Touch up on community contribution.

1 files changed, 7 insertions, 6 deletions

diff --git a/samples/OpenIdProviderMvc/Controllers/OpenIdController.cs b/samples/OpenIdProviderMvc/Controllers/OpenIdController.cs
index 04b54da..6abbe17 100644
--- a/samples/OpenIdProviderMvc/Controllers/OpenIdController.cs
+++ b/samples/OpenIdProviderMvc/Controllers/OpenIdController.cs
@@ -267,12 +267,13 @@ namespace OpenIdProviderMvc.Controllers {
 			}
 
 			Uri userLocalIdentifier = Models.User.GetClaimedIdentifierForUser(User.Identity.Name);
-			
-			 return authReq.LocalIdentifier.ToString().ToLowerInvariant() == userLocalIdentifier.ToString().ToLowerInvariant() 
-                            			||
-                   		authReq.LocalIdentifier.ToString().ToLowerInvariant() == PpidGeneration.PpidIdentifierProvider
-                                                                            .GetIdentifier(userLocalIdentifier, authReq.Realm)
-                                                                            .ToString().ToLowerInvariant();
+
+			// Assuming the URLs on the web server are not case sensitive (on Windows servers they almost never are),
+			// and usernames aren't either, compare the identifiers without case sensitivity.
+			// No reason to do this for the PPID identifiers though, since they *can* be case sensitive and are highly
+			// unlikely to be typed in by the user anyway.
+			return string.Equals(authReq.LocalIdentifier.ToString(), userLocalIdentifier.ToString(), StringComparison.OrdinalIgnoreCase) ||
+				authReq.LocalIdentifier == PpidGeneration.PpidIdentifierProvider.GetIdentifier(userLocalIdentifier, authReq.Realm);
 		}
 	}
 }