summaryrefslogtreecommitdiffstats
path: root/samples/OpenIdProviderWebForms
diff options
context:
space:
mode:
Diffstat (limited to 'samples/OpenIdProviderWebForms')
-rw-r--r--samples/OpenIdProviderWebForms/Code/CustomStore.cs2
-rw-r--r--samples/OpenIdProviderWebForms/Code/OAuthHybrid.cs4
-rw-r--r--samples/OpenIdProviderWebForms/Code/Util.cs35
-rw-r--r--samples/OpenIdProviderWebForms/Default.aspx2
-rw-r--r--samples/OpenIdProviderWebForms/Default.aspx.cs46
-rw-r--r--samples/OpenIdProviderWebForms/OpenIdProviderWebForms.csproj13
-rw-r--r--samples/OpenIdProviderWebForms/ProfileFields.ascx.cs14
-rw-r--r--samples/OpenIdProviderWebForms/Provider.ashx.cs19
-rw-r--r--samples/OpenIdProviderWebForms/Web.config11
-rw-r--r--samples/OpenIdProviderWebForms/access_token.ashx.cs19
-rw-r--r--samples/OpenIdProviderWebForms/decide.aspx2
-rw-r--r--samples/OpenIdProviderWebForms/decide.aspx.cs189
-rw-r--r--samples/OpenIdProviderWebForms/decide.aspx.designer.cs3
-rw-r--r--samples/OpenIdProviderWebForms/packages.config5
-rw-r--r--samples/OpenIdProviderWebForms/server.aspx2
-rw-r--r--samples/OpenIdProviderWebForms/server.aspx.cs14
16 files changed, 243 insertions, 137 deletions
diff --git a/samples/OpenIdProviderWebForms/Code/CustomStore.cs b/samples/OpenIdProviderWebForms/Code/CustomStore.cs
index 6a776cf..6c440af 100644
--- a/samples/OpenIdProviderWebForms/Code/CustomStore.cs
+++ b/samples/OpenIdProviderWebForms/Code/CustomStore.cs
@@ -25,7 +25,7 @@ namespace OpenIdProviderWebForms.Code {
/// But we "persist" all associations and nonces into a DataTable to demonstrate
/// that using a database is possible.
/// </remarks>
- public class CustomStore : IOpenIdApplicationStore {
+ public class CustomStore : ICryptoKeyAndNonceStore {
private static CustomStoreDataSet dataSet = new CustomStoreDataSet();
#region INonceStore Members
diff --git a/samples/OpenIdProviderWebForms/Code/OAuthHybrid.cs b/samples/OpenIdProviderWebForms/Code/OAuthHybrid.cs
index 8e64bfb..f96e87e 100644
--- a/samples/OpenIdProviderWebForms/Code/OAuthHybrid.cs
+++ b/samples/OpenIdProviderWebForms/Code/OAuthHybrid.cs
@@ -37,8 +37,8 @@ namespace OpenIdProviderWebForms.Code {
internal static ServiceProviderOpenIdProvider ServiceProvider { get; private set; }
- internal static ServiceProviderDescription GetServiceDescription() {
- return new ServiceProviderDescription {
+ internal static ServiceProviderHostDescription GetServiceDescription() {
+ return new ServiceProviderHostDescription {
TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() },
};
}
diff --git a/samples/OpenIdProviderWebForms/Code/Util.cs b/samples/OpenIdProviderWebForms/Code/Util.cs
index deff447..5333124 100644
--- a/samples/OpenIdProviderWebForms/Code/Util.cs
+++ b/samples/OpenIdProviderWebForms/Code/Util.cs
@@ -6,11 +6,13 @@
namespace OpenIdProviderWebForms.Code {
using System;
+ using System.Threading;
+ using System.Threading.Tasks;
using System.Web;
using DotNetOpenAuth.OpenId;
using DotNetOpenAuth.OpenId.Provider;
- public class Util {
+ public static class Util {
public static string ExtractUserName(Uri url) {
return url.Segments[url.Segments.Length - 1];
}
@@ -52,7 +54,7 @@ namespace OpenIdProviderWebForms.Code {
// add extension responses here.
