. + HttpRequestInfo clientResponseInfo = new HttpRequestInfo("GET", auth, auth.PathAndQuery, headers, null); + response = this.RelyingParty.GetResponse(clientResponseInfo); } else { - ModelState.AddModelError("openid_identifier", "This doesn't look like a valid OpenID."); + response = this.RelyingParty.GetResponse(); } - - return RedirectToAction("Edit", "Account"); - } - - [Authorize, AcceptVerbs(HttpVerbs.Get | HttpVerbs.Post)] - public ActionResult AddAuthenticationTokenReturnTo(string openid_identifier) { - var response = this.RelyingParty.GetResponse(); if (response != null) { switch (response.Status) { case AuthenticationStatus.Authenticated: - Database.LoggedInUser.AuthenticationTokens.Add(new AuthenticationToken { - ClaimedIdentifier = response.ClaimedIdentifier, - FriendlyIdentifier = response.FriendlyIdentifierForDisplay, - }); - Database.DataContext.SaveChanges(); + string identifierString = response.ClaimedIdentifier; + var existing = Database.DataContext.AuthenticationTokens.Include("User").FirstOrDefault(token => token.ClaimedIdentifier == identifierString); + if (existing == null) { + Database.LoggedInUser.AuthenticationTokens.Add(new AuthenticationToken { + ClaimedIdentifier = response.ClaimedIdentifier, + FriendlyIdentifier = response.FriendlyIdentifierForDisplay, + }); + Database.DataContext.SaveChanges(); + } else { + if (existing.User != Database.LoggedInUser) { + // The supplied token is already bound to a different user account. + // TODO: communicate the problem to the user. + } + } break; default: break; |