diff options
Diffstat (limited to 'samples/OpenIdProviderMvc')
| -rw-r--r-- | samples/OpenIdProviderMvc/Code/AnonymousIdentifierProvider.cs | 25 | ||||
| -rw-r--r-- | samples/OpenIdProviderMvc/Controllers/HomeController.cs | 6 | ||||
| -rw-r--r-- | samples/OpenIdProviderMvc/Controllers/OpenIdController.cs | 103 | ||||
| -rw-r--r-- | samples/OpenIdProviderMvc/Controllers/UserController.cs | 37 | ||||
| -rw-r--r-- | samples/OpenIdProviderMvc/Global.asax.cs | 25 | ||||
| -rw-r--r-- | samples/OpenIdProviderMvc/OpenIdProviderMvc.csproj | 6 | ||||
| -rw-r--r-- | samples/OpenIdProviderMvc/Views/Home/PpidXrds.aspx | 18 | ||||
| -rw-r--r-- | samples/OpenIdProviderMvc/Views/Home/Xrds.aspx | 19 | ||||
| -rw-r--r-- | samples/OpenIdProviderMvc/Views/Shared/Xrds.aspx | 31 | ||||
| -rw-r--r-- | samples/OpenIdProviderMvc/Views/User/Identity.aspx | 24 | ||||
| -rw-r--r-- | samples/OpenIdProviderMvc/Views/User/PpidIdentity.aspx | 16 | ||||
| -rw-r--r-- | samples/OpenIdProviderMvc/Views/User/PpidXrds.aspx | 13 | ||||
| -rw-r--r-- | samples/OpenIdProviderMvc/Views/User/Xrds.aspx | 15 | ||||
| -rw-r--r-- | samples/OpenIdProviderMvc/Web.config | 13 |
14 files changed, 167 insertions, 184 deletions
diff --git a/samples/OpenIdProviderMvc/Code/AnonymousIdentifierProvider.cs b/samples/OpenIdProviderMvc/Code/AnonymousIdentifierProvider.cs index 2b9e01c..6dc210d 100644 --- a/samples/OpenIdProviderMvc/Code/AnonymousIdentifierProvider.cs +++ b/samples/OpenIdProviderMvc/Code/AnonymousIdentifierProvider.cs @@ -1,15 +1,29 @@ namespace OpenIdProviderMvc.Code { using System; using System.Web.Security; - using DotNetOpenAuth.ApplicationBlock.Provider; using DotNetOpenAuth.OpenId; + using DotNetOpenAuth.OpenId.Provider; using OpenIdProviderMvc.Models; - internal class AnonymousIdentifierProvider : AnonymousIdentifierProviderBase { + internal class AnonymousIdentifierProvider : PrivatePersonalIdentifierProviderBase { + /// <summary> + /// Initializes a new instance of the <see cref="AnonymousIdentifierProvider"/> class. + /// </summary> internal AnonymousIdentifierProvider() : base(Util.GetAppPathRootedUri("anon?id=")) { } + /// <summary> + /// Gets the salt to use for generating an anonymous identifier for a given OP local identifier. + /// </summary> + /// <param name="localIdentifier">The OP local identifier.</param> + /// <returns>The salt to use in the hash.</returns> + /// <remarks> + /// It is important that this method always return the same value for a given + /// <paramref name="localIdentifier"/>. + /// New salts can be generated for local identifiers without previously assigned salt + /// values by calling <see cref="CreateSalt"/> or by a custom method. + /// </remarks> protected override byte[] GetHashSaltForLocalIdentifier(Identifier localIdentifier) { // This is just a sample with no database... a real web app MUST return // a reasonable salt here and have that salt be persistent for each user. @@ -17,7 +31,12 @@ string username = User.GetUserFromClaimedIdentifier(new Uri(localIdentifier)); string salt = membership.GetSalt(username); return Convert.FromBase64String(salt); - ////return AnonymousIdentifierProviderBase.GetNewSalt(5); + + // If users were encountered without a salt, one could be generated like this, + // and would also need to be saved to the user's account. + //// var newSalt = AnonymousIdentifierProviderBase.GetNewSalt(5); + //// user.Salt = newSalt; + //// return newSalt; } } } diff --git a/samples/OpenIdProviderMvc/Controllers/HomeController.cs b/samples/OpenIdProviderMvc/Controllers/HomeController.cs index 346e838..fb03ce2 100644 --- a/samples/OpenIdProviderMvc/Controllers/HomeController.cs +++ b/samples/OpenIdProviderMvc/Controllers/HomeController.cs @@ -9,6 +9,7 @@ public class HomeController : Controller { public ActionResult Index() { if (Request.AcceptTypes.Contains("application/xrds+xml")) { + ViewData["OPIdentifier"] = true; return View("Xrds"); } @@ -21,10 +22,7 @@ } public ActionResult Xrds() { - return View(); - } - - public ActionResult PpidXrds() { + ViewData["OPIdentifier"] = true; return View(); } } diff --git a/samples/OpenIdProviderMvc/Controllers/OpenIdController.cs b/samples/OpenIdProviderMvc/Controllers/OpenIdController.cs index e353268..bd0fdbf 100644 --- a/samples/OpenIdProviderMvc/Controllers/OpenIdController.cs +++ b/samples/OpenIdProviderMvc/Controllers/OpenIdController.cs @@ -5,9 +5,10 @@ namespace OpenIdProviderMvc.Controllers { using System.Web; using System.Web.Mvc; using System.Web.Mvc.Ajax; - using DotNetOpenAuth.ApplicationBlock.Provider; using DotNetOpenAuth.Messaging; using DotNetOpenAuth.OpenId; + using DotNetOpenAuth.OpenId.Behaviors; + using DotNetOpenAuth.OpenId.Extensions.ProviderAuthenticationPolicy; using DotNetOpenAuth.OpenId.Provider; using OpenIdProviderMvc.Code; @@ -20,67 +21,18 @@ namespace OpenIdProviderMvc.Controllers { } [ValidateInput(false)] - public ActionResult PpidProvider() { - return this.DoProvider(true); - } - - [ValidateInput(false)] public ActionResult Provider() { - return this.DoProvider(false); - } - - [Authorize] - public ActionResult SendAssertion(bool pseudonymous) { - IAuthenticationRequest authReq = PendingAuthenticationRequest; - PendingAuthenticationRequest = null; - if (authReq == null) { - throw new InvalidOperationException(); - } - - Identifier localIdentifier = Models.User.GetClaimedIdentifierForUser(User.Identity.Name); - - if (pseudonymous) { - if (!authReq.IsDirectedIdentity) { - throw new InvalidOperationException("Directed identity is the only supported scenario for anonymous identifiers."); - } - - var anonProvider = new AnonymousIdentifierProvider(); - authReq.ScrubPersonallyIdentifiableInformation(localIdentifier, anonProvider, true); - authReq.IsAuthenticated = true; - } else { - if (authReq.IsDirectedIdentity) { - authReq.LocalIdentifier = localIdentifier; - authReq.ClaimedIdentifier = localIdentifier; - authReq.IsAuthenticated = true; - } else { - if (authReq.LocalIdentifier == localIdentifier) { - authReq.IsAuthenticated = true; - if (!authReq.IsDelegatedIdentifier) { - authReq.ClaimedIdentifier = authReq.LocalIdentifier; - } - } else { - authReq.IsAuthenticated = false; - } - } - - // TODO: Respond to AX/sreg extension requests here. - // We don't want to add these extension responses for anonymous identifiers - // because they could leak information about the user's identity. - } - - return OpenIdProvider.PrepareResponse(authReq).AsActionResult(); - } - - private ActionResult DoProvider(bool pseudonymous) { IRequest request = OpenIdProvider.GetRequest(); if (request != null) { var authRequest = request as IAuthenticationRequest; if (authRequest != null) { PendingAuthenticationRequest = authRequest; - if (User.Identity.IsAuthenticated && (authRequest.IsDirectedIdentity || Models.User.GetClaimedIdentifierForUser(User.Identity.Name) == authRequest.LocalIdentifier)) { - return this.SendAssertion(pseudonymous); + if (authRequest.IsReturnUrlDiscoverable(OpenIdProvider) == RelyingPartyDiscoveryResult.Success && + User.Identity.IsAuthenticated && + (authRequest.IsDirectedIdentity || this.UserControlsIdentifier(authRequest))) { + return this.SendAssertion(); } else { - return RedirectToAction("LogOn", "Account", new { returnUrl = Url.Action("SendAssertion", new { pseudonymous = pseudonymous }) }); + return RedirectToAction("LogOn", "Account", new { returnUrl = Url.Action("SendAssertion") }); } } @@ -93,5 +45,46 @@ namespace OpenIdProviderMvc.Controllers { return View(); } } + + [Authorize] + public ActionResult SendAssertion() { + IAuthenticationRequest authReq = PendingAuthenticationRequest; + PendingAuthenticationRequest = null; // clear session static so we don't do this again + if (authReq == null) { + throw new InvalidOperationException("There's no pending authentication request!"); + } + + if (authReq.IsDirectedIdentity) { + authReq.LocalIdentifier = Models.User.GetClaimedIdentifierForUser(User.Identity.Name); + } + if (!authReq.IsDelegatedIdentifier) { + authReq.ClaimedIdentifier = authReq.LocalIdentifier; + } + + // Respond to AX/sreg extension requests. + //// Real web sites would have code here + + authReq.IsAuthenticated = this.UserControlsIdentifier(authReq); + return OpenIdProvider.PrepareResponse(authReq).AsActionResult(); + } + + /// <summary> + /// Checks whether the logged in user controls the OP local identifier in the given authentication request. + /// </summary> + /// <param name="authReq">The authentication request.</param> + /// <returns><c>true</c> if the user controls the identifier; <c>false</c> otherwise.</returns> + private bool UserControlsIdentifier(IAuthenticationRequest authReq) { + if (authReq == null) { + throw new ArgumentNullException("authReq"); + } + + if (User == null || User.Identity == null) { + return false; + } + + Uri userLocalIdentifier = Models.User.GetClaimedIdentifierForUser(User.Identity.Name); + return authReq.LocalIdentifier == userLocalIdentifier || + authReq.LocalIdentifier == PpidGeneration.PpidIdentifierProvider.GetIdentifier(userLocalIdentifier, authReq.Realm); + } } } diff --git a/samples/OpenIdProviderMvc/Controllers/UserController.cs b/samples/OpenIdProviderMvc/Controllers/UserController.cs index 8b3f944..5e0c21f 100644 --- a/samples/OpenIdProviderMvc/Controllers/UserController.cs +++ b/samples/OpenIdProviderMvc/Controllers/UserController.cs @@ -7,38 +7,37 @@ namespace OpenIdProviderMvc.Controllers { using System.Web.Mvc.Ajax; public class UserController : Controller { - public ActionResult PpidIdentity() { - if (Request.AcceptTypes.Contains("application/xrds+xml")) { - return View("PpidXrds"); - } - - return View(); - } - - public ActionResult Identity(string id) { - var redirect = this.RedirectIfNotNormalizedRequestUri(); - if (redirect != null) { - return redirect; + /// <summary> + /// Identities the specified id. + /// </summary> + /// <param name="id">The username or anonymous identifier.