}
} else {
- HttpContext.Current.Response.Redirect("~/decide.aspx", true);
+ HttpContext.Current.Response.Redirect("~/decide.aspx", false);
}
}
@@ -68,8 +70,35 @@ namespace OpenIdProviderWebForms.Code {
// These would typically be filled in from a user database
}
} else {
- HttpContext.Current.Response.Redirect("~/decide.aspx", true);
+ HttpContext.Current.Response.Redirect("~/decide.aspx", false);
}
}
+
+ internal static Task ToApm(this Task task, AsyncCallback callback, object state) {
+ if (task == null) {
+ throw new ArgumentNullException("task");
+ }
+
+ var tcs = new TaskCompletionSource<object>(state);
+ task.ContinueWith(
+ t => {
+ if (t.IsFaulted) {
+ tcs.TrySetException(t.Exception.InnerExceptions);
+ } else if (t.IsCanceled) {
+ tcs.TrySetCanceled();
+ } else {
+ tcs.TrySetResult(null);
+ }
+
+ if (callback != null) {
+ callback(tcs.Task);
+ }
+ },
+ CancellationToken.None,
+ TaskContinuationOptions.None,
+ TaskScheduler.Default);
+
+ return tcs.Task;
+ }
}
} \ No newline at end of file
diff --git a/samples/OpenIdProviderWebForms/Default.aspx b/samples/OpenIdProviderWebForms/Default.aspx
index 4f9e4bc..dfa056c 100644
--- a/samples/OpenIdProviderWebForms/Default.aspx
+++ b/samples/OpenIdProviderWebForms/Default.aspx
@@ -1,5 +1,5 @@
<%@ Page Language="C#" AutoEventWireup="true" MasterPageFile="~/Site.Master" CodeBehind="Default.aspx.cs"
- Inherits="OpenIdProviderWebForms._default" %>
+ Inherits="OpenIdProviderWebForms._default" Async="true" %>
<%@ Import Namespace="OpenIdProviderWebForms.Code" %>
<%@ Register Assembly="DotNetOpenAuth.OpenId.UI" Namespace="DotNetOpenAuth.OpenId" TagPrefix="openid" %>
diff --git a/samples/OpenIdProviderWebForms/Default.aspx.cs b/samples/OpenIdProviderWebForms/Default.aspx.cs
index 4843639..5d27251 100644
--- a/samples/OpenIdProviderWebForms/Default.aspx.cs
+++ b/samples/OpenIdProviderWebForms/Default.aspx.cs
@@ -1,6 +1,8 @@
namespace OpenIdProviderWebForms {
using System;
+ using System.Threading.Tasks;
using System.Web.Security;
+ using System.Web.UI;
using System.Web.UI.WebControls;
using DotNetOpenAuth.Messaging;
using DotNetOpenAuth.OpenId;
@@ -12,32 +14,42 @@
/// </summary>
public partial class _default : System.Web.UI.Page {
protected void Page_Load(object sender, EventArgs e) {
- if (Request.QueryString["rp"] != null) {
- if (Page.User.Identity.IsAuthenticated) {
- this.SendAssertion(Request.QueryString["rp"]);
- } else {
- FormsAuthentication.RedirectToLoginPage();
- }
- } else {
- TextBox relyingPartySite = (TextBox)this.loginView.FindControl("relyingPartySite");
- if (relyingPartySite != null) {
- relyingPartySite.Focus();
- }
- }
+ this.RegisterAsyncTask(
+ new PageAsyncTask(
+ async ct => {
+ if (Request.QueryString["rp"] != null) {
+ if (Page.User.Identity.IsAuthenticated) {
+ await this.SendAssertionAsync(Request.QueryString["rp"]);
+ } else {
+ FormsAuthentication.RedirectToLoginPage();
+ }
+ } else {
+ TextBox relyingPartySite = (TextBox)this.loginView.FindControl("relyingPartySite");
+ if (relyingPartySite != null) {
+ relyingPartySite.Focus();
+ }
+ }
+ }));
}
- protected void sendAssertionButton_Click(object sender, EventArgs e) {
- TextBox relyingPartySite = (TextBox)this.loginView.FindControl("relyingPartySite");
- this.SendAssertion(relyingPartySite.Text);
+ protected async void sendAssertionButton_Click(object sender, EventArgs e) {
+ this.RegisterAsyncTask(
+ new PageAsyncTask(
+ async ct => {
+ TextBox relyingPartySite = (TextBox)this.loginView.FindControl("relyingPartySite");
+ await this.SendAssertionAsync(relyingPartySite.Text);
+ }));
}
- private void SendAssertion(string relyingPartyRealm) {
+ private async Task SendAssertionAsync(string relyingPartyRealm) {
Uri providerEndpoint = new Uri(Request.Url, Page.ResolveUrl("~/server.aspx"));
OpenIdProvider op = new OpenIdProvider();
try {
// Send user input through identifier parser so we accept more free-form input.
