summaryrefslogtreecommitdiffstats
path: root/projecttemplates
diff options
context:
space:
mode:
Diffstat (limited to 'projecttemplates')
-rw-r--r--projecttemplates/MvcRelyingParty/Controllers/AccountController.cs62
-rw-r--r--projecttemplates/MvcRelyingParty/Views/Account/LogOn.aspx62
2 files changed, 40 insertions, 84 deletions
diff --git a/projecttemplates/MvcRelyingParty/Controllers/AccountController.cs b/projecttemplates/MvcRelyingParty/Controllers/AccountController.cs
index e5a5e7a..efc0333 100644
--- a/projecttemplates/MvcRelyingParty/Controllers/AccountController.cs
+++ b/projecttemplates/MvcRelyingParty/Controllers/AccountController.cs
@@ -64,48 +64,6 @@
}
/// <summary>
- /// Accepts the login information provided by the user and redirects
- /// the user to their Provider to complete authentication.
- /// </summary>
- /// <param name="openid_identifier">The user-supplied identifier.</param>
- /// <param name="rememberMe">Whether the user wants a persistent cookie.</param>
- /// <param name="returnUrl">The URL to direct the user to after successfully authenticating.</param>
- /// <returns>The action result.</returns>
- [AcceptVerbs(HttpVerbs.Post), ValidateAntiForgeryToken]
- public ActionResult LogOn(string openid_identifier, bool rememberMe, string returnUrl) {
- Identifier userSuppliedIdentifier;
- if (Identifier.TryParse(openid_identifier, out userSuppliedIdentifier)) {
- try {
- var request = this.RelyingParty.CreateRequest(openid_identifier, Realm.AutoDetect, Url.ActionFull("LogOnReturnTo"));
- request.SetUntrustedCallbackArgument("rememberMe", rememberMe ? "1" : "0");
-
- // This might be signed so the OP can't send the user to a dangerous URL.
- // Of course, if that itself was a danger then the site is vulnerable to XSRF attacks anyway.
- if (!string.IsNullOrEmpty(returnUrl)) {
- request.SetUntrustedCallbackArgument("returnUrl", returnUrl);
- }
-
- // Ask for the user's email, not because we necessarily need it to do our work,
- // but so we can display something meaningful to the user as their "username"
- // when they log in with a PPID from Google, for example.
- request.AddExtension(new ClaimsRequest {
- Email = DemandLevel.Require,
- FullName = DemandLevel.Request,
- PolicyUrl = Url.ActionFull("PrivacyPolicy", "Home"),
- });
-
- return request.RedirectingResponse.AsActionResult();
- } catch (ProtocolException ex) {
- ModelState.AddModelError("OpenID", ex.Message);
- }
- } else {
- ModelState.AddModelError("openid_identifier", "This doesn't look like a valid OpenID.");
- }
-
- return View();
- }
-
- /// <summary>
/// Handles the positive assertion that comes from Providers to Javascript running in the browser.
/// </summary>
/// <returns>The action result.</returns>
@@ -115,7 +73,7 @@
/// hack attempts and result in errors when validation is turned on.
/// </remarks>
[AcceptVerbs(HttpVerbs.Get | HttpVerbs.Post), ValidateInput(false)]
- public ActionResult LogOnReturnToAjax() {
+ public ActionResult PopUpReturnTo() {
return RelyingPartyUtilities.AjaxReturnTo(this.Request);
}
@@ -129,7 +87,7 @@
/// hack attempts and result in errors when validation is turned on.