</param> + /// <param name="anon">if set to <c>true</c> then <paramref name="id"/> represents an anonymous identifier rather than a username.</param> + /// <returns>The view to display.</returns> + public ActionResult Identity(string id, bool anon) { + if (!anon) { + var redirect = this.RedirectIfNotNormalizedRequestUri(id); + if (redirect != null) { + return redirect; + } } if (Request.AcceptTypes != null && Request.AcceptTypes.Contains("application/xrds+xml")) { return View("Xrds"); } - this.ViewData["username"] = id; - return View(); - } + if (!anon) { + this.ViewData["username"] = id; + } - public ActionResult Xrds(string id) { return View(); } - public ActionResult PpidXrds() { + public ActionResult Xrds(string id) { return View(); } - private ActionResult RedirectIfNotNormalizedRequestUri() { - Uri normalized = Models.User.GetNormalizedClaimedIdentifier(Request.Url); + private ActionResult RedirectIfNotNormalizedRequestUri(string user) { + Uri normalized = Models.User.GetClaimedIdentifierForUser(user); if (Request.Url != normalized) { return Redirect(normalized.AbsoluteUri); } diff --git a/samples/OpenIdProviderMvc/Global.asax.cs b/samples/OpenIdProviderMvc/Global.asax.cs index 8c57961..8390c46 100644 --- a/samples/OpenIdProviderMvc/Global.asax.cs +++ b/samples/OpenIdProviderMvc/Global.asax.cs @@ -14,21 +14,19 @@ /// visit http://go.microsoft.com/?LinkId=9394801 /// </remarks> public class MvcApplication : System.Web.HttpApplication { + private static object behaviorInitializationSyncObject = new object(); + public static void RegisterRoutes(RouteCollection routes) { routes.IgnoreRoute("{resource}.axd/{*pathInfo}"); routes.MapRoute( "User identities", "user/{id}/{action}", - new { controller = "User", action = "Identity", id = string.Empty }); + new { controller = "User", action = "Identity", id = string.Empty, anon = false }); routes.MapRoute( "PPID identifiers", "anon", - new { controller = "User", action = "PpidIdentity", id = string.Empty }); - routes.MapRoute( - "PpidXrds", - "PpidXrds", - new { controller = "Home", action = "PpidXrds" }); // Parameter defaults + new { controller = "User", action = "Identity", id = string.Empty, anon = true }); routes.MapRoute( "Default", // Route name "{controller}/{action}/{id}", // URL with parameters @@ -38,5 +36,20 @@ protected void Application_Start() { RegisterRoutes(RouteTable.Routes); } + + protected void Application_BeginRequest(object sender, EventArgs e) { + InitializeBehaviors(); + } + + private static void InitializeBehaviors() { + if (DotNetOpenAuth.OpenId.Behaviors.PpidGeneration.PpidIdentifierProvider == null) { + lock (behaviorInitializationSyncObject) { + if (DotNetOpenAuth.OpenId.Behaviors.PpidGeneration.PpidIdentifierProvider == null) { + DotNetOpenAuth.OpenId.Behaviors.PpidGeneration.PpidIdentifierProvider = new Code.AnonymousIdentifierProvider(); + DotNetOpenAuth.OpenId.Behaviors.GsaIcamProfile.PpidIdentifierProvider = new Code.AnonymousIdentifierProvider(); + } + } + } + } } }