string rpSite = Identifier.Parse(relyingPartyRealm);
- op.PrepareUnsolicitedAssertion(providerEndpoint, rpSite, Util.BuildIdentityUrl(), Util.BuildIdentityUrl()).Send();
+ var response = await op.PrepareUnsolicitedAssertionAsync(providerEndpoint, rpSite, Util.BuildIdentityUrl(), Util.BuildIdentityUrl());
+ await response.SendAsync();
+ this.Context.Response.End();
} catch (ProtocolException ex) {
Label errorLabel = (Label)this.loginView.FindControl("errorLabel");
errorLabel.Visible = true;
diff --git a/samples/OpenIdProviderWebForms/OpenIdProviderWebForms.csproj b/samples/OpenIdProviderWebForms/OpenIdProviderWebForms.csproj
index 176b8a6..1ff3f44 100644
--- a/samples/OpenIdProviderWebForms/OpenIdProviderWebForms.csproj
+++ b/samples/OpenIdProviderWebForms/OpenIdProviderWebForms.csproj
@@ -9,6 +9,7 @@
<IISExpressAnonymousAuthentication>disabled</IISExpressAnonymousAuthentication>
<IISExpressWindowsAuthentication>disabled</IISExpressWindowsAuthentication>
<IISExpressUseClassicPipelineMode>false</IISExpressUseClassicPipelineMode>
+ <SolutionDir Condition="$(SolutionDir) == '' Or $(SolutionDir) == '*Undefined*'">..\..\src\</SolutionDir>
</PropertyGroup>
<PropertyGroup>
<Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
@@ -21,7 +22,7 @@
<AppDesignerFolder>Properties</AppDesignerFolder>
<RootNamespace>OpenIdProviderWebForms</RootNamespace>
<AssemblyName>OpenIdProviderWebForms</AssemblyName>
- <TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
+ <TargetFrameworkVersion>v4.5</TargetFrameworkVersion>
<FileUpgradeFlags>
</FileUpgradeFlags>
<OldToolsVersion>4.0</OldToolsVersion>
@@ -60,14 +61,16 @@
<CodeAnalysisRuleSet>AllRules.ruleset</CodeAnalysisRuleSet>
</PropertyGroup>
<ItemGroup>
- <Reference Include="log4net, Version=1.2.10.0, Culture=neutral, PublicKeyToken=1b44e1d426115821, processorArchitecture=MSIL">
+ <Reference Include="log4net, Version=1.2.11.0, Culture=neutral, PublicKeyToken=669e0ddf0bb1aa2a, processorArchitecture=MSIL">
<SpecificVersion>False</SpecificVersion>
- <HintPath>..\..\lib\log4net.dll</HintPath>
+ <HintPath>..\..\src\packages\log4net.2.0.0\lib\net40-full\log4net.dll</HintPath>
</Reference>
<Reference Include="System" />
<Reference Include="System.Data" />
<Reference Include="System.Data.DataSetExtensions" />
<Reference Include="System.Drawing" />
+ <Reference Include="System.Net.Http" />
+ <Reference Include="System.Net.Http.WebRequest" />
<Reference Include="System.Web" />
<Reference Include="System.Web.DynamicData" />
<Reference Include="System.Web.Entity" />
@@ -194,6 +197,7 @@
</None>
<Content Include="images\DotNetOpenAuth.png" />
<Content Include="Provider.ashx" />
+ <Content Include="packages.config" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="..\..\src\DotNetOpenAuth.Core\DotNetOpenAuth.Core.csproj">
@@ -247,7 +251,7 @@
<VisualStudio>
<FlavorProperties GUID="{349c5851-65df-11da-9384-00065b846f21}">
<WebProjectProperties>
- <UseIIS>True</UseIIS>
+ <UseIIS>False</UseIIS>
<AutoAssignPort>False</AutoAssignPort>
<DevelopmentServerPort>4860</DevelopmentServerPort>
<DevelopmentServerVPath>/</DevelopmentServerVPath>
@@ -262,4 +266,5 @@
</VisualStudio>
</ProjectExtensions>
<Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.targets))\EnlistmentInfo.targets" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.targets))' != '' " />
+ <Import Project="$(SolutionDir)\.nuget\nuget.targets" />
</Project> \ No newline at end of file
diff --git a/samples/OpenIdProviderWebForms/ProfileFields.ascx.cs b/samples/OpenIdProviderWebForms/ProfileFields.ascx.cs
index 6954aa6..e27f794 100644
--- a/samples/OpenIdProviderWebForms/ProfileFields.ascx.cs
+++ b/samples/OpenIdProviderWebForms/ProfileFields.ascx.cs
@@ -25,15 +25,15 @@ namespace OpenIdProviderWebForms {
public DateTime? DateOfBirth {
get {
- try {
- int day = Convert.ToInt32(this.dobDayDropdownlist.SelectedValue);