/// </remarks>
[AcceptVerbs(HttpVerbs.Get | HttpVerbs.Post), ValidateInput(false)]
- public ActionResult LogOnReturnTo(string openid_openidAuthData) {
+ public ActionResult LogOnPostAssertion(string openid_openidAuthData) {
IAuthenticationResponse response;
if (!string.IsNullOrEmpty(openid_openidAuthData)) {
var auth = new Uri(openid_openidAuthData);
@@ -147,8 +105,7 @@
switch (response.Status) {
case AuthenticationStatus.Authenticated:
var token = RelyingPartyLogic.User.ProcessUserLogin(response);
- bool rememberMe = response.GetUntrustedCallbackArgument("rememberMe") == "1";
- this.FormsAuth.SignIn(token.ClaimedIdentifier, rememberMe);
+ this.FormsAuth.SignIn(token.ClaimedIdentifier, false);
string returnUrl = response.GetUntrustedCallbackArgument("returnUrl");
if (!String.IsNullOrEmpty(returnUrl)) {
return Redirect(returnUrl);
@@ -184,7 +141,18 @@
throw new InvalidOperationException();
}
- return RelyingPartyUtilities.AjaxDiscover(identifier, Realm.AutoDetect, Url.ActionFull("LogOnReturnToAjax"));
+ Action<IAuthenticationRequest> addExtensions = (request) => {
+ // Ask for the user's email, not because we necessarily need it to do our work,
+ // but so we can display something meaningful to the user as their "username"
+ // when they log in with a PPID from Google, for example.
+ request.AddExtension(new ClaimsRequest {
+ Email = DemandLevel.Require,
+ FullName = DemandLevel.Request,
+ PolicyUrl = Url.ActionFull("PrivacyPolicy", "Home"),
+ });
+ };
+
+ return RelyingPartyUtilities.AjaxDiscover(identifier, Realm.AutoDetect, Url.ActionFull("PopUpReturnTo"), addExtensions);
}
[Authorize]
diff --git a/projecttemplates/MvcRelyingParty/Views/Account/LogOn.aspx b/projecttemplates/MvcRelyingParty/Views/Account/LogOn.aspx
index 7a5d87e..207afae 100644
--- a/projecttemplates/MvcRelyingParty/Views/Account/LogOn.aspx
+++ b/projecttemplates/MvcRelyingParty/Views/Account/LogOn.aspx
@@ -7,44 +7,36 @@
<h2>
Log On
</h2>
+ <p>Login using an account you already use. </p>
<%= Html.ValidationSummary("Login was unsuccessful. Please correct the errors and try again.") %>
- <% using (Html.BeginForm("LogOn", "Account")) { %>
+ <% using (Html.BeginForm("LogOnPostAssertion", "Account")) { %>
<%= Html.AntiForgeryToken() %>
<%= Html.Hidden("ReturnUrl", Request.QueryString["ReturnUrl"]) %>
<%= Html.Hidden("openid_openidAuthData") %>
<div>
- <fieldset>
- <legend>Account Information</legend>
- <ul class="OpenIdProviders">
- <li id="https://www.google.com/accounts/o8/id" class="OPButton"><a href="#"><div><div>
- <img src="../../Content/images/google.gif" />
- <img src="<%= Page.ClientScript.GetWebResourceUrl(typeof(DotNetOpenAuth.OpenId.RelyingParty.OpenIdSelector), "DotNetOpenAuth.OpenId.RelyingParty.login_success.png") %>" class="loginSuccess" title="Authenticated as {0}" />
- </div><div class="ui-widget-overlay"></div></div></a>
- </li>
- <li id="https://me.yahoo.com/" class="OPButton"><a href="#"><div><div>
- <img src="../../Content/images/yahoo.gif" />
- <img src="<%= Page.ClientScript.GetWebResourceUrl(typeof(DotNetOpenAuth.OpenId.RelyingParty.OpenIdSelector), "DotNetOpenAuth.OpenId.RelyingParty.login_success.png") %>" class="loginSuccess" title="Authenticated as {0}" />
- </div><div class="ui-widget-overlay"></div></div></a>
- </li>
- <li id="OpenIDButton" class="OpenIDButton"><a href="#"><div><div>
- <img src="../../Content/images/openid.gif" />
