summaryrefslogtreecommitdiffstats
path: root/samples/OpenIdProviderMvc/Controllers/OpenIdController.cs
diff options
context:
space:
mode:
authorAndrew Arnott <andrewarnott@gmail.com>2013-05-27 09:32:17 -0700
committerAndrew Arnott <andrewarnott@gmail.com>2013-05-27 09:32:17 -0700
commit5a0a8ee4c55f323a6c1fbdb619cd89b7d28a94ba (patch)
tree026bb7a58fc6b80b680f2b5be2a25ddf1efbf0f5 /samples/OpenIdProviderMvc/Controllers/OpenIdController.cs
parente4c746826690259eddba106e8a44d1b52b542faf (diff)
parent064220dbab72b00f23abd041bf4a30ea87a00d88 (diff)
downloadDotNetOpenAuth-5a0a8ee4c55f323a6c1fbdb619cd89b7d28a94ba.zip
DotNetOpenAuth-5a0a8ee4c55f323a6c1fbdb619cd89b7d28a94ba.tar.gz
DotNetOpenAuth-5a0a8ee4c55f323a6c1fbdb619cd89b7d28a94ba.tar.bz2
Merge branch 'v4.3'
Conflicts: samples/OAuthClient/Default.aspx samples/OAuthClient/Facebook.aspx.cs samples/OAuthClient/Web.config samples/OAuthClient/WindowsLive.aspx.cs samples/OAuthClient/packages.config src/DotNetOpenAuth.Core/Messaging/OutgoingWebResponse.cs src/DotNetOpenAuth.Core/Messaging/StandardWebRequestHandler.cs src/DotNetOpenAuth.OAuth.Consumer/OAuth/ConsumerBase.cs src/DotNetOpenAuth.OAuth.Consumer/OAuth/OAuth1HmacSha1HttpMessageHandler.cs src/DotNetOpenAuth.OAuth.Consumer/OAuth/OAuth1HttpMessageHandlerBase.cs src/DotNetOpenAuth.OAuth.Consumer/OAuth/OAuth1PlainTextMessageHandler.cs src/DotNetOpenAuth.OAuth.Consumer/OAuth/OAuth1RsaSha1HttpMessageHandler.cs src/DotNetOpenAuth.OAuth2.Client/OAuth2/WebServerClient.cs src/packages/repositories.config src/version.txt
Diffstat (limited to 'samples/OpenIdProviderMvc/Controllers/OpenIdController.cs')
-rw-r--r--samples/OpenIdProviderMvc/Controllers/OpenIdController.cs7
1 files changed, 6 insertions, 1 deletions
diff --git a/samples/OpenIdProviderMvc/Controllers/OpenIdController.cs b/samples/OpenIdProviderMvc/Controllers/OpenIdController.cs
index 7828b5c..d37091d 100644
--- a/samples/OpenIdProviderMvc/Controllers/OpenIdController.cs
+++ b/samples/OpenIdProviderMvc/Controllers/OpenIdController.cs
@@ -265,7 +265,12 @@ namespace OpenIdProviderMvc.Controllers {
}
Uri userLocalIdentifier = Models.User.GetClaimedIdentifierForUser(User.Identity.Name);
- return authReq.LocalIdentifier == userLocalIdentifier ||
+
+ // Assuming the URLs on the web server are not case sensitive (on Windows servers they almost never are),
+ // and usernames aren't either, compare the identifiers without case sensitivity.
+ // No reason to do this for the PPID identifiers though, since they *can* be case sensitive and are highly
+ // unlikely to be typed in by the user anyway.
+ return string.Equals(authReq.LocalIdentifier.ToString(), userLocalIdentifier.ToString(), StringComparison.OrdinalIgnoreCase) ||
authReq.LocalIdentifier == PpidGeneration.PpidIdentifierProvider.GetIdentifier(userLocalIdentifier, authReq.Realm);
}
}
generated by cgit v1.1 at 2025-05-11 01:33:45 +0000