- int month = Convert.ToInt32(this.dobMonthDropdownlist.SelectedValue);
- int year = Convert.ToInt32(this.dobYearDropdownlist.SelectedValue);
- DateTime newDate = new DateTime(year, month, day);
+ int day, month, year;
+ if (int.TryParse(this.dobDayDropdownlist.SelectedValue, out day)
+ && int.TryParse(this.dobMonthDropdownlist.SelectedValue, out month)
+ && int.TryParse(this.dobYearDropdownlist.SelectedValue, out year)) {
+ var newDate = new DateTime(year, month, day);
return newDate;
- } catch (Exception) {
- return null;
}
+
+ return null;
}
set {
diff --git a/samples/OpenIdProviderWebForms/Provider.ashx.cs b/samples/OpenIdProviderWebForms/Provider.ashx.cs
index f8fa4a3..7022d80 100644
--- a/samples/OpenIdProviderWebForms/Provider.ashx.cs
+++ b/samples/OpenIdProviderWebForms/Provider.ashx.cs
@@ -1,7 +1,13 @@
namespace OpenIdProviderWebForms {
+ using System;
+ using System.Threading;
+ using System.Threading.Tasks;
using System.Web;
using System.Web.SessionState;
+ using DotNetOpenAuth.ApplicationBlock;
+ using DotNetOpenAuth.Messaging;
using DotNetOpenAuth.OpenId.Provider;
+ using OpenIdProviderWebForms.Code;
/// <summary>
/// A fast OpenID message handler that responds to OpenID messages
@@ -12,13 +18,14 @@
/// control to reduce the amount of source code in the web site. A typical Provider
/// site will have EITHER this .ashx handler OR the .aspx page -- NOT both.
/// </remarks>
- public class Provider : IHttpHandler, IRequiresSessionState {
- public bool IsReusable {
+ public class Provider : HttpAsyncHandlerBase, IRequiresSessionState {
+ public override bool IsReusable {
get { return true; }
}
- public void ProcessRequest(HttpContext context) {
- IRequest request = ProviderEndpoint.Provider.GetRequest();
+ protected override async Task ProcessRequestAsync(HttpContext context) {
+ var providerEndpoint = new ProviderEndpoint();
+ IRequest request = await providerEndpoint.Provider.GetRequestAsync(new HttpRequestWrapper(context.Request), context.Response.ClientDisconnectedToken);
if (request != null) {
// Some OpenID requests are automatable and can be responded to immediately.
// But authentication requests cannot be responded to until something on
@@ -51,10 +58,12 @@
// We DON'T use ProviderEndpoint.SendResponse because
// that only sends responses to requests in PendingAuthenticationRequest,
// but we don't set that for associate and other non-checkid requests.
- ProviderEndpoint.Provider.Respond(request);
+ var response = await providerEndpoint.Provider.PrepareResponseAsync(request, context.Response.ClientDisconnectedToken);
// Make sure that any PendingAuthenticationRequest that MAY be set is cleared.
ProviderEndpoint.PendingRequest = null;
+
+ await response.SendAsync(new HttpContextWrapper(context));
}
}
}
diff --git a/samples/OpenIdProviderWebForms/Web.config b/samples/OpenIdProviderWebForms/Web.config
index efed107..c028df1 100644
--- a/samples/OpenIdProviderWebForms/Web.config
+++ b/samples/OpenIdProviderWebForms/Web.config
@@ -58,20 +58,19 @@
<appSettings>
<!-- Get your own Yubico API key here: https://upgrade.yubico.com/getapikey/ -->
<add key="YubicoAPIKey" value="3961"/>
+
+ <add key="ValidationSettings:UnobtrusiveValidationMode" value="None" />
</appSettings>
<system.web>
+ <httpRuntime targetFramework="4.5" />
<!--
Set compilation debug="true" to insert debugging
symbols into the compiled page. Because this
affects performance, set this value to true only
during development.
-->
- <compilation debug="true" targetFramework="4.0">
- <assemblies>
- <remove assembly="DotNetOpenAuth.Contracts"/>
- </assemblies>
- </compilation>
+ <compilation debug="true" targetFramework="4.0" />
<sessionState mode="InProc" cookieless="false"/>
<membership defaultProvider="AspNetReadOnlyXmlMembershipProvider">
<providers>
@@ -90,7 +89,7 @@
Medium: doesn't work unless originUrl=".*" or WebPermission.Connect is extended, and Google Apps doesn't work.
