diff options
| -rw-r--r-- | src/DotNetOpenAuth/OpenId/OpenIdStrings.Designer.cs | 9 | ||||
| -rw-r--r-- | src/DotNetOpenAuth/OpenId/OpenIdStrings.resx | 3 | ||||
| -rw-r--r-- | src/DotNetOpenAuth/OpenId/Provider/OpenIdProvider.cs | 12 |
3 files changed, 23 insertions, 1 deletions
diff --git a/src/DotNetOpenAuth/OpenId/OpenIdStrings.Designer.cs b/src/DotNetOpenAuth/OpenId/OpenIdStrings.Designer.cs index b0bdc6c..f917f88 100644 --- a/src/DotNetOpenAuth/OpenId/OpenIdStrings.Designer.cs +++ b/src/DotNetOpenAuth/OpenId/OpenIdStrings.Designer.cs @@ -524,6 +524,15 @@ namespace DotNetOpenAuth.OpenId { } /// <summary> + /// Looks up a localized string similar to An unsolicited assertion cannot be sent for the claimed identifier {0} because this is not an authorized Provider for that identifier.. + /// </summary> + internal static string UnsolicitedAssertionForUnrelatedClaimedIdentifier { + get { + return ResourceManager.GetString("UnsolicitedAssertionForUnrelatedClaimedIdentifier", resourceCulture); + } + } + + /// <summary> /// Looks up a localized string similar to Unsolicited assertions are not allowed from 1.0 OpenID Providers.. /// </summary> internal static string UnsolicitedAssertionsNotAllowedFrom1xOPs { diff --git a/src/DotNetOpenAuth/OpenId/OpenIdStrings.resx b/src/DotNetOpenAuth/OpenId/OpenIdStrings.resx index 6e88fcc..8bffd62 100644 --- a/src/DotNetOpenAuth/OpenId/OpenIdStrings.resx +++ b/src/DotNetOpenAuth/OpenId/OpenIdStrings.resx @@ -286,4 +286,7 @@ Discovered endpoint info: <data name="AbsoluteUriRequired" xml:space="preserve"> <value>An absolute URI is required for this value.</value> </data> + <data name="UnsolicitedAssertionForUnrelatedClaimedIdentifier" xml:space="preserve"> + <value>An unsolicited assertion cannot be sent for the claimed identifier {0} because this is not an authorized Provider for that identifier.</value> + </data> </root>
\ No newline at end of file diff --git a/src/DotNetOpenAuth/OpenId/Provider/OpenIdProvider.cs b/src/DotNetOpenAuth/OpenId/Provider/OpenIdProvider.cs index f7eb3ad..4744a4f 100644 --- a/src/DotNetOpenAuth/OpenId/Provider/OpenIdProvider.cs +++ b/src/DotNetOpenAuth/OpenId/Provider/OpenIdProvider.cs @@ -202,7 +202,17 @@ namespace DotNetOpenAuth.OpenId.Provider { // is authorized to send an assertion for the given claimed identifier, // do due diligence by performing our own discovery on the claimed identifier // and make sure that it is tied to this OP and OP local identifier. - //// TODO: code here + var serviceEndpoint = DotNetOpenAuth.OpenId.RelyingParty.ServiceEndpoint.CreateForClaimedIdentifier(claimedIdentifier, localIdentifier, new ProviderEndpointDescription(providerEndpoint, Protocol.Default.Version), null, null); + var discoveredEndpoints = claimedIdentifier.Discover(this.WebRequestHandler); + if (!discoveredEndpoints.Contains(serviceEndpoint)) { + Logger.DebugFormat( + "Failed to send unsolicited assertion for {0} because its discovered services did not include this endpoint. This endpoint: {1}{2} Discovered endpoints: {1}{3}", + claimedIdentifier, + Environment.NewLine, + serviceEndpoint, + discoveredEndpoints.ToStringDeferred(true)); + ErrorUtilities.ThrowProtocol(OpenIdStrings.UnsolicitedAssertionForUnrelatedClaimedIdentifier, claimedIdentifier); + } Logger.InfoFormat("Preparing unsolicited assertion for {0}", claimedIdentifier); var returnToEndpoint = relyingParty.Discover(this.WebRequestHandler, true).FirstOrDefault(); |