diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2009-12-29 07:57:36 -0800 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2009-12-29 07:57:36 -0800 |
| commit | 2d81a6d77bcdaba8e9a5d185d6d2ba8dee1e94c0 (patch) | |
| tree | cb9a00c6efefe4423829616ade5d6adb2a99de29 /projecttemplates/RelyingPartyLogic/Model.User.cs | |
| parent | bf44c99aecf25c34f73f7fd898ab5536e2afdcc9 (diff) | |
| download | DotNetOpenAuth-2d81a6d77bcdaba8e9a5d185d6d2ba8dee1e94c0.zip DotNetOpenAuth-2d81a6d77bcdaba8e9a5d185d6d2ba8dee1e94c0.tar.gz DotNetOpenAuth-2d81a6d77bcdaba8e9a5d185d6d2ba8dee1e94c0.tar.bz2 | |
Moved login processing code from the web forms project template into the library and utilize it now in both templates.
Diffstat (limited to 'projecttemplates/RelyingPartyLogic/Model.User.cs')
| -rw-r--r-- | projecttemplates/RelyingPartyLogic/Model.User.cs | 68 |
1 files changed, 68 insertions, 0 deletions
diff --git a/projecttemplates/RelyingPartyLogic/Model.User.cs b/projecttemplates/RelyingPartyLogic/Model.User.cs index b47cd2f..2f9566f 100644 --- a/projecttemplates/RelyingPartyLogic/Model.User.cs +++ b/projecttemplates/RelyingPartyLogic/Model.User.cs @@ -7,8 +7,13 @@ namespace RelyingPartyLogic { using System; using System.Collections.Generic; + using System.IdentityModel.Claims; using System.Linq; using System.Web; + using DotNetOpenAuth.InfoCard; + using DotNetOpenAuth.OpenId; + using DotNetOpenAuth.OpenId.Extensions.SimpleRegistration; + using DotNetOpenAuth.OpenId.RelyingParty; public partial class User { /// <summary> @@ -18,6 +23,69 @@ namespace RelyingPartyLogic { this.CreatedOnUtc = DateTime.UtcNow; } + public static AuthenticationToken ProcessUserLogin(IAuthenticationResponse openIdResponse) { + bool trustedEmail = Policies.ProviderEndpointsProvidingTrustedEmails.Contains(openIdResponse.Provider.Uri); + return ProcessUserLogin(openIdResponse.ClaimedIdentifier, openIdResponse.FriendlyIdentifierForDisplay, openIdResponse.GetExtension<ClaimsResponse>(), null, trustedEmail); + } + + public static AuthenticationToken ProcessUserLogin(Token samlToken) { + bool trustedEmail = false; // we don't trust InfoCard email addresses, since these can be self-issued. + return ProcessUserLogin( + AuthenticationToken.SynthesizeClaimedIdentifierFromInfoCard(samlToken.UniqueId), + samlToken.SiteSpecificId, + null, + samlToken, + trustedEmail); + } + + private static AuthenticationToken ProcessUserLogin(string claimedIdentifier, string friendlyIdentifier, ClaimsResponse claims, Token samlToken, bool trustedEmail) { + // Create an account for this user if we don't already have one. + AuthenticationToken openidToken = Database.DataContext.AuthenticationTokens.FirstOrDefault(token => token.ClaimedIdentifier == claimedIdentifier); + if (openidToken == null) { + // this is a user we haven't seen before. + User user = new User(); + openidToken = new AuthenticationToken { + ClaimedIdentifier = claimedIdentifier, + FriendlyIdentifier = friendlyIdentifier, + }; + user.AuthenticationTokens.Add(openidToken); + + // Gather information about the user if it's available. + if (claims != null) { + if (!string.IsNullOrEmpty(claims.Email)) { + user.EmailAddress = claims.Email; + user.EmailAddressVerified = trustedEmail; + } + if (!string.IsNullOrEmpty(claims.FullName)) { + if (claims.FullName.IndexOf(' ') > 0) { + user.FirstName = claims.FullName.Substring(0, claims.FullName.IndexOf(' ')).Trim(); + user.LastName = claims.FullName.Substring(claims.FullName.IndexOf(' ')).Trim(); + } else { + user.FirstName = claims.FullName; + } + } + } else if (samlToken != null) { + string email, givenName, surname; + if (samlToken.Claims.TryGetValue(ClaimTypes.Email, out email)) { + user.EmailAddress = email; + user.EmailAddressVerified = trustedEmail; + } + if (samlToken.Claims.TryGetValue(ClaimTypes.GivenName, out givenName)) { + user.FirstName = givenName; + } + if (samlToken.Claims.TryGetValue(ClaimTypes.Surname, out surname)) { + user.LastName = surname; + } + } + + Database.DataContext.AddToUsers(user); + } else { + openidToken.UsageCount++; + openidToken.LastUsedUtc = DateTime.UtcNow; + } + return openidToken; + } + partial void OnCreatedOnUtcChanging(DateTime value) { Utilities.VerifyThrowNotLocalTime(value); } |