Low: doesn't work because WebPermission.Connect is denied.
-->
- <trust level="Medium" originUrl=".*"/>
+ <trust level="Full" originUrl=".*"/>
<pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID"/>
</system.web>
<location path="decide.aspx">
diff --git a/samples/OpenIdProviderWebForms/access_token.ashx.cs b/samples/OpenIdProviderWebForms/access_token.ashx.cs
index 1e3d27c..8dccc3f 100644
--- a/samples/OpenIdProviderWebForms/access_token.ashx.cs
+++ b/samples/OpenIdProviderWebForms/access_token.ashx.cs
@@ -2,22 +2,31 @@
using System;
using System.Collections.Generic;
using System.Linq;
+ using System.Threading;
+ using System.Threading.Tasks;
using System.Web;
using System.Web.Services;
+ using DotNetOpenAuth.ApplicationBlock;
+ using DotNetOpenAuth.Messaging;
using DotNetOpenAuth.OAuth;
using OpenIdProviderWebForms.Code;
[WebService(Namespace = "http://tempuri.org/")]
[WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
- public class access_token : IHttpHandler {
- public bool IsReusable {
+ public class access_token : HttpAsyncHandlerBase {
+ public override bool IsReusable {
get { return true; }
}
- public void ProcessRequest(HttpContext context) {
- var request = OAuthHybrid.ServiceProvider.ReadAccessTokenRequest();
+ protected override async Task ProcessRequestAsync(HttpContext context) {
+ var request = await OAuthHybrid.ServiceProvider.ReadAccessTokenRequestAsync(
+ new HttpRequestWrapper(context.Request),
+ context.Response.ClientDisconnectedToken);
var response = OAuthHybrid.ServiceProvider.PrepareAccessTokenMessage(request);
- OAuthHybrid.ServiceProvider.Channel.Respond(response);
+ var httpResponseMessage = await OAuthHybrid.ServiceProvider.Channel.PrepareResponseAsync(
+ response,
+ context.Response.ClientDisconnectedToken);
+ await httpResponseMessage.SendAsync();
}
}
}
diff --git a/samples/OpenIdProviderWebForms/decide.aspx b/samples/OpenIdProviderWebForms/decide.aspx
index d63364e..ddae8e7 100644
--- a/samples/OpenIdProviderWebForms/decide.aspx
+++ b/samples/OpenIdProviderWebForms/decide.aspx
@@ -1,5 +1,5 @@
<%@ Page Language="C#" AutoEventWireup="true" Inherits="OpenIdProviderWebForms.decide"
- CodeBehind="decide.aspx.cs" MasterPageFile="~/Site.Master" %>
+ CodeBehind="decide.aspx.cs" MasterPageFile="~/Site.Master" Async="true" EnableSessionState="true" %>
<%@ Register Src="ProfileFields.ascx" TagName="ProfileFields" TagPrefix="uc1" %>
<asp:Content runat="server" ContentPlaceHolderID="Main">
diff --git a/samples/OpenIdProviderWebForms/decide.aspx.cs b/samples/OpenIdProviderWebForms/decide.aspx.cs
index 8c8f927..00bdb6d 100644
--- a/samples/OpenIdProviderWebForms/decide.aspx.cs
+++ b/samples/OpenIdProviderWebForms/decide.aspx.cs
@@ -1,8 +1,10 @@
namespace OpenIdProviderWebForms {
using System;
using System.Diagnostics;
+ using System.Net;
using System.Web.Security;
using System.Web.UI;
+ using DotNetOpenAuth.Messaging;
using DotNetOpenAuth.OpenId.Extensions.ProviderAuthenticationPolicy;
using DotNetOpenAuth.OpenId.Extensions.SimpleRegistration;
using DotNetOpenAuth.OpenId.Provider;
@@ -13,102 +15,127 @@ namespace OpenIdProviderWebForms {
/// </summary>
public partial class decide : Page {
protected void Page_Load(object src, EventArgs e) {
- if (ProviderEndpoint.PendingRequest == null) {
- Response.Redirect("~/");
- }
-
- this.relyingPartyVerificationResultLabel.Text =
- ProviderEndpoint.PendingRequest.IsReturnUrlDiscoverable(ProviderEndpoint.Provider.Channel.WebRequestHandler) == RelyingPartyDiscoveryResult.Success ? "passed" : "failed";
+ this.RegisterAsyncTask(new PageAsyncTask(async ct => {
+ if (ProviderEndpoint.PendingRequest == null) {
+ // Response.Redirect(string) throws ThreadInterruptedException, and "async void Page_Load" doesn't properly catch it.