- <img src="<%= Page.ClientScript.GetWebResourceUrl(typeof(DotNetOpenAuth.OpenId.RelyingParty.OpenIdSelector), "DotNetOpenAuth.OpenId.RelyingParty.login_success.png") %>" class="loginSuccess" title="Authenticated as {0}" />
- </div><div class="ui-widget-overlay"></div></div></a>
- </li>
- </ul>
- <div style="display: none" id="OpenIDForm">
- <span class="OpenIdAjaxTextBox" style="display: inline-block; position: relative; font-size: 16px">
- <input name="openid_identifier" id="openid_identifier" size="40" style="padding-left: 18px; border-style: solid; border-width: 1px; border-color: lightgray" />
- </span>
- </div>
- <p>
- <%= Html.CheckBox("rememberMe") %> <label class="inline" for="rememberMe">Remember me?</label>
- </p>
- <p>
- <input type="submit" value="Log On" />
- </p>
- </fieldset>
+ <ul class="OpenIdProviders">
+ <li id="https://www.google.com/accounts/o8/id" class="OPButton"><a href="#"><div><div>
+ <img src="../../Content/images/google.gif" />
+ <img src="<%= Page.ClientScript.GetWebResourceUrl(typeof(DotNetOpenAuth.OpenId.RelyingParty.OpenIdSelector), "DotNetOpenAuth.OpenId.RelyingParty.login_success.png") %>" class="loginSuccess" title="Authenticated as {0}" />
+ </div><div class="ui-widget-overlay"></div></div></a>
+ </li>
+ <li id="https://me.yahoo.com/" class="OPButton"><a href="#"><div><div>
+ <img src="../../Content/images/yahoo.gif" />
+ <img src="<%= Page.ClientScript.GetWebResourceUrl(typeof(DotNetOpenAuth.OpenId.RelyingParty.OpenIdSelector), "DotNetOpenAuth.OpenId.RelyingParty.login_success.png") %>" class="loginSuccess" title="Authenticated as {0}" />
+ </div><div class="ui-widget-overlay"></div></div></a>
+ </li>
+ <li id="OpenIDButton" class="OpenIDButton"><a href="#"><div><div>
+ <img src="../../Content/images/openid.gif" />
+ <img src="<%= Page.ClientScript.GetWebResourceUrl(typeof(DotNetOpenAuth.OpenId.RelyingParty.OpenIdSelector), "DotNetOpenAuth.OpenId.RelyingParty.login_success.png") %>" class="loginSuccess" title="Authenticated as {0}" />
+ </div><div class="ui-widget-overlay"></div></div></a>
+ </li>
+ </ul>
+ <div style="display: none" id="OpenIDForm">
+ <span class="OpenIdAjaxTextBox" style="display: inline-block; position: relative; font-size: 16px">
+ <input name="openid_identifier" id="openid_identifier" size="40" style="padding-left: 18px; border-style: solid; border-width: 1px; border-color: lightgray" />
+ </span>
+ </div>
</div>
<% } %>
</asp:Content>
@@ -52,7 +44,7 @@
<script type="text/javascript" language="javascript"><!--
//<![CDATA[
//window.openid_visible_iframe = true; // causes the hidden iframe to show up
- window.openid_trace = true; // causes lots of messages
+ //window.openid_trace = true; // causes lots of messages
//]]>--></script>
<script type="text/javascript" src="../../Scripts/MicrosoftAjax.js"></script>
<script type="text/javascript" src="../../Scripts/MicrosoftMvcAjax.js"></script>
@@ -87,12 +79,8 @@
url: '<%= Url.Action("Discover") %>?identifier=' + encodeURIComponent(argument)
});
};
- window.dnoa_internal.callback = function (argument, resultFunction, errorCallback) {
- alert('we thought this was unused');
- };
window.postLoginAssertion = function (positiveAssertion) {
$('#openid_openidAuthData')[0].setAttribute('value', positiveAssertion);
- document.forms[0].action = '<%= Url.Action("LogOnReturnTo") %>';
document.forms[0].submit();
};
$(function () {
generated by cgit v1.1 at 2025-06-06 14:31:33 +0000