diff options
| -rw-r--r-- | src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdAjaxTextBox.cs | 13 | ||||
| -rw-r--r-- | src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdTextBox.cs | 13 |
2 files changed, 18 insertions, 8 deletions
diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdAjaxTextBox.cs b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdAjaxTextBox.cs index 7784ee5..216abcc 100644 --- a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdAjaxTextBox.cs +++ b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdAjaxTextBox.cs @@ -1172,12 +1172,16 @@ if (!openidbox.dnoi_internal.onSubmit()) {{ return false; }} var requests = new List<IAuthenticationRequest>(); using (OpenIdRelyingParty rp = CreateRelyingParty(true)) { + // Approximate the returnTo (either based on the customize property or the page URL) + // so we can use it to help with Realm resolution. + Uri returnToApproximation = this.ReturnToUrl != null ? new Uri(MessagingUtilities.GetRequestUrlFromContext(), this.ReturnToUrl) : this.Page.Request.Url; + // Resolve the trust root, and swap out the scheme and port if necessary to match the // return_to URL, since this match is required by OpenId, and the consumer app // may be using HTTP at some times and HTTPS at others. UriBuilder realm = OpenIdUtilities.GetResolvedRealm(this.Page, this.RealmUrl); - realm.Scheme = Page.Request.Url.Scheme; - realm.Port = Page.Request.Url.Port; + realm.Scheme = returnToApproximation.Scheme; + realm.Port = returnToApproximation.Port; // Initiate openid request // We use TryParse here to avoid throwing an exception which @@ -1186,8 +1190,9 @@ if (!openidbox.dnoi_internal.onSubmit()) {{ return false; }} if (string.IsNullOrEmpty(this.ReturnToUrl)) { requests.AddRange(rp.CreateRequests(userSuppliedIdentifier, typedRealm)); } else { - Uri returnTo = new Uri(MessagingUtilities.GetRequestUrlFromContext(), this.ReturnToUrl); - requests.AddRange(rp.CreateRequests(userSuppliedIdentifier, typedRealm, returnTo)); + // Since the user actually gave us a return_to value, + // the "approximation" is exactly what we want. + requests.AddRange(rp.CreateRequests(userSuppliedIdentifier, typedRealm, returnToApproximation)); } // Some OPs may be listed multiple times (one with HTTPS and the other with HTTP, for example). diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdTextBox.cs b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdTextBox.cs index 0294e09..97bca99 100644 --- a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdTextBox.cs +++ b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdTextBox.cs @@ -876,12 +876,16 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { try { using (var consumer = this.CreateRelyingParty()) { + // Approximate the returnTo (either based on the customize property or the page URL) + // so we can use it to help with Realm resolution. + Uri returnToApproximation = this.ReturnToUrl != null ? new Uri(MessagingUtilities.GetRequestUrlFromContext(), this.ReturnToUrl) : this.Page.Request.Url; + // Resolve the trust root, and swap out the scheme and port if necessary to match the // return_to URL, since this match is required by OpenId, and the consumer app // may be using HTTP at some times and HTTPS at others. UriBuilder realm = OpenIdUtilities.GetResolvedRealm(this.Page, this.RealmUrl); - realm.Scheme = Page.Request.Url.Scheme; - realm.Port = Page.Request.Url.Port; + realm.Scheme = returnToApproximation.Scheme; + realm.Port = returnToApproximation.Port; // Initiate openid request // We use TryParse here to avoid throwing an exception which @@ -892,8 +896,9 @@ namespace DotNetOpenAuth.OpenId.RelyingParty { if (string.IsNullOrEmpty(this.ReturnToUrl)) { this.Request = consumer.CreateRequest(userSuppliedIdentifier, typedRealm); } else { - Uri returnTo = new Uri(MessagingUtilities.GetRequestUrlFromContext(), this.ReturnToUrl); - this.Request = consumer.CreateRequest(userSuppliedIdentifier, typedRealm, returnTo); + // Since the user actually gave us a return_to value, + // the "approximation" is exactly what we want. + this.Request = consumer.CreateRequest(userSuppliedIdentifier, typedRealm, returnToApproximation); } this.Request.Mode = this.ImmediateMode ? AuthenticationRequestMode.Immediate : AuthenticationRequestMode.Setup; if (this.EnableRequestProfile) { |