\ No newline at end of file diff --git a/samples/OpenIdProviderMvc/OpenIdProviderMvc.csproj b/samples/OpenIdProviderMvc/OpenIdProviderMvc.csproj index 5caf26d..0c01c64 100644 --- a/samples/OpenIdProviderMvc/OpenIdProviderMvc.csproj +++ b/samples/OpenIdProviderMvc/OpenIdProviderMvc.csproj @@ -92,13 +92,9 @@ <Content Include="Views\Account\ChangePassword.aspx" /> <Content Include="Views\Account\ChangePasswordSuccess.aspx" /> <Content Include="Views\Account\Register.aspx" /> - <Content Include="Views\Home\PpidXrds.aspx" /> - <Content Include="Views\Home\Xrds.aspx" /> + <Content Include="Views\Shared\Xrds.aspx" /> <Content Include="Views\OpenId\Provider.aspx" /> - <Content Include="Views\User\PpidXrds.aspx" /> - <Content Include="Views\User\PpidIdentity.aspx" /> <Content Include="Views\User\Identity.aspx" /> - <Content Include="Views\User\Xrds.aspx" /> <Content Include="Web.config" /> <Content Include="Content\Site.css" /> <Content Include="Scripts\jquery-1.3.1.js" /> diff --git a/samples/OpenIdProviderMvc/Views/Home/PpidXrds.aspx b/samples/OpenIdProviderMvc/Views/Home/PpidXrds.aspx deleted file mode 100644 index 990a3df..0000000 --- a/samples/OpenIdProviderMvc/Views/Home/PpidXrds.aspx +++ /dev/null @@ -1,18 +0,0 @@ -<%@ Page Language="C#" AutoEventWireup="true" ContentType="application/xrds+xml" %><?xml version="1.0" encoding="UTF-8"?> -<%-- -This page is a required as part of the service discovery phase of the openid -protocol (step 1). It simply renders the xml for doing service discovery of -server.aspx using the xrds mechanism. -This XRDS doc is discovered via the user.aspx page. ---%> -<xrds:XRDS - xmlns:xrds="xri://$xrds" - xmlns:openid="http://openid.net/xmlns/1.0" - xmlns="xri://$xrd*($v*2.0)"> - <XRD> - <Service priority="10"> - <Type>http://specs.openid.net/auth/2.0/server</Type> - <URI><%=new Uri(Request.Url, Response.ApplyAppPathModifier("~/OpenId/PpidProvider"))%></URI> - </Service> - </XRD> -</xrds:XRDS> diff --git a/samples/OpenIdProviderMvc/Views/Home/Xrds.aspx b/samples/OpenIdProviderMvc/Views/Home/Xrds.aspx deleted file mode 100644 index 7b0c417..0000000 --- a/samples/OpenIdProviderMvc/Views/Home/Xrds.aspx +++ /dev/null @@ -1,19 +0,0 @@ -<%@ Page Language="C#" AutoEventWireup="true" ContentType="application/xrds+xml" %><?xml version="1.0" encoding="UTF-8"?> -<%-- -This page is a required as part of the service discovery phase of the openid -protocol (step 1). It simply renders the xml for doing service discovery of -server.aspx using the xrds mechanism. -This XRDS doc is discovered via the user.aspx page. ---%> -<xrds:XRDS - xmlns:xrds="xri://$xrds" - xmlns:openid="http://openid.net/xmlns/1.0" - xmlns="xri://$xrd*($v*2.0)"> - <XRD> - <Service priority="10"> - <Type>http://specs.openid.net/auth/2.0/server</Type> - <Type>http://openid.net/extensions/sreg/1.1</Type> - <URI><%=new Uri(Request.Url, Response.ApplyAppPathModifier("~/OpenId/Provider"))%></URI> - </Service> - </XRD> -</xrds:XRDS> diff --git a/samples/OpenIdProviderMvc/Views/Shared/Xrds.aspx b/samples/OpenIdProviderMvc/Views/Shared/Xrds.aspx new file mode 100644 index 0000000..7aad102 --- /dev/null +++ b/samples/OpenIdProviderMvc/Views/Shared/Xrds.aspx @@ -0,0 +1,31 @@ +<%@ Page Language="C#" AutoEventWireup="true" ContentType="application/xrds+xml" %> +<%@ OutputCache Duration="86400" VaryByParam="none" Location="Any" %><?xml version="1.0" encoding="UTF-8"?