+ this.Response.RedirectLocation = "/";
+ this.Response.StatusCode = (int)HttpStatusCode.Redirect;
+ this.Context.ApplicationInstance.CompleteRequest();
+ return;
+ }
- this.realmLabel.Text = ProviderEndpoint.PendingRequest.Realm.ToString();
+ this.relyingPartyVerificationResultLabel.Text =
+ await ProviderEndpoint.PendingRequest.IsReturnUrlDiscoverableAsync() == RelyingPartyDiscoveryResult.Success ? "passed" : "failed";
- var oauthRequest = OAuthHybrid.ServiceProvider.ReadAuthorizationRequest(ProviderEndpoint.PendingRequest);
- if (oauthRequest != null) {
- this.OAuthPanel.Visible = true;
- }
+ this.realmLabel.Text = ProviderEndpoint.PendingRequest.Realm.ToString();
- if (ProviderEndpoint.PendingAuthenticationRequest != null) {
- if (ProviderEndpoint.PendingAuthenticationRequest.IsDirectedIdentity) {
- ProviderEndpoint.PendingAuthenticationRequest.LocalIdentifier = Code.Util.BuildIdentityUrl();
+ var oauthRequest = OAuthHybrid.ServiceProvider.ReadAuthorizationRequest(ProviderEndpoint.PendingRequest);
+ if (oauthRequest != null) {
+ this.OAuthPanel.Visible = true;
}
- this.identityUrlLabel.Text = ProviderEndpoint.PendingAuthenticationRequest.LocalIdentifier.ToString();
- // check that the logged in user is the same as the user requesting authentication to the consumer. If not, then log them out.
- if (!string.Equals(User.Identity.Name, Code.Util.ExtractUserName(ProviderEndpoint.PendingAuthenticationRequest.LocalIdentifier), StringComparison.OrdinalIgnoreCase)) {
- FormsAuthentication.SignOut();
- Response.Redirect(Request.Url.AbsoluteUri);
+ if (ProviderEndpoint.PendingAuthenticationRequest != null) {
+ if (ProviderEndpoint.PendingAuthenticationRequest.IsDirectedIdentity) {
+ ProviderEndpoint.PendingAuthenticationRequest.LocalIdentifier = Code.Util.BuildIdentityUrl();
+ }
+ this.identityUrlLabel.Text = ProviderEndpoint.PendingAuthenticationRequest.LocalIdentifier.ToString();
+
+ // check that the logged in user is the same as the user requesting authentication to the consumer. If not, then log them out.
+ if (!string.Equals(User.Identity.Name, Code.Util.ExtractUserName(ProviderEndpoint.PendingAuthenticationRequest.LocalIdentifier), StringComparison.OrdinalIgnoreCase)) {
+ FormsAuthentication.SignOut();
+ Response.Redirect(Request.Url.AbsoluteUri);
+ }
+ } else {
+ this.identityUrlLabel.Text = "(not applicable)";
+ this.siteRequestLabel.Text = "A site has asked for information about you.";
}
- } else {
- this.identityUrlLabel.Text = "(not applicable)";
- this.siteRequestLabel.Text = "A site has asked for information about you.";
- }
-
- // if simple registration fields were used, then prompt the user for them
- var requestedFields = ProviderEndpoint.PendingRequest.GetExtension<ClaimsRequest>();
- if (requestedFields != null) {
- this.profileFields.Visible = true;
- this.profileFields.SetRequiredFieldsFromRequest(requestedFields);
- if (!IsPostBack) {
- var sregResponse = requestedFields.CreateResponse();
-
- // We MAY not have an entry for this user if they used Yubikey to log in.
- MembershipUser user = Membership.GetUser();
- if (user != null) {
- sregResponse.Email = Membership.GetUser().Email;
+
+ // if simple registration fields were used, then prompt the user for them
+ var requestedFields = ProviderEndpoint.PendingRequest.GetExtension<ClaimsRequest>();
+ if (requestedFields != null) {
+ this.profileFields.Visible = true;
+ this.profileFields.SetRequiredFieldsFromRequest(requestedFields);
+ if (!IsPostBack) {
+ var sregResponse = requestedFields.CreateResponse();
+
+ // We MAY not have an entry for this user if they used Yubikey to log in.
