Added OpenID pluggable behaviors support, including a sample PPID generator.

author: Andrew Arnott <andrewarnott@gmail.com> 2009-06-17 07:40:19 -0700
committer: Andrew Arnott <andrewarnott@gmail.com> 2009-06-17 07:40:19 -0700
commit: 12f899e678cd5fdafcd9fac84fadcf91029db88c (patch)
tree: df7aa91df22832757958eaf6e80de32699ddf904 /samples/OpenIdProviderMvc/Controllers/OpenIdController.cs
parent: 0a8227a503dc39c1d14790dd31d9aaf1b00e81cb (diff)
download: DotNetOpenAuth-12f899e678cd5fdafcd9fac84fadcf91029db88c.zip
DotNetOpenAuth-12f899e678cd5fdafcd9fac84fadcf91029db88c.tar.gz
DotNetOpenAuth-12f899e678cd5fdafcd9fac84fadcf91029db88c.tar.bz2
1 files changed, 40 insertions, 30 deletions
diff --git a/samples/OpenIdProviderMvc/Controllers/OpenIdController.cs b/samples/OpenIdProviderMvc/Controllers/OpenIdController.cs
index 8aad0ba..d70401a 100644
--- a/samples/OpenIdProviderMvc/Controllers/OpenIdController.cs
+++ b/samples/OpenIdProviderMvc/Controllers/OpenIdController.cs
@@ -5,32 +5,50 @@ namespace OpenIdProviderMvc.Controllers {
 	using System.Web;
 	using System.Web.Mvc;
 	using System.Web.Mvc.Ajax;
-	using DotNetOpenAuth.ApplicationBlock.Provider;
 	using DotNetOpenAuth.Messaging;
 	using DotNetOpenAuth.OpenId;
+	using DotNetOpenAuth.OpenId.Extensions.ProviderAuthenticationPolicy;
 	using DotNetOpenAuth.OpenId.Provider;
 	using OpenIdProviderMvc.Code;
 
 	public class OpenIdController : Controller {
 		internal static OpenIdProvider OpenIdProvider = new OpenIdProvider();
 
+		private static AnonymousIdentifierProvider anonProvider = new AnonymousIdentifierProvider();
+
 		internal static IAuthenticationRequest PendingAuthenticationRequest {
 			get { return ProviderEndpoint.PendingAuthenticationRequest; }
 			set { ProviderEndpoint.PendingAuthenticationRequest = value; }
 		}
 
 		[ValidateInput(false)]
-		public ActionResult PpidProvider() {
-			return this.DoProvider(true);
-		}
-
-		[ValidateInput(false)]
 		public ActionResult Provider() {
-			return this.DoProvider(false);
+			IRequest request = OpenIdProvider.GetRequest();
+			if (request != null) {
+				var authRequest = request as IAuthenticationRequest;
+				if (authRequest != null) {
+					PendingAuthenticationRequest = authRequest;
+					if (authRequest.IsReturnUrlDiscoverable(OpenIdProvider) == RelyingPartyDiscoveryResult.Success &&
+						User.Identity.IsAuthenticated &&
+						(authRequest.IsDirectedIdentity || Models.User.GetClaimedIdentifierForUser(User.Identity.Name) == authRequest.LocalIdentifier)) {
+						return this.SendAssertion();
+					} else {
+						return RedirectToAction("LogOn", "Account", new { returnUrl = Url.Action("SendAssertion") });
+					}
+				}
+
+				if (request.IsResponseReady) {
+					return OpenIdProvider.PrepareResponse(request).AsActionResult();
+				} else {
+					return RedirectToAction("LogOn", "Account");
+				}
+			} else {
+				return View();
+			}
 		}
 
 		[Authorize]
-		public ActionResult SendAssertion(bool pseudonymous) {
+		public ActionResult SendAssertion() {
 			IAuthenticationRequest authReq = PendingAuthenticationRequest;
 			PendingAuthenticationRequest = null;
 			if (authReq == null) {
@@ -38,14 +56,14 @@ namespace OpenIdProviderMvc.Controllers {
 			}
 
 			Identifier localIdentifier = Models.User.GetClaimedIdentifierForUser(User.Identity.Name);
-
-			if (pseudonymous) {
+			if (this.IsPpidRequested(authReq)) {
 				if (!authReq.IsDirectedIdentity) {
 					throw new InvalidOperationException("Directed identity is the only supported scenario for anonymous identifiers.");
 				}
 
-				var anonProvider = new AnonymousIdentifierProvider();
-				authReq.ScrubPersonallyIdentifiableInformation(localIdentifier, anonProvider);
+				var anonymousIdentifier = anonProvider.GetIdentifier(localIdentifier, authReq.Realm);
+				authReq.ClaimedIdentifier = anonymousIdentifier;
+				authReq.LocalIdentifier = anonymousIdentifier;
 				authReq.IsAuthenticated = true;
 			} else {
 				if (authReq.IsDirectedIdentity) {
@@ -71,27 +89,19 @@ namespace OpenIdProviderMvc.Controllers {
 			return OpenIdProvider.PrepareResponse(authReq).AsActionResult();
 		}
 
-		private ActionResult DoProvider(bool pseudonymous) {
-			IRequest request = OpenIdProvider.GetRequest();
-			if (request != null) {
-				var authRequest = request as IAuthenticationRequest;
-				if (authRequest != null) {
-					PendingAuthenticationRequest = authRequest;
-					if (User.Identity.IsAuthenticated && (authRequest.IsDirectedIdentity || Models.User.GetClaimedIdentifierForUser(User.Identity.Name) == authRequest.LocalIdentifier)) {
-						return this.SendAssertion(pseudonymous);
-					} else {
-						return RedirectToAction("LogOn", "Account", new { returnUrl = Url.Action("SendAssertion", new { pseudonymous = pseudonymous }) });
-					}
-				}
+		private bool IsPpidRequested(IAuthenticationRequest authRequest) {
+			if (authRequest == null) {
+				throw new ArgumentNullException("authRequest");
+			}
 
-				if (request.IsResponseReady) {
-					return OpenIdProvider.PrepareResponse(request).AsActionResult();
-				} else {
-					return RedirectToAction("LogOn", "Account");
+			var pape = authRequest.GetExtension<PolicyRequest>();
+			if (pape != null) {
+				if (pape.PreferredPolicies.Contains(AuthenticationPolicies.PrivatePersonalIdentifier)) {
+					return true;
 				}
-			} else {
-				return View();
 			}
+
+			return false;
 		}
 	}
 }
author	Andrew Arnott <andrewarnott@gmail.com>	2009-06-17 07:40:19 -0700
committer	Andrew Arnott <andrewarnott@gmail.com>	2009-06-17 07:40:19 -0700
commit	12f899e678cd5fdafcd9fac84fadcf91029db88c (patch)
tree	df7aa91df22832757958eaf6e80de32699ddf904 /samples/OpenIdProviderMvc/Controllers/OpenIdController.cs
parent	0a8227a503dc39c1d14790dd31d9aaf1b00e81cb (diff)
download	DotNetOpenAuth-12f899e678cd5fdafcd9fac84fadcf91029db88c.zip DotNetOpenAuth-12f899e678cd5fdafcd9fac84fadcf91029db88c.tar.gz DotNetOpenAuth-12f899e678cd5fdafcd9fac84fadcf91029db88c.tar.bz2