> +<%-- +This XRDS view is used for both the OP identifier and the user identity pages. +Only a couple of conditional checks are required to share the view, but sharing the view +makes it very easy to ensure that all the Type URIs that this server supports are included +for all XRDS discovery. +--%> +<xrds:XRDS + xmlns:xrds="xri://$xrds" + xmlns:openid="http://openid.net/xmlns/1.0" + xmlns="xri://$xrd*($v*2.0)"> + <XRD> + <Service priority="10"> +<% if (ViewData["OPIdentifier"] != null) { %> + <Type>http://specs.openid.net/auth/2.0/server</Type> +<% } else { %> + <Type>http://specs.openid.net/auth/2.0/signon</Type> +<% } %> + <Type>http://openid.net/extensions/sreg/1.1</Type> + <Type>http://axschema.org/contact/email</Type> + + <%-- + Add these types when and if the Provider supports the respective aspects of the UI extension. + <Type>http://specs.openid.net/extensions/ui/1.0/mode/popup</Type> + <Type>http://specs.openid.net/extensions/ui/1.0/lang-pref</Type> + <Type>http://specs.openid.net/extensions/ui/1.0/icon</Type>--%> + <URI><%=new Uri(Request.Url, Response.ApplyAppPathModifier("~/OpenId/Provider"))%></URI> + </Service> + </XRD> +</xrds:XRDS> diff --git a/samples/OpenIdProviderMvc/Views/User/Identity.aspx b/samples/OpenIdProviderMvc/Views/User/Identity.aspx index bb50899..51233a3 100644 --- a/samples/OpenIdProviderMvc/Views/User/Identity.aspx +++ b/samples/OpenIdProviderMvc/Views/User/Identity.aspx @@ -3,18 +3,26 @@ <%@ Register Assembly="DotNetOpenAuth" Namespace="DotNetOpenAuth.OpenId.Provider" TagPrefix="op" %> <asp:Content ID="Content1" ContentPlaceHolderID="TitleContent" runat="server"> - <%=Html.Encode(ViewData["username"])%> - identity page + <%=Html.Encode(ViewData["username"] ?? string.Empty)%> + Identity page </asp:Content> <asp:Content runat="server" ContentPlaceHolderID="HeadContent"> - <op:IdentityEndpoint ID="IdentityEndpoint11" runat="server" ProviderEndpointUrl="~/OpenId/Provider" ProviderVersion="V11" /> - <op:IdentityEndpoint ID="IdentityEndpoint20" runat="server" ProviderEndpointUrl="~/OpenId/Provider" XrdsUrl="~/User/all/xrds" XrdsAutoAnswer="false" /> + <op:IdentityEndpoint ID="IdentityEndpoint11" runat="server" ProviderEndpointUrl="~/OpenId/Provider" + ProviderVersion="V11" /> + <op:IdentityEndpoint ID="IdentityEndpoint20" runat="server" ProviderEndpointUrl="~/OpenId/Provider" + XrdsUrl="~/User/all/xrds" XrdsAutoAnswer="false" XrdsAdvertisement="Both" /> </asp:Content> <asp:Content ID="Content2" ContentPlaceHolderID="MainContent" runat="server"> - <h2>This is - <%=Html.Encode(ViewData["username"])%>'s OpenID identity page </h2> - + <h2> + <% if (!string.IsNullOrEmpty(ViewData["username"] as string)) { %> + This is + <%=Html.Encode(ViewData["username"])%>'s + <% } %> + OpenID identity page + </h2> <% if (string.Equals(User.Identity.Name, ViewData["username"])) { %> - <p>This is <b>your</b> identity page. </p> + <p> + This is <b>your</b> identity page. + </p> <% } %> </asp:Content> diff --git a/samples/OpenIdProviderMvc/Views/User/PpidIdentity.aspx b/samples/OpenIdProviderMvc/Views/User/PpidIdentity.aspx deleted file mode 100644 index f33a694..0000000 --- a/samples/OpenIdProviderMvc/Views/User/PpidIdentity.aspx +++ /dev/null @@ -1,16 +0,0 @@ -<%@ Page Title="" Language="C#" MasterPageFile="~/Views/Shared/Site.Master" Inherits="System.Web.Mvc.ViewPage" %> - -<%@ Register Assembly="DotNetOpenAuth" Namespace="DotNetOpenAuth.OpenId.Provider" - TagPrefix="op" %> -<asp:Content ID="Content1" ContentPlaceHolderID="TitleContent" runat="server"> - Identity page -</asp:Content> -<asp:Content runat="server" ContentPlaceHolderID="HeadContent"> - <op:IdentityEndpoint