+ MembershipUser user = Membership.GetUser();
+ if (user != null) {
+ sregResponse.Email = Membership.GetUser().Email;
+ }
+ this.profileFields.SetOpenIdProfileFields(sregResponse);
}
- this.profileFields.SetOpenIdProfileFields(sregResponse);
}
- }
+ }));
}
protected void Yes_Click(object sender, EventArgs e) {
- if (!Page.IsValid) {
- return;
- }
-
- if (this.OAuthPanel.Visible) {
- string grantedScope = null;
- if (this.oauthPermission.Checked) {
- // This SIMPLE sample merely uses the realm as the consumerKey,
- // but in a real app this will probably involve a database lookup to translate
- // the realm to a known consumerKey.
- grantedScope = string.Empty; // we don't scope individual access rights on this sample
- }
+ this.RegisterAsyncTask(
+ new PageAsyncTask(
+ async ct => {
+ if (!Page.IsValid || ProviderEndpoint.PendingRequest == null) {
+ return;
+ }
+
+ if (this.OAuthPanel.Visible) {
+ string grantedScope = null;
+ if (this.oauthPermission.Checked) {
+ // This SIMPLE sample merely uses the realm as the consumerKey,
+ // but in a real app this will probably involve a database lookup to translate
+ // the realm to a known consumerKey.
+ grantedScope = string.Empty; // we don't scope individual access rights on this sample
+ }
+
+ OAuthHybrid.ServiceProvider.AttachAuthorizationResponse(ProviderEndpoint.PendingRequest, grantedScope);
+ }
- OAuthHybrid.ServiceProvider.AttachAuthorizationResponse(ProviderEndpoint.PendingRequest, grantedScope);
- }
-
- var sregRequest = ProviderEndpoint.PendingRequest.GetExtension<ClaimsRequest>();
- ClaimsResponse sregResponse = null;
- if (sregRequest != null) {
- sregResponse = this.profileFields.GetOpenIdProfileFields(sregRequest);
- ProviderEndpoint.PendingRequest.AddResponseExtension(sregResponse);
- }
- var papeRequest = ProviderEndpoint.PendingRequest.GetExtension<PolicyRequest>();
- PolicyResponse papeResponse = null;
- if (papeRequest != null) {
- papeResponse = new PolicyResponse();
- papeResponse.NistAssuranceLevel = NistAssuranceLevel.InsufficientForLevel1;
- ProviderEndpoint.PendingRequest.AddResponseExtension(papeResponse);
- }
-
- if (ProviderEndpoint.PendingAuthenticationRequest != null) {
- ProviderEndpoint.PendingAuthenticationRequest.IsAuthenticated = true;
- } else {
- ProviderEndpoint.PendingAnonymousRequest.IsApproved = true;
- }
- Debug.Assert(ProviderEndpoint.PendingRequest.IsResponseReady, "Setting authentication should be all that's necessary.");
- ProviderEndpoint.SendResponse();
+ var sregRequest = ProviderEndpoint.PendingRequest.GetExtension<ClaimsRequest>();
+ ClaimsResponse sregResponse = null;
+ if (sregRequest != null) {
+ sregResponse = this.profileFields.GetOpenIdProfileFields(sregRequest);
+ ProviderEndpoint.PendingRequest.AddResponseExtension(sregResponse);
+ }
+ var papeRequest = ProviderEndpoint.PendingRequest.GetExtension<PolicyRequest>();
+ PolicyResponse papeResponse = null;
+ if (papeRequest != null) {
+ papeResponse = new PolicyResponse();
+ papeResponse.NistAssuranceLevel = NistAssuranceLevel.InsufficientForLevel1;
+ ProviderEndpoint.PendingRequest.AddResponseExtension(papeResponse);
+ }
+
+ if (ProviderEndpoint.PendingAuthenticationRequest != null) {
+ ProviderEndpoint.PendingAuthenticationRequest.IsAuthenticated = true;
+ } else {
+ ProviderEndpoint.PendingAnonymousRequest.IsApproved = true;
+ }
+ Debug.Assert(
+ ProviderEndpoint.PendingRequest.IsResponseReady, "Setting authentication should be all that's necessary.");
+
+ var provider = new ProviderEndpoint();
+ var response = await provider.PrepareResponseAsync();
+ await response.SendAsync();
+ }));
}
protected void No_Click(object sender, EventArgs e) {
- if (ProviderEndpoint.PendingAuthenticationRequest != null) {
- ProviderEndpoint.PendingAuthenticationRequest.IsAuthenticated = false;
- } else {
- ProviderEndpoint.PendingAnonymousRequest.IsApproved = false;
- }
- Debug.Assert(ProviderEndpoint.PendingRequest.IsResponseReady, "Setting authentication should be all that's necessary.");
- ProviderEndpoint.SendResponse();
+ this.RegisterAsyncTask(
+ new PageAsyncTask(
+ async ct => {
+ if (ProviderEndpoint.PendingRequest == null) {
+ return;
+ }
+
+ if (ProviderEndpoint.PendingAuthenticationRequest != null) {
+ ProviderEndpoint.PendingAuthenticationRequest.IsAuthenticated = false;
+ } else {
+ ProviderEndpoint.PendingAnonymousRequest.IsApproved = false;
+ }
+ Debug.Assert(
+ ProviderEndpoint.PendingRequest.IsResponseReady, "Setting authentication should be all that's necessary.");
+ var provider = new ProviderEndpoint();
+ var response = await provider.PrepareResponseAsync();
+ await response.SendAsync();
+ }));
}
}
} \ No newline at end of file
diff --git a/samples/OpenIdProviderWebForms/decide.aspx.designer.cs b/samples/OpenIdProviderWebForms/decide.aspx.designer.cs
index 3aa6271..f40323c 100644
--- a/samples/OpenIdProviderWebForms/decide.aspx.designer.cs
+++ b/samples/OpenIdProviderWebForms/decide.aspx.designer.cs
@@ -1,10 +1,9 @@
//------------------------------------------------------------------------------
// <auto-generated>
// This code was generated by a tool.
