diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2009-04-26 18:12:56 -0700 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2009-04-26 18:12:56 -0700 |
| commit | ed8e510edf71df2cda6dd18e263540626b3537ae (patch) | |
| tree | 4948589adb3b3c97b2d66c795477db51d3f82774 /samples/OpenIdProviderMvc/Controllers/OpenIdController.cs | |
| parent | 5569ca589ff4d7b6571fb9753d42410ca80655c1 (diff) | |
| download | DotNetOpenAuth-ed8e510edf71df2cda6dd18e263540626b3537ae.zip DotNetOpenAuth-ed8e510edf71df2cda6dd18e263540626b3537ae.tar.gz DotNetOpenAuth-ed8e510edf71df2cda6dd18e263540626b3537ae.tar.bz2 | |
Moved PPID OP Provider code out of the library and into the ApplicationBlock.
Diffstat (limited to 'samples/OpenIdProviderMvc/Controllers/OpenIdController.cs')
| -rw-r--r-- | samples/OpenIdProviderMvc/Controllers/OpenIdController.cs | 41 |
1 files changed, 26 insertions, 15 deletions
diff --git a/samples/OpenIdProviderMvc/Controllers/OpenIdController.cs b/samples/OpenIdProviderMvc/Controllers/OpenIdController.cs index ebe3e54..bc5b705 100644 --- a/samples/OpenIdProviderMvc/Controllers/OpenIdController.cs +++ b/samples/OpenIdProviderMvc/Controllers/OpenIdController.cs @@ -8,6 +8,8 @@ namespace OpenIdProviderMvc.Controllers { using DotNetOpenAuth.Messaging; using DotNetOpenAuth.OpenId.Provider; using OpenIdProviderMvc.Code; + using DotNetOpenAuth.ApplicationBlock.Provider; + using DotNetOpenAuth.OpenId; public class OpenIdController : Controller { internal static OpenIdProvider OpenIdProvider = new OpenIdProvider(); @@ -35,26 +37,35 @@ namespace OpenIdProviderMvc.Controllers { throw new InvalidOperationException(); } - if (authReq.IsDirectedIdentity) { - authReq.LocalIdentifier = Models.User.GetClaimedIdentifierForUser(User.Identity.Name); - authReq.ClaimedIdentifier = authReq.LocalIdentifier; + Identifier localIdentifier = Models.User.GetClaimedIdentifierForUser(User.Identity.Name); + + if (pseudonymous) { + if (!authReq.IsDirectedIdentity) { + throw new InvalidOperationException("Directed identity is the only supported scenario for anonymous identifiers."); + } + + var anonProvider = new AnonymousIdentifierProvider(); + authReq.ScrubPersonallyIdentifiableInformation(localIdentifier, anonProvider, true); authReq.IsAuthenticated = true; } else { - if (authReq.LocalIdentifier == Models.User.GetClaimedIdentifierForUser(User.Identity.Name)) { + if (authReq.IsDirectedIdentity) { + authReq.LocalIdentifier = localIdentifier; + authReq.ClaimedIdentifier = localIdentifier; authReq.IsAuthenticated = true; - if (!authReq.IsDelegatedIdentifier) { - authReq.ClaimedIdentifier = authReq.LocalIdentifier; - } } else { - authReq.IsAuthenticated = false; + if (authReq.LocalIdentifier == localIdentifier) { + authReq.IsAuthenticated = true; + if (!authReq.IsDelegatedIdentifier) { + authReq.ClaimedIdentifier = authReq.LocalIdentifier; + } + } else { + authReq.IsAuthenticated = false; + } } - } - - if (pseudonymous) { - var anonProvider = new AnonymousIdentifierProvider(); - authReq.ScrubPersonallyIdentifiableInformation(anonProvider, true); - } else { - // TODO: Respond to AX/sreg extension requests here + + // TODO: Respond to AX/sreg extension requests here. + // We don't want to add these extension responses for anonymous identifiers + // because they could leak information about the user's identity. } return OpenIdProvider.PrepareResponse(authReq).AsActionResult(); |