ID="IdentityEndpoint11" runat="server" ProviderEndpointUrl="~/OpenId/PpidProvider" - ProviderVersion="V11" /> - <op:IdentityEndpoint ID="IdentityEndpoint20" runat="server" ProviderEndpointUrl="~/OpenId/PpidProvider" - XrdsUrl="~/User/all/ppidxrds" XrdsAutoAnswer="false" /> -</asp:Content> -<asp:Content ID="Content2" ContentPlaceHolderID="MainContent" runat="server"> - <h2>OpenID identity page </h2> -</asp:Content> diff --git a/samples/OpenIdProviderMvc/Views/User/PpidXrds.aspx b/samples/OpenIdProviderMvc/Views/User/PpidXrds.aspx deleted file mode 100644 index 67256bd..0000000 --- a/samples/OpenIdProviderMvc/Views/User/PpidXrds.aspx +++ /dev/null @@ -1,13 +0,0 @@ -<%@ Page Language="C#" AutoEventWireup="true" ContentType="application/xrds+xml" %><?xml version="1.0" encoding="UTF-8"?> -<XRDS xmlns="xri://$xrds" xmlns:openid="http://openid.net/xmlns/1.0"> - <XRD xmlns="xri://$xrd*($v*2.0)"> - <Service priority="10"> - <Type>http://specs.openid.net/auth/2.0/signon</Type> - <URI><%=new Uri(Request.Url, Response.ApplyAppPathModifier("~/OpenId/PpidProvider"))%></URI> - </Service> - <Service priority="20"> - <Type>http://openid.net/signon/1.0</Type> - <URI><%=new Uri(Request.Url, Response.ApplyAppPathModifier("~/OpenId/PpidProvider"))%></URI> - </Service> - </XRD> -</XRDS> diff --git a/samples/OpenIdProviderMvc/Views/User/Xrds.aspx b/samples/OpenIdProviderMvc/Views/User/Xrds.aspx deleted file mode 100644 index 452742c..0000000 --- a/samples/OpenIdProviderMvc/Views/User/Xrds.aspx +++ /dev/null @@ -1,15 +0,0 @@ -<%@ Page Language="C#" AutoEventWireup="true" ContentType="application/xrds+xml" %><?xml version="1.0" encoding="UTF-8"?> -<XRDS xmlns="xri://$xrds" xmlns:openid="http://openid.net/xmlns/1.0"> - <XRD xmlns="xri://$xrd*($v*2.0)"> - <Service priority="10"> - <Type>http://specs.openid.net/auth/2.0/signon</Type> - <Type>http://openid.net/extensions/sreg/1.1</Type> - <URI><%=new Uri(Request.Url, Response.ApplyAppPathModifier("~/OpenId/Provider"))%></URI> - </Service> - <Service priority="20"> - <Type>http://openid.net/signon/1.0</Type> - <Type>http://openid.net/extensions/sreg/1.1</Type> - <URI><%=new Uri(Request.Url, Response.ApplyAppPathModifier("~/OpenId/Provider"))%></URI> - </Service> - </XRD> -</XRDS> diff --git a/samples/OpenIdProviderMvc/Web.config b/samples/OpenIdProviderMvc/Web.config index 029414a..f36bfcf 100644 --- a/samples/OpenIdProviderMvc/Web.config +++ b/samples/OpenIdProviderMvc/Web.config @@ -46,11 +46,18 @@ <!-- this is an optional configuration section where aspects of dotnetopenauth can be customized --> <dotNetOpenAuth> <openid> - <relyingParty> - <security requireSsl="false"/> + <provider> + <security requireSsl="false" /> + <behaviors> + <!-- Behaviors activate themselves automatically for individual matching requests. + The first one in this list to match an incoming request "owns" the request. If no + profile matches, the default behavior is assumed. --> + <!--<add type="DotNetOpenAuth.OpenId.Behaviors.GsaIcamProfile, DotNetOpenAuth" />--> + <add type="DotNetOpenAuth.OpenId.Behaviors.PpidGeneration, DotNetOpenAuth" /> + </behaviors> <!-- Uncomment the following to activate the sample custom store. --> <!--<store type="RelyingPartyWebForms.CustomStore, RelyingPartyWebForms" />--> - </relyingParty> + </provider> </openid> <messaging> <untrustedWebRequest> |