-// Runtime Version:2.0.50727.4918
//
// Changes to this file may cause incorrect behavior and will be lost if
-// the code is regenerated.
+// the code is regenerated.
// </auto-generated>
//------------------------------------------------------------------------------
diff --git a/samples/OpenIdProviderWebForms/packages.config b/samples/OpenIdProviderWebForms/packages.config
new file mode 100644
index 0000000..8e40260
--- /dev/null
+++ b/samples/OpenIdProviderWebForms/packages.config
@@ -0,0 +1,5 @@
+<?xml version="1.0" encoding="utf-8"?>
+<packages>
+ <package id="log4net" version="2.0.0" targetFramework="net45" />
+ <package id="Microsoft.Net.Http" version="2.0.20710.0" targetFramework="net45" />
+</packages> \ No newline at end of file
diff --git a/samples/OpenIdProviderWebForms/server.aspx b/samples/OpenIdProviderWebForms/server.aspx
index 101aeee..946f044 100644
--- a/samples/OpenIdProviderWebForms/server.aspx
+++ b/samples/OpenIdProviderWebForms/server.aspx
@@ -1,4 +1,4 @@
-<%@ Page Language="C#" AutoEventWireup="true" Inherits="OpenIdProviderWebForms.server" CodeBehind="server.aspx.cs" ValidateRequest="false" %>
+<%@ Page Language="C#" AutoEventWireup="true" Inherits="OpenIdProviderWebForms.server" CodeBehind="server.aspx.cs" ValidateRequest="false" Async="true" EnableSessionState="true" %>
<%@ Register Assembly="DotNetOpenAuth.OpenId.Provider.UI" Namespace="DotNetOpenAuth.OpenId.Provider" TagPrefix="openid" %>
<html>
diff --git a/samples/OpenIdProviderWebForms/server.aspx.cs b/samples/OpenIdProviderWebForms/server.aspx.cs
index 89e14f4..e613192 100644
--- a/samples/OpenIdProviderWebForms/server.aspx.cs
+++ b/samples/OpenIdProviderWebForms/server.aspx.cs
@@ -7,15 +7,27 @@ namespace OpenIdProviderWebForms {
/// This page is responsible for handling all open-id compliant requests.
/// </summary>
public partial class server : System.Web.UI.Page {
- protected void Page_Load(object src, System.EventArgs evt) {
+ protected void Page_Load(object src, EventArgs evt) {
this.serverEndpointUrl.Text = Request.Url.ToString();
}
protected void provider_AuthenticationChallenge(object sender, AuthenticationChallengeEventArgs e) {
+ // We store the request in the user's session so that
+ // redirects and user prompts can appear and eventually some page can decide
+ // to respond to the OpenID authentication request either affirmatively or
+ // negatively.
+ ProviderEndpoint.PendingRequest = e.Request;
+
Code.Util.ProcessAuthenticationChallenge(e.Request);
}
protected void provider_AnonymousRequest(object sender, AnonymousRequestEventArgs e) {
+ // We store the request in the user's session so that
+ // redirects and user prompts can appear and eventually some page can decide
+ // to respond to the OpenID authentication request either affirmatively or
+ // negatively.
+ ProviderEndpoint.PendingRequest = e.Request;
+
Code.Util.ProcessAnonymousRequest(e.Request);
}
}
generated by cgit v1.1 at 2025-05-28 